8/6/2019 CS 307 Lecture 1
1/34
3/15/2011 CIVE-UDOM 1
CS 307: Introduction toInformation Assurance
Lecture 1
8/6/2019 CS 307 Lecture 1
2/34
3/15/2011 CIVE-UDOM 2
What is Information Assurance?
According to the U.S. Department of Defense, IAinvolves:
Actions taken that protect and defend information andinformation systems by ensuring their availability,integrity, authentication, confidentiality and non-repudiation. This includes providing for restoration of
information systems by incorporating protection,detection and reaction capabilities.
Information Assurance(IA) is the study of how to protectyour information assets from destruction, degradation,
manipulation and exploitation. But also, how to recovershould any of those happen.
Notice that it is both proactive and reactive.
8/6/2019 CS 307 Lecture 1
3/34
3/15/2011 CIVE-UDOM 3
What is IA? (cont)
According to the DoD definition, these are some aspects ofinformation needing protection:
Availability: timely, reliable access to data and information servicesfor authorized users; Integrity: protection against unauthorized modification or destruction
of information; Confidentiality: assurance that information is not disclosed to
unauthorized persons; Authentication: security measures to establish the validity of a
transmission, message, or originator. i.e the assurance that thecommunicating entity is the one that it claims to be.
Non-repudiation: assurance that the sender is provided with proof ofa data delivery and recipient is provided with proof of the sendersidentity, so that neither can later deny having processed the data.
8/6/2019 CS 307 Lecture 1
4/34
8/6/2019 CS 307 Lecture 1
5/34
3/15/2011 CIVE-UDOM 5
Four Security Domains
Physical securityrefers to the protection of hardware,software, and data against physical threats to reduce or
prevent disruptions to operations and services and lossof assets.
Personnel securityis a variety of ongoing measures
taken to reduce the likelihood and severity of accidentaland intentional alteration, destruction, misappropriation,misuse, misconfiguration, unauthorized distribution, andunavailability of an organizations logical and physical
assets, as the result of action or inaction by insiders andknown outsiders, such as business partners.
8/6/2019 CS 307 Lecture 1
6/34
3/15/2011 CIVE-UDOM 6
Four Security Domains
IT securityis the inherent technical features and functionsthat collectively contribute to an IT infrastructure achievingand sustaining confidentiality, integrity, availability,
accountability, authenticity, and reliability. Operational securityinvolves the implementation of
standard operational security procedures that define thenature and frequency of the interaction between users,systems, and system resources, the purpose of which is to: achieve and sustain a known secure system state at all times, and
prevent accidental or intentional theft, release, destruction,
alteration, misuse, or sabotage of system resources.
8/6/2019 CS 307 Lecture 1
7/34
3/15/2011 CIVE-UDOM 7
Information Assurance Model
8/6/2019 CS 307 Lecture 1
8/34
3/15/2011 CIVE-UDOM 8
Security Services
(What is protected) Availability
Data When You Need It
Integrity Data is unchanged (how you left it)
Authentication
Verifying who is trying to see the data Confidentiality
Only the authorized people see the data
Non-Repudiation Cant say it wasnt you (sending, receiving or accessing)
8/6/2019 CS 307 Lecture 1
9/34
3/15/2011 CIVE-UDOM 9
Security Countermeasures
(How it is protected)
Technology
Policy and Practice People
8/6/2019 CS 307 Lecture 1
10/34
3/15/2011 CIVE-UDOM 10
Information States
(Where is the data)
Transmission
Storage Processing
8/6/2019 CS 307 Lecture 1
11/34
3/15/2011 CIVE-UDOM 11
Importance of IA
Human safety
Environmental safety Property safety
Economic stability and security Social stability
Privacy, both individual and corporate National security
8/6/2019 CS 307 Lecture 1
12/34
3/15/2011 CIVE-UDOM 12
The Security Trinity
The three legs of the "security trinity,"prevention, detection, and response,
comprise the basis for security. Thesecurity trinity should be the foundation forall security policies and measures that anorganization develops and deploys
8/6/2019 CS 307 Lecture 1
13/34
3/15/2011 CIVE-UDOM 13
The security trinity
8/6/2019 CS 307 Lecture 1
14/34
3/15/2011 CIVE-UDOM 14
Prevention
The foundation of the security trinity is
prevention. To provide some level ofsecurity, it is necessary to implementmeasures to prevent the exploitation ofvulnerabilities.
8/6/2019 CS 307 Lecture 1
15/34
3/15/2011 CIVE-UDOM 15
Detection
Once preventative measures are implemented,procedures need to be put in place to detect
potential problems or security breaches, in theevent preventative measures fail. It is veryimportant that problems be detected
immediately. The sooner a problem is detectedthe easier it is to correct and cleanup.
8/6/2019 CS 307 Lecture 1
16/34
3/15/2011 CIVE-UDOM 16
Response
Organizations need to develop a plan thatidentifies the appropriate response to a security
breach. The plan should be in writing andshould identify who is responsible for whatactions and the varying responses and levels of
escalation.
8/6/2019 CS 307 Lecture 1
17/34
3/15/2011 CIVE-UDOM 17
Security Attacks
Passive Attacks
Passive attacks are in the nature ofeavesdropping on, or monitoring of,
transmissions. The goal of the opponent isto obtain information that is beingtransmitted. Two types of passive attacks
are release of message contents andtraffic analysis.
8/6/2019 CS 307 Lecture 1
18/34
3/15/2011 CIVE-UDOM 18
Active Attacks
Active attacks involve some modification
of the data stream or the creation of afalse stream and can be subdivided intofour categories: masquerade, replay,modification of messages, and denial ofservice.
