6/23/2015 Prof. Ehud Gudes Security Ch 1 1 Chapter 1 (Cont.) [SB] chapters 1,13,14,15,16,17,1 Articles J1,J2.

04/18/23Prof. Ehud Gudes Security

Ch 1 1

Chapter 1 (Cont.)

[SB ]chapters 1,13,14,15,16,17,1Articles J1,J2

Prof. Ehud Gudes Security Ch 1

Legal and Ethical Aspects

Patents, Copy-rights, Trade-secretsCopyrights notices, Stenography Employee rights and Computer crime lawsRegulations on Cryptographic methodsEthical codes, Privacy laws


Copy-rights

Designed to protect ideas and creativityIntellectual propertyOriginality of workRegistration - Copyrights notices,

StenographyProof of infringement

Copyrightprotects tangible or fixed expression of an

idea but not the idea itselfis automatically assigned when createdmay need to be registered in some countriesexists when:

proposed work is originalcreator has put original idea in concrete forme.g. literary works, musical works, dramatic

works, pantomimes and choreographic works, pictorial, graphic, and sculptural works, motion pictures and other audiovisual works, sound recordings, architectural works, software-related works.

Copyright Rights

copyright owner has these exclusive rights, protected against infringement:reproduction rightmodification rightdistribution rightpublic-performance rightpublic-display right


Patents

No laws of natureCan protect a new and useful process,

machine, composition of material – Today also a program or an algorithm (a

detailed one!) Novelty required Registration (location?)Time expiration

Patentsgrant a property right to the inventor

to exclude others from making, using, offering for sale, or selling the invention

types:utility - any new and useful process, machine,

article of manufacture, or composition of matterdesign - new, original, and ornamental design

for an article of manufactureplant - discovers and asexually reproduces any

distinct and new variety of plant

e.g. RSA public-key cryptosystem patent

Trademarks

a word, name, symbol, or device used in trade with goodsindicate source of goods to distinguish them from goods of others

trademark rights may be used to:prevent others from using a confusingly similar

markbut not to prevent others from making the

same goods or from selling the same goods or services under a clearly different mark

04/18/23 9

Comparing Copyright, Patent, and Trade Secret Protection

CopyrightPatentTrade Secret

ProtectsExpression of idea, not idea itself

Invention: the way something works

A secret, competitive advantage

Protected object made public

Yes; intention is to promote publication

Design filed at patent office

No

Requirement to Distribute

YesNoNo

Ease of filingVery easy, do-it-yourself

Very complicated; Specialist lawyer suggested

No filing

DurationLife of human originator or 75 years for a company

19 yearsIndefinite

Legal protectionSue if copy soldSue if invention copied

Sue if secret improperly obtained

Intellectual Property Issues and Computer Security

software programsprotect using copyright, perhaps patent

database content and arrangementprotect using copyright

digital content audio / video / media / webprotect using copyright

algorithmsmay be able to protect by patenting

Digital Rights Management (DRM)

systems and procedures ensuring digital rights holders are clearly identified and receive stipulated payment for their worksmay impose further restrictions on their use

no single DRM standard or architecturegoal often to provide mechanisms for the

complete content management lifecycleA major problem today: protection of

Movies, Music, etc. on the Internet - DRM

DRM System Architecture


Rights and Obligations of Employees

Ownership of new products, IPUse of company resourcesProtecting company secretsEthics code

Ethical Question Examples

whistle-blowerwhen professional ethical duty conflicts

with loyalty to employere.g. inadequately tested software

productorganizations and professional societies

should provide alternative mechanisms

potential conflict of intereste.g. consultant has financial interest in

vendor which should be revealed to client

Security in Hiring Process

objective: “to ensure that employees, contractors and third

party users understand their responsibilities, and are suitable for the roles they are considered for, and to reduce the risk of theft, fraud or misuse of facilities”

need appropriate background checks, screening, and employment agreements

Background Checks & Screeningissues:

inflated resumesreticence of former employers to give good or

bad references due to fear of lawsuits

employers do need to make significant effort to do background checks / screeningget detailed employment / education historyreasonable checks on accuracy of detailshave experienced staff members interview

for some sensitive positions, additional intensive investigation is warranted

Employment Agreements

employees should agree to and sign the terms and conditions of their employment contract, which should include:information on their and the organization’s

security responsibilitiesconfidentiality and non-disclosure agreementagreement to abide by organization's security

policy

During Employmentcurrent employee security objectives:

ensure employees, contractors, third party users are aware of info security threats & concerns

know their responsibilities and liabilitiesare equipped to support organizational security

policy in their work, and reduce human error risks

need security policy and trainingsecurity principles:

least privilegeseparation of dutieslimited reliance on key personnel

Termination of Employmenttermination security objectives:

ensure employees, contractors, third party users exit organization or change employment in an orderly manner

that the return of all equipment and the removal of all access rights are completed

critical actions:remove name from authorized access listinform guards that general access not allowedremove personal access codes, change lock

combinations, reprogram access card systems, etc

recover all assets

Email & Internet Use Policies

E-mail & Internet access for employees is common in office and some factories

increasingly have e-mail and Internet use policies in organization's security policy

due to concerns regardingwork time lostcomputer / comms resources consumedrisk of importing malwarepossibility of harm, harassment, bad conduct


