際際滷

際際滷Share a Scribd company logo

System Security-Chapter 1

Download as PPTX, PDF
V
Vamsee Krishna Kiran

The document introduces system security, defining it as protecting information system resources to preserve integrity, availability, and confidentiality. It discusses the CIA security triad of confidentiality, integrity, and availability, along with additional aspects of authenticity and accountability for complete security. The document defines key security terminology from RFC 2828 and covers security threats like interception, interruption, and modification. It also examines hardware, software, and data vulnerabilities that can threaten system security.

1 of 16
Downloaded 139 times
Introduction to System Security VAMSEE KRISHNA KIRAN ASST.PROF, CSE, AMRITA UNIVERSITY, COIMBATORE
Objectives 1. To understand the basic definition of system security 2. Principle of easiest penetration 3. Goals of system security 4. Terminology based on RFC 2828 5. Security threats 6. Types of vulnerabilities 2
Definition of system security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) -- NIST 1995 3
Principle of easiest penetration An intruder must be expected to use any available means of penetration. The penetration may not necessarily be by the most obvious, nor is it necessarily the one against which the most solid defense has been installed. 4
Three pillars of security (CIA Triad) 5
Confidentiality Data confidentiality: Assures that confidential information is not disclosed to unauthorized individuals Privacy: Assures that individual control or influence what information may be collected and stored Integrity Data integrity: assures that information and programs are changed only in a specified and authorized manner System integrity: Assures that a system performs its operations in unimpaired manner Availability: assure that systems works promptly and service is not denied to authorized users 6
CIA + A + A = Complete Security Authenticity: the property of being genuine and being able to be verified and trusted; confident in the validity of a transmission, or a message, or its originator Accountability: generates the requirement for actions of an entity to be traced uniquely to that individual to support nonrepudiation, deference, fault isolation, etc. 7
Computer security terminology 1. Adversary: An entity that attacks the system. 2. Attack: An assault on system security that derives from an intelligent threat; it is an intelligent act that is a deliberate attempt to evade security services and violate the security policies. 3. Countermeasure: An action, device, method, procedure or technique that reduces a threat, a vulnerability or an attack by eliminating or preventing it by reducing the harm it can cause. 4. Risk: An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability. 5. Security Policy: A set of rules and practices that specify how a system provides security services to protect the sensitive data and critical system resources. 8
Terminology contd 1. System resource(asset): information system, system capability, services of system, hardware component, communication lines etc. 2. Threat: A potential for violation of security. A possible danger that might exploit a vulnerability. 3. Vulnerability: A flaw of weakness in a systems design or implementation that could be exploited to violate the systems security policy. 9
Security concepts and relationships 10
System Security threats 1. Interception: Unauthorized party has gained access to an asset. 2. Interruption: An asset of a system becomes lost, unavailable or unusable. 3. Modification: Not only gaining unauthorized access but also tampering the asset. 4. Fabrication: Unauthorized party may create a fabrication of counterfeit objects on a computing system. 11
Vulnerabilities 1. Hardware vulnerabilities 2. Software vulnerabilities 3. Data vulnerabilities 12
Hardware vulnerabilities Any physical damage that is intentional or unintentional. Damaging the systems, system resources or any system related equipment. Causes major threat to Availability. 13
Software vulnerabilities Hard to detect compared to hardware vulnerabilities. Software can be replaced, changed, deleted or destroyed maliciously or modified. Malicious s/w will work as intended, doing some extra operations in the background. 1. Software deletion 2. Software modification Logic bomb Trojan horse Virus Trapdoor 3. Software theft 14
Data vulnerabilities Principle of adequate protection: Computer items must be protected only until they lose their value. Applying security goals to data: 1. Data confidentiality prevents unauthorized disclosure of data 2. Data integrity prevents unauthorized modification 3. Data availability prevents denial of authorized access 15
Summary Definition of system security CIA model of Security Additional AAs required to form complete security model Security glossary from RFC2828 Types of threats and vulnerabilities 16

More Related Content

System Security-Chapter 1

  • 1. Introduction to System Security VAMSEE KRISHNA KIRAN ASST.PROF, CSE, AMRITA UNIVERSITY, COIMBATORE
  • 2. Objectives 1. To understand the basic definition of system security 2. Principle of easiest penetration 3. Goals of system security 4. Terminology based on RFC 2828 5. Security threats 6. Types of vulnerabilities 2
  • 3. Definition of system security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) -- NIST 1995 3
  • 4. Principle of easiest penetration An intruder must be expected to use any available means of penetration. The penetration may not necessarily be by the most obvious, nor is it necessarily the one against which the most solid defense has been installed. 4
  • 5. Three pillars of security (CIA Triad) 5
  • 6. Confidentiality Data confidentiality: Assures that confidential information is not disclosed to unauthorized individuals Privacy: Assures that individual control or influence what information may be collected and stored Integrity Data integrity: assures that information and programs are changed only in a specified and authorized manner System integrity: Assures that a system performs its operations in unimpaired manner Availability: assure that systems works promptly and service is not denied to authorized users 6
  • 7. CIA + A + A = Complete Security Authenticity: the property of being genuine and being able to be verified and trusted; confident in the validity of a transmission, or a message, or its originator Accountability: generates the requirement for actions of an entity to be traced uniquely to that individual to support nonrepudiation, deference, fault isolation, etc. 7
  • 8. Computer security terminology 1. Adversary: An entity that attacks the system. 2. Attack: An assault on system security that derives from an intelligent threat; it is an intelligent act that is a deliberate attempt to evade security services and violate the security policies. 3. Countermeasure: An action, device, method, procedure or technique that reduces a threat, a vulnerability or an attack by eliminating or preventing it by reducing the harm it can cause. 4. Risk: An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability. 5. Security Policy: A set of rules and practices that specify how a system provides security services to protect the sensitive data and critical system resources. 8
  • 9. Terminology contd 1. System resource(asset): information system, system capability, services of system, hardware component, communication lines etc. 2. Threat: A potential for violation of security. A possible danger that might exploit a vulnerability. 3. Vulnerability: A flaw of weakness in a systems design or implementation that could be exploited to violate the systems security policy. 9
  • 10. Security concepts and relationships 10
  • 11. System Security threats 1. Interception: Unauthorized party has gained access to an asset. 2. Interruption: An asset of a system becomes lost, unavailable or unusable. 3. Modification: Not only gaining unauthorized access but also tampering the asset. 4. Fabrication: Unauthorized party may create a fabrication of counterfeit objects on a computing system. 11
  • 12. Vulnerabilities 1. Hardware vulnerabilities 2. Software vulnerabilities 3. Data vulnerabilities 12
  • 13. Hardware vulnerabilities Any physical damage that is intentional or unintentional. Damaging the systems, system resources or any system related equipment. Causes major threat to Availability. 13
  • 14. Software vulnerabilities Hard to detect compared to hardware vulnerabilities. Software can be replaced, changed, deleted or destroyed maliciously or modified. Malicious s/w will work as intended, doing some extra operations in the background. 1. Software deletion 2. Software modification Logic bomb Trojan horse Virus Trapdoor 3. Software theft 14
  • 15. Data vulnerabilities Principle of adequate protection: Computer items must be protected only until they lose their value. Applying security goals to data: 1. Data confidentiality prevents unauthorized disclosure of data 2. Data integrity prevents unauthorized modification 3. Data availability prevents denial of authorized access 15
  • 16. Summary Definition of system security CIA model of Security Additional AAs required to form complete security model Security glossary from RFC2828 Types of threats and vulnerabilities 16