[Intro. to Computer Security Course Note] Ch 1

Posted on Edited on Views: Word count in article: 2.8k Reading time ≈ 3 mins.

Ch1. Overview

3 Key

Confidentiality

Assure that private or confidential info is not disclosed to unauthorized individuals
Privacy: Assure that individuals control or influence what info related to them may be collectd and stored

Integrity

Data integrity: info are changed only in a specified / authorized manner
System integrity: system performs well in an unimpaired manner

Availability

Assure that system works promptly and service is not denied to authorized users

Other 2

Authenticity

Property is genuine and able to be verified and trusted

Accountability

Requirement for actions of an entity to be traced uniquely to that entity

Model of Computer Security

Vulnerability

Weakness

  • Corrupt: loss of integrity
  • Leaky: loss of confidentiality
  • Unavailability or very slow

Threat
Capable of exploiting vulnerability

Attack

  • Passive: make use of info, but doesn’t affect system resources
  • Active: alter system resources
  • Inside: by an authorized user (using in a way not approved)
  • Outside: by an unauthorized user

Countermeasures

Security Concepts / Relationships

Threats / Attacks

Threat Consequence Threat Action (Attack)
Unauthorized Disclosure
- threats to confidnentiality		 1. Explosure
2. Interception
3. Inference (推斷)
4. Intrusion
Deception
- threats to integrity		 1. Masquerade
2. Falsification
3. Repudiation (否認)
Disruption
- threats to availability / system integrity		 1. Incapacitation
2. Corruption: alters system operation
3. Obstruction
Usurpation (篡奪)
- threats to system integrity		 1. Misappropriation
2. Misuse

Security Functional Requirements

Technical Measures

Management Controls / Procedures

Overlapping Technical / Management

Fundamental Security Design

Economy of Mechanisnm

Design should be as simple as possible

Fail-safe Defaults

Access decisions should be based on permission rather than exclusion

Complete Mediation

Every access must be check against the access control mechanism

Open Design

就把設計公開

Separation of Privilege

大家的權限不一樣

Least Privilege

Least Common Mechanism

Psychological Acceptability

Should not interfere unduly with the work of users or hinder the usability or accessibility of resources

Isolation

Encapsulation

A specific form of isolation based on object-oriented functionality

Modularity

就包成 module

Layering

Use of multiple, overlapping protection approaches

Least Astonishment

Attack Surfaces


Make developers aware of where security mechanisms are required

Attack Trees

  • Root: the attack goal
  • Leaf: different ways to initial an attack
  • Each node (other than a leaf): AND / OR node

Why ?

  • Effectively exploit the info available on attack pattern
  • Document security attacks in a structured form that reveals key vulnerabilities
  • Can know how to design system / coutnermeasures

Computer Security Strategy

3 Aspects

  • Specification / policy: what is the security scheme supposed to do ?
  • Implementation / mechanisms: how to ?
  • Correctness / assurance: does it work ?

Security Policy

  • A formal statement of rules and practices
  • A security manager needs to consider
    • value of assets being protected
    • vulnerabilities of the system
    • potential threats and the likehood of attacks
    • trade-off: ease of use v.s. security
    • trade-off: cost of security v.s. cost of failure and recovery

Security Implementation / Assurance