Ch 1 21

Legal Issues - Colorado Computer Crime Bill

18-5.5-102. Computer crime.1. Any person who knowingly uses any computer, computer system,

computer network, or any part thereof for the purpose of: devising or executing any scheme or artifice to defraud, obtaining money, property, or services by means of false or fraudulent pretenses, representations, or promises, or committing theft, commits computer crime.

2. Any person who knowingly and without authorization uses, alters, damages, or destroys any computer, computer system, or computer network described in section 18-5.5-101 or any computer software, program, documentation, or data contained in such computer, computer system, or computer network commits computer crime.

3. If the loss, damage or thing of value taken in violation of this section is less then fifty dollars, computer crime is a class 3 misdemeanor; if fifty dollars or more, but less then two hundred dollars, computer crime is a class 2 misdemeanor; if two hundred dollars or more but less then ten thousand dollars, computer crime is class 4 felony; if ten thousand dollars or more, computer crime is a class 3 felony.

Codes of Conduct see ACM, IEEE and AITP codes place emphasis on responsibility other

people have some common themes:

1. dignity and worth of other people2. personal integrity and honesty3. responsibility for work4. confidentiality of information5. public safety, health, and welfare6. participation in professional societies to

improve standards of the profession7. the notion that public knowledge and access

to technology is equivalent to social power


IEEE Code of Ethics

We, the members of IEEE, in recognition of the importance of our technologies in affecting the quality of life throughout the world, and in accepting a personal obligation to our profession, its members, and the communities we serve, do hereby commit ourselves to conduct of the highest ethical and professional manner and agree

1. To accept responsibility in making engineering decisions consistent with the safety, health, and welfare of the public, and to disclose promptly factors that might endanger the public or the environment;

2. To avoid real or perceived conflicts of interest whenever possible, and to disclose them to affected parties when they do exist;

3. To be honest and realistic in stating claims or estimates based on available data;4. To reject bribery in all of its forms;5. To improve understanding of technology, its appropriate application, and potential

consequences;6. To maintain and improve our technical competence and to undertake technological tasks

for others only if qualified by training and experience, or after full disclosure of pertinent limitations;

7. To seek, accept, and offer honest criticism of technical work, to acknowledge and correct errors, and to credit properly the contributions of others;

8. To treat fairly all persons regardless of such factors as race, religion, gender, disability, age, or national origin;

9. To avoid injuring others, their property, reputation, or employment by false or malicious action;

10. To assist colleagues and coworkers in their professional development and to support them in following this code of ethics.


Cryptographic laws

What is in the public domain? The DES, RSA debates

Export control – NCR96 report (DES of up to 56 bits…), today 1024 bits key?

Key-escrow and Clipper debate


Privacy - Principles of the Privacy Act

No secret Databases - RegistrationReview - Individuals must be able to find what

information is maintained about themCorrectness - Individuals must be able to

correct this informationMisuse - Info. Obtained for one purpose must

not be used for another purpose without the individual’s consent

Security - the organization maintaining the info. must enforce appropriate security controls

EU Privacy Law

European Union Data Protection Directive was adopted in 1998 to:ensure member states protect

fundamental privacy rights when processing personal info

prevent member states from restricting the free flow of personal info within EU

organized around principles of:notice, consent, consistency, access,

security, onward transfer, enforcement

US Privacy Law

have Privacy Act of 1974 which:permits individuals to determine records keptpermits individuals to forbid records being

used for other purposes permits individuals to obtain access to recordsensures agencies properly collect, maintain,

and use personal info creates a private right of action for individuals

also have a range of other privacy laws


Privacy Issues and the Internet

Browsing as Anonymous (LPWA, CROWDS)

Preventing undesirable (spam) electronic mail

Preventing illegal use of Cookies

Use of electronic cash

Protecting credit-cards by protocols such as: SSL or SET

04/18/23 29

Platform for Privacy Preferences Project (P3P)

Developed by the World Wide Web Consortium (W3C) Final P3P1.0 Recommendation

issued 16 April 2002Allows web sites to

communicate about their privacy policies in a standard computer-readable format Does not require web sites to

change their server softwareEnables the development of

tools (built into browsers or separate applications) that Summarize privacy policies Compare privacy policies with

user preferences Alert and advise users

P3P helps users understand privacy policies P3P increases transparency,

but it does not set baseline standards or enforce policies

P3P user agent software available (as of July 2002) Microsoft Internet Explorer 6 Netscape Navigator 7 AT&T Privacy Bird

http://privacybird.com/

For more information http://www.w3.org/P3P/ http://p3ptoolbox.org/ Web Privacy with P3P

by Lorrie Faith Cranorhttp://p3pbook.com/


Standards

Orange BookITSECEDI, EDIFACTX509, CORBADES , AESPrivacy laws


Ch 1 31

IETFה-

-הInternet Engineering Task Forceועדת תקינה שמתכנסת שלוש פעמים בשנה-הIETF מחולק לקבוצות עבודה )Working

groups( לכל קבוצת עבודה מוקצות מספר .משימות.