A masquerade takes place when oneentity pretends to be a different entity
8/6/2019 CS 307 Lecture 1
19/34
3/15/2011 CIVE-UDOM 19
Active Attacks
Replay involves the passive capture of a dataunit and its subsequent retransmission to
produce an unauthorized effect Modification of messages simply means that
some portion of a legitimate message is altered,
or that messages are delayed or reordered, toproduce an unauthorized effect
The denial of service prevents or inhibits thenormal use or management of communications
facilities
8/6/2019 CS 307 Lecture 1
20/34
8/6/2019 CS 307 Lecture 1
21/34
3/15/2011 CIVE-UDOM 21
Security Attacks
Interruption: This is an attack on
availability Interception: This is an attack on
confidentiality Modification: This is an attack on
integrity Fabrication: This is an attack on
authenticity
8/6/2019 CS 307 Lecture 1
22/34
3/15/2011 CIVE-UDOM 22
Security Goals
Security Goals:
Confidentiality: Need access control, Cryptography,Existence of data
Integrity: No change, content, source, prevention
mechanisms, detection mechanisms Availability: Denial of service attacks,
Confidentiality, Integrity and Availability (CIA)
The opposite of CIA is disclosure, alteration, anddenial (DAD).
8/6/2019 CS 307 Lecture 1
23/34
3/15/2011 CIVE-UDOM 23
Military Example
Confidentiality: target coordinates of a
missile should not be improperly disclosed Integrity: target coordinates of missile
should be correct Availability: missile should fire when
proper command is issued
8/6/2019 CS 307 Lecture 1
24/34
3/15/2011 CIVE-UDOM 24
Commercial Example
Confidentiality: patients medical
information should not be improperlydisclosed
Integrity: patients medical information
should be correct Availability: patients medical information
can be accessed when needed fortreatment
8/6/2019 CS 307 Lecture 1
25/34
3/15/2011 CIVE-UDOM 25
Security Policies
A security policy is a statement of what is,
and what is not, allowed.Example 1: "do not delete or corrupt
another's files, and any file not protectedmay be read."
Example 2 Students are not allowed to
share solutions of the assignments
8/6/2019 CS 307 Lecture 1
26/34
3/15/2011 CIVE-UDOM 26
A security policy sets the context in whichwe can define a secure system. What issecure under one policy may not be secure
under a different policy. More precisely:A secure system is a system that starts in
an authorized state and cannot enter anunauthorized state.
8/6/2019 CS 307 Lecture 1
27/34
3/15/2011 CIVE-UDOM 27
A security policy considers all relevant aspects of
confidentiality, integrity, and availability. With respectto confidentiality, it identifies those states in whichinformation leaks to those not authorized to receive it.This includes not only the leakage of rights but also
the illicit transmission of information without leakage ofrights, called information flow. Also, the policy musthandle dynamic changes of authorization, so it
includes a temporal element. For example, acontractor working for a company may be authorizedto access proprietary information during the lifetime ofa nondisclosure agreement, but when that
nondisclosure agreement expires, the contractor canno longer access that information. This aspect of thesecurity policy is often called a confidentiality policy.
8/6/2019 CS 307 Lecture 1
28/34
3/15/2011 CIVE-UDOM 28
With respect to integrity, a security policy
identifies authorized ways in which informationmay be altered and entities authorized to alterit. Authorization may derive from a variety ofrelationships, and external influences mayconstrain it; for example, in many transactions,
a principle called separation of duties forbids anentity from completing the transaction on itsown. Those parts of the security policy that
describe the conditions and manner in whichdata can be altered are called the integritypolicy.
8/6/2019 CS 307 Lecture 1
29/34
3/15/2011 CIVE-UDOM 29
With respect to availability, a security policydescribes what services must be provided. Itmay present parameters within which the
services will be accessiblefor example, that abrowser may download Web pages but notJava applets. It may require a level of servicefor example, that a server will provideauthentication data within 1 minute of the
request being made. This relates directly toissues of quality of service.
8/6/2019 CS 307 Lecture 1
30/34
3/15/2011 CIVE-UDOM 30
Types of Security Policies
A military security policy (also called a
governmental security policy) is a securitypolicy developed primarily to provideconfidentiality.
A commercial security policy is a securitypolicy developed primarily to provide
integrity.
8/6/2019 CS 307 Lecture 1
31/34
3/15/2011 CIVE-UDOM 31
Two other terms describe policies relatedto security needs:
A confidentiality policy is a security policydealing only with confidentiality.
An integrity policy is a security policy
dealing only with integrity.
8/6/2019 CS 307 Lecture 1
32/34
3/15/2011 CIVE-UDOM 32
Both confidentiality policies and militarypolicies deal with confidentiality; however,a confidentiality policy does not deal withintegrity at all, whereas a military policymay. A similar distinction holds for integrity
policies and commercial policies.
8/6/2019 CS 307 Lecture 1
33/34
3/15/2011 CIVE-UDOM 33
Security Mechanism
A security mechanism is a method, tool, or
procedure for enforcing a security policy.Example 1: Default access for new filesset to owner read, write, execute; groupread; and no access for other.
S i M h i
8/6/2019 CS 307 Lecture 1
34/34
3/15/2011 CIVE-UDOM 34
Security Mechanisms Encryption: transforming data into something an attacker
cannot understand, i.e., providing a means to implement
confidentiality, as well as allowing user to check whether
data have been modified.
Authentication: verifying the claimed identity of a subject,
such as user name, password, etc.
Authorization: checking whether the subject has the right toperform the action requested.
Auditing: tracing which subjects accessed what, when, and
which way. In general, auditing does not provide protection,
but can be a tool for analysis of problems.