CS 307 Lecture 1

8/6/2019 CS 307 Lecture 1

1/34

3/15/2011 CIVE-UDOM 1

CS 307: Introduction toInformation Assurance

Lecture 1

8/6/2019 CS 307 Lecture 1

2/34

3/15/2011 CIVE-UDOM 2

What is Information Assurance?

According to the U.S. Department of Defense, IAinvolves:

Actions taken that protect and defend information andinformation systems by ensuring their availability,integrity, authentication, confidentiality and non-repudiation. This includes providing for restoration of

information systems by incorporating protection,detection and reaction capabilities.

Information Assurance(IA) is the study of how to protectyour information assets from destruction, degradation,

manipulation and exploitation. But also, how to recovershould any of those happen.

Notice that it is both proactive and reactive.

8/6/2019 CS 307 Lecture 1

3/34

3/15/2011 CIVE-UDOM 3

What is IA? (cont)

According to the DoD definition, these are some aspects ofinformation needing protection:

Availability: timely, reliable access to data and information servicesfor authorized users; Integrity: protection against unauthorized modification or destruction

of information; Confidentiality: assurance that information is not disclosed to

unauthorized persons; Authentication: security measures to establish the validity of a

transmission, message, or originator. i.e the assurance that thecommunicating entity is the one that it claims to be.

Non-repudiation: assurance that the sender is provided with proof ofa data delivery and recipient is provided with proof of the sendersidentity, so that neither can later deny having processed the data.

8/6/2019 CS 307 Lecture 1

4/34

8/6/2019 CS 307 Lecture 1

5/34

3/15/2011 CIVE-UDOM 5

Four Security Domains

Physical securityrefers to the protection of hardware,software, and data against physical threats to reduce or

prevent disruptions to operations and services and lossof assets.

Personnel securityis a variety of ongoing measures

taken to reduce the likelihood and severity of accidentaland intentional alteration, destruction, misappropriation,misuse, misconfiguration, unauthorized distribution, andunavailability of an organizations logical and physical

assets, as the result of action or inaction by insiders andknown outsiders, such as business partners.

8/6/2019 CS 307 Lecture 1

6/34

3/15/2011 CIVE-UDOM 6

Four Security Domains

IT securityis the inherent technical features and functionsthat collectively contribute to an IT infrastructure achievingand sustaining confidentiality, integrity, availability,

accountability, authenticity, and reliability. Operational securityinvolves the implementation of

standard operational security procedures that define thenature and frequency of the interaction between users,systems, and system resources, the purpose of which is to: achieve and sustain a known secure system state at all times, and

prevent accidental or intentional theft, release, destruction,

alteration, misuse, or sabotage of system resources.

8/6/2019 CS 307 Lecture 1

7/34

3/15/2011 CIVE-UDOM 7

Information Assurance Model

8/6/2019 CS 307 Lecture 1

8/34

3/15/2011 CIVE-UDOM 8

Security Services

(What is protected) Availability

Data When You Need It

Integrity Data is unchanged (how you left it)

Authentication

Verifying who is trying to see the data Confidentiality

Only the authorized people see the data

Non-Repudiation Cant say it wasnt you (sending, receiving or accessing)

8/6/2019 CS 307 Lecture 1

9/34

3/15/2011 CIVE-UDOM 9

Security Countermeasures

(How it is protected)

Technology

Policy and Practice People

8/6/2019 CS 307 Lecture 1

10/34

3/15/2011 CIVE-UDOM 10

Information States

(Where is the data)

Transmission

Storage Processing

8/6/2019 CS 307 Lecture 1

11/34

3/15/2011 CIVE-UDOM 11

Importance of IA

Human safety

Environmental safety Property safety

Economic stability and security Social stability

Privacy, both individual and corporate National security

8/6/2019 CS 307 Lecture 1

12/34

3/15/2011 CIVE-UDOM 12

The Security Trinity

The three legs of the "security trinity,"prevention, detection, and response,

comprise the basis for security. Thesecurity trinity should be the foundation forall security policies and measures that anorganization develops and deploys

8/6/2019 CS 307 Lecture 1

13/34

3/15/2011 CIVE-UDOM 13

The security trinity

8/6/2019 CS 307 Lecture 1

14/34

3/15/2011 CIVE-UDOM 14

Prevention

The foundation of the security trinity is

prevention. To provide some level ofsecurity, it is necessary to implementmeasures to prevent the exploitation ofvulnerabilities.

8/6/2019 CS 307 Lecture 1

15/34

3/15/2011 CIVE-UDOM 15

Detection

Once preventative measures are implemented,procedures need to be put in place to detect

potential problems or security breaches, in theevent preventative measures fail. It is veryimportant that problems be detected

immediately. The sooner a problem is detectedthe easier it is to correct and cleanup.

8/6/2019 CS 307 Lecture 1

16/34

3/15/2011 CIVE-UDOM 16

Response

Organizations need to develop a plan thatidentifies the appropriate response to a security

breach. The plan should be in writing andshould identify who is responsible for whatactions and the varying responses and levels of

escalation.

8/6/2019 CS 307 Lecture 1

17/34

3/15/2011 CIVE-UDOM 17

Security Attacks

Passive Attacks

Passive attacks are in the nature ofeavesdropping on, or monitoring of,

transmissions. The goal of the opponent isto obtain information that is beingtransmitted. Two types of passive attacks

are release of message contents andtraffic analysis.

8/6/2019 CS 307 Lecture 1

18/34

3/15/2011 CIVE-UDOM 18

Active Attacks

Active attacks involve some modification

of the data stream or the creation of afalse stream and can be subdivided intofour categories: masquerade, replay,modification of messages, and denial ofservice.