קבוצות העבודה מציעות פרוטוקולים במטרהלהפוך אותם לתקן


Ch 1 32

תהליך ההפיכה לתקן

מירב עבודתן של ועדות התקינה נעשה דרךmailing lists

קבוצת העבודה (או אנשים פרטיים) רשאיםלהציע פרוטוקול

הפרוטוקול המוצע נכתב במסמך שנקרא internet-draft


Ch 1 33

תהליך ההפיכה לתקן )המשך(

-קבוצת העבודה מציעה תיקונים בdraft לאחר ., working group last call עובר draftשה-

– RFC(ואישור של ראשי התחומים הוא הופך ל-Request For Comments(

RFC הופך לתקן, כאשר קיימים שלושה ומתקשרים RFCמימושים שונים שממשים את ה-

)Interoperable(בינהם


Ch 1 34

חלק מהפרוטוקולים שנלמד הסמסטר הפכו במהלך השנה האחרונה. חלקם עדיין RFCsל-

Internet drafts ניתן למצוא את כל תוצריה של קבוצת העבודה

ב-IPSecשל http://www.ietf.org/html.charters/ipsec-

charter.html

תהליך ההפיכה לתקן )המשך(


Ch 1 35

System Security - Design Principles

Hard negative problem: show there is no way to get unauthorized access

No definitive way, but these techniques help:Economy of MechanismFail-safe DefaultsComplete MediationOpen DesignSeparation of PrivilegeLeast PrivilegeLeast Common MechanismPsychological Acceptability


Ch 2 36

Economy of Mechanism

Complexity -> many paths to accessSome lead to unauthorized accessComplexity means they won’t be noticed

Thus keep design as simple as possible*May enable formal verification of correctnessCertainly enables other forms of assuranceDefinitely reduces debugging costs

*The KISS technique: Keep It Simple, Stupid


Ch 1 37

Complete Mediation

Every access to every object must be checked

Access control in every aspect of operation, includinginitialization, recovery, shutdown, maintenance

Requires fool-proof method of authenticating source of all requests

Optimizations based on “remembering” access checks are suspectThink about what “remember password”

means


Ch 1 38

Open Design

Design should not be secretdepending on secret design is like depending

on an unchangeable passwordonce design secret leaks, security is lost

Public review discovers flawsPublic source allows users to verify

security to their own satisfactionOpen SourceTM allows people to fix &

propagate solutions without waiting for vendor


Ch 1 39

Separation of Privilege

Don’t grant permission based on a single condition 2 keys are better than one: One mistake doesn’t blow it

all Multiple keys is similar to replication for fault-tolerance

Example: Gaining root access in some Unix products requires two conditions to be metUser knows root passwordUser belongs to a specific group of root users


Ch 1 40

Least Privilege

Users and programs should run with the least privilege necessary to do the jobLimits potential damage when faults

occurMinimizes # of interactions among

privileged programs, reducing # of access paths


Ch 1 41

Least Common Mechanism

Minimize implementation shared among principals Shared implementation is a potential information flow

channel Shared implementation must be verified to satisfy all

users

Example: Implement a new function as a procedure to be shared by all users, oras a library routine, effectively making it

individual to the user.


Ch 1 42

Psychological Acceptability

Security mechanisms must be easy to use, or will be circumventedPreferably automatically used

Preferably mechanisms should match user’s view of their protection goalsIf user must translate goals, will likely

make mistakesDifficult, because users views are rarely

an accurate reflection of users needs


Ch 1 43

Compromise Recording

If you can’t reliably prevent intrusion, try to reliably detect and record intrusion, e.g.unbreakable lock on weak cabinet: next

legitimate user can detect intrusion because cabinet will be damaged

unalterable time-stamp on files

Problem: Can successful attack alter logs?


Ch 1 44

Technical Underpinnings

... or “So how do you do all that?”Bottom-up study:

Study example systems, look for insightsSuitable to a problem that still uses ad hoc

solutions; no generalized theory availableTrue in 1975, still true in 2011…

6/23/2015 Prof. Ehud Gudes Security Ch 1 1 Chapter 1 (Cont.) [SB] chapters 1,13,14,15,16,17,1 Articles J1,J2.

Documents