A masquerade takes place when oneentity pretends to be a different entity

8/6/2019 CS 307 Lecture 1

19/34

3/15/2011 CIVE-UDOM 19

Active Attacks

Replay involves the passive capture of a dataunit and its subsequent retransmission to

produce an unauthorized effect Modification of messages simply means that

some portion of a legitimate message is altered,

or that messages are delayed or reordered, toproduce an unauthorized effect

The denial of service prevents or inhibits thenormal use or management of communications

facilities

8/6/2019 CS 307 Lecture 1

20/34

8/6/2019 CS 307 Lecture 1

21/34

3/15/2011 CIVE-UDOM 21

Security Attacks

Interruption: This is an attack on

availability Interception: This is an attack on

confidentiality Modification: This is an attack on

integrity Fabrication: This is an attack on

authenticity

8/6/2019 CS 307 Lecture 1

22/34

3/15/2011 CIVE-UDOM 22

Security Goals

Security Goals:

Confidentiality: Need access control, Cryptography,Existence of data

Integrity: No change, content, source, prevention

mechanisms, detection mechanisms Availability: Denial of service attacks,

Confidentiality, Integrity and Availability (CIA)

The opposite of CIA is disclosure, alteration, anddenial (DAD).

8/6/2019 CS 307 Lecture 1

23/34

3/15/2011 CIVE-UDOM 23

Military Example

Confidentiality: target coordinates of a

missile should not be improperly disclosed Integrity: target coordinates of missile

should be correct Availability: missile should fire when

proper command is issued

8/6/2019 CS 307 Lecture 1

24/34

3/15/2011 CIVE-UDOM 24

Commercial Example

Confidentiality: patients medical

information should not be improperlydisclosed

Integrity: patients medical information

should be correct Availability: patients medical information

can be accessed when needed fortreatment

8/6/2019 CS 307 Lecture 1

25/34

3/15/2011 CIVE-UDOM 25

Security Policies

A security policy is a statement of what is,

and what is not, allowed.Example 1: "do not delete or corrupt

another's files, and any file not protectedmay be read."

Example 2 Students are not allowed to

share solutions of the assignments

8/6/2019 CS 307 Lecture 1

26/34

3/15/2011 CIVE-UDOM 26

A security policy sets the context in whichwe can define a secure system. What issecure under one policy may not be secure

under a different policy. More precisely:A secure system is a system that starts in

an authorized state and cannot enter anunauthorized state.

8/6/2019 CS 307 Lecture 1

27/34

3/15/2011 CIVE-UDOM 27

A security policy considers all relevant aspects of

confidentiality, integrity, and availability. With respectto confidentiality, it identifies those states in whichinformation leaks to those not authorized to receive it.This includes not only the leakage of rights but also

the illicit transmission of information without leakage ofrights, called information flow. Also, the policy musthandle dynamic changes of authorization, so it

includes a temporal element. For example, acontractor working for a company may be authorizedto access proprietary information during the lifetime ofa nondisclosure agreement, but when that

nondisclosure agreement expires, the contractor canno longer access that information. This aspect of thesecurity policy is often called a confidentiality policy.

8/6/2019 CS 307 Lecture 1

28/34

3/15/2011 CIVE-UDOM 28

With respect to integrity, a security policy

identifies authorized ways in which informationmay be altered and entities authorized to alterit. Authorization may derive from a variety ofrelationships, and external influences mayconstrain it; for example, in many transactions,

a principle called separation of duties forbids anentity from completing the transaction on itsown. Those parts of the security policy that

describe the conditions and manner in whichdata can be altered are called the integritypolicy.

8/6/2019 CS 307 Lecture 1

29/34

3/15/2011 CIVE-UDOM 29

With respect to availability, a security policydescribes what services must be provided. Itmay present parameters within which the

services will be accessiblefor example, that abrowser may download Web pages but notJava applets. It may require a level of servicefor example, that a server will provideauthentication data within 1 minute of the

request being made. This relates directly toissues of quality of service.

8/6/2019 CS 307 Lecture 1

30/34

3/15/2011 CIVE-UDOM 30

Types of Security Policies

A military security policy (also called a

governmental security policy) is a securitypolicy developed primarily to provideconfidentiality.

A commercial security policy is a securitypolicy developed primarily to provide

integrity.

8/6/2019 CS 307 Lecture 1

31/34

3/15/2011 CIVE-UDOM 31

Two other terms describe policies relatedto security needs:

A confidentiality policy is a security policydealing only with confidentiality.

An integrity policy is a security policy

dealing only with integrity.

8/6/2019 CS 307 Lecture 1

32/34

3/15/2011 CIVE-UDOM 32

Both confidentiality policies and militarypolicies deal with confidentiality; however,a confidentiality policy does not deal withintegrity at all, whereas a military policymay. A similar distinction holds for integrity

policies and commercial policies.

8/6/2019 CS 307 Lecture 1

33/34

3/15/2011 CIVE-UDOM 33

Security Mechanism

A security mechanism is a method, tool, or

procedure for enforcing a security policy.Example 1: Default access for new filesset to owner read, write, execute; groupread; and no access for other.

S i M h i

8/6/2019 CS 307 Lecture 1

34/34

3/15/2011 CIVE-UDOM 34

Security Mechanisms Encryption: transforming data into something an attacker

cannot understand, i.e., providing a means to implement

confidentiality, as well as allowing user to check whether

data have been modified.

Authentication: verifying the claimed identity of a subject,

such as user name, password, etc.

Authorization: checking whether the subject has the right toperform the action requested.

Auditing: tracing which subjects accessed what, when, and

which way. In general, auditing does not provide protection,

but can be a tool for analysis of problems.