1 IS 2150 / TEL 2810 Introduction to Security Lecture 1 August 31, 2006.
-
date post
21-Dec-2015 -
Category
Documents
-
view
221 -
download
1
Transcript of 1 IS 2150 / TEL 2810 Introduction to Security Lecture 1 August 31, 2006.
1
IS 2150 / TEL 2810Introduction to Security
Lecture 1
August 31, 2006
2
Contact Instructor: James B. D. Joshi
706A, IS Building Phone: 412-624-9982 E-mail: [email protected] Web: http://www.sis.pitt.edu/~jjoshi/ Office Hours:
Tuesdays: 3.00 – 6.00 p.m. By appointments
GSA: Saubhagya R. Joshi Email: [email protected] Office hours: Wednesday 2:00-4:00PM Place: GIS Lab, 4th Floor
3
IS 2150 / TEL 2810 The objective of the course is to cover the
fundamental issues of information system security and assurance. Develop broad understanding of diverse issues
Certified by NSA About 85% is based on the CNSS requirements
Core course for SAIS track Course webpage:
http://www.sis.pitt.edu/~jjoshi/courses/2007_1/IS2150SYL071.html
4
Course Outline Security Basics (1-8)
General overview and definitions
Security models and policy issues
Basic Cryptography and Network security (9-12, 26)
Crypto systems, digital signature, authentication, PKI
IPSec, VPN, Firewalls Systems Design Issues and
Information assurance (13-21, 24)
Design principles Security Mechanisms Auditing Systems Risk analysis System verification
Intrusion Detection and Response (23, 25, ..)
Attack Classification and Vulnerability Analysis
Detection, Containment and Response/Recovery
Legal, Ethical, Social Issues Evaluation, Certification
Standards Miscellaneous Issues (22, ..)
Malicious code, Mobile code Digital Rights Management,
Forensics Watermarking, E/M-commerce security,
Multidomain Security Identity/Trust Management
5
Course Material Textbook
Introduction to Computer Security, Matt Bishop, Errata URL: http://nob.cs.ucdavis.edu/~bishop/
Computer Security: Art and Science, Matt Bishop – is fine too
Other Recommended Security in Computing, Charles P. Pfleeger, Prentice Hall
Inside Java 2 Platform Security, 2nd Edition, L. Gong, G. Ellision, M. Dageforde
Security Engineering: A Guide to Building Dependable Distributed Systems, Ross Anderson, Wiley, John & Sons, Incorporated, 2001
Supplemental readings will be provided
6
Prerequisites Assumes the following background
Programming skill Some assignments in Java
Working knowledge of Operating systems, algorithms and data
structures, database systems, and networks Basic Mathematics
Set, logic, induction techniques, data structure/algorithms
Not sure? SEE ME
7
Grading Lab + Homework/Quiz/Paper review
40% Exams 40% includes
Midterm 20% Final 20%
Paper/Project 20% List of suggested topics will be posted; Encouraged to think of a project/topic of
your interest Some other
Seminar and participation
8
Course Policies Your work MUST be your own
Zero tolerance for cheating/plagiarism You get an F for the course if you cheat in anything
however small – NO DISCUSSION Discussing the problem is encouraged
Homework Penalty for late assignments (15% each day) Ensure clarity in your answers – no credit will be
given for vague answers Sample solutions will be provided
Check webpage for everything! You are responsible for checking the webpage for
updates
9
Overview of Security Assured Information
SystemsTrack
10
LERSAIS Laboratory of Education and Research in
Security Assured Information Systems Established in 2003 National Center of Academic Excellence in Information
Assurance Education Program A US National Security Agency program initiated in 1998
through a presidential directive to SECURE the Cyberspace Partnered by Department of Homeland Security since
2003 There are 70+ such centers now Designation requires meeting a set of criteria
Basic IA curriculum Strong research activity
LERSAIS is Pitt’s representative center Website: http://www.sis.pitt.edu/~lersais/
11
IA Education @Pitt Pitt’s IA curriculum has been certified for
Committee on National Security Systems IA Standards
CNSS 4011: Information Security Professionals CNSS 4012: Designated Approving Authority CNSS 4013: System Administrator in Information Systems
Security CNSS 4014: Information Systems Security Officer CNSS 4015: System Certifiers
Pitt is one among 12 Institutions in the US and only one in the State of Pennsylvania to have all certifications
Website: http://www.sis.pitt.edu/~sais/
12
IA Education @Pitt: Grants NSF – Scholarship for Service Grant
First award ($286,710) For the development of the curriculum
Second award ($1,055,553) For establishing a scholarship program
Department of Defense Information Assurance Scholarship (DoD IASP)
Support for 4 National Defense University Students to pursue IA degree at Pitt
CISCO Critical Infrastructure Assurance Group Equipment grant winner of Year Spring-2005 Equipments worth $130,000
13
IA Education @Pitt: Tracks/Courses
Master of Science in Information SciencesMaster of Science in Telecommunications and Networking
Certificate of Advanced Studies(CNSS Certifications)
Courses:Introduction to Security Developing Secure Systems Cryptography Security in E-commerce Network Security Security Management Capstone course Information System and
Network Infrastructure Protection Information Ethics Legal Issues in Information Handling
14
NSF IA Scholarship @ Pitt New scholarship starting this Fall
Support include Stipend of $12,000/year Tuition and fees
Students should be In the track (MSIS/MST) Within last 2 years of completing the PhD studies
Support for up to 2 years Work in Gov for the equal amount of time Summer internship is required
Citizenship is required Need to obtain clearance for work in Gov
Website will be created shortly; for now check out : http://www.sfs.opm.gov/
Website will be created shortly; for now check out : http://www.sfs.opm.gov/
15
NSF IA Scholarship @ Pitt Less chance for the following
If you have less than one year of study
If you want to work fulltime and study under scholarship
Scholarship students will have to Involve in some activities of LERSAIS University activities of importance Mentor future scholarship students
16
MSISSecurity Assured Information Systems Track
MSISSecurity Assured Information Systems Track
Foundations(6 credits)
Foundations(6 credits)
CognitiveSystems
(6 credits)
CognitiveSystems
(6 credits)
Systems and Technology(9 credits SAIS Track + 9 S&T)
(18 credits)
Systems and Technology(9 credits SAIS Track + 9 S&T)
(18 credits)
Electives(3 Credits SAIS Track
+ 3 Credits S&T)
Electives(3 Credits SAIS Track
+ 3 Credits S&T)
IS-2000Intro to Info Sc
IS-2170Cryptography
IS-2000Intro to Info Sc
IS-2170Cryptography
IS-2300 Human
InformationProcessing
IS-2470 Interactive
System Design
OR
IS-2350 Human Factors
In Systems
IS-2300 Human
InformationProcessing
IS-2470 Interactive
System Design
OR
IS-2350 Human Factors
In Systems
IS-2550 Client-Sever
IS2710 DBMS
IS-2511 Adv. Anal. & Des.
ORIS-2540
Soft Engg.
IS-2550 Client-Sever
IS2710 DBMS
IS-2511 Adv. Anal. & Des.
ORIS-2540
Soft Engg.
IS2150 Intro to ComSec
TEL-2821 Net Sec
TEL 2830/IS-2190 Capstone Course
in Security
IS2150 Intro to ComSec
TEL-2821 Net Sec
TEL 2830/IS-2190 Capstone Course
in Security
IS-2570 Dev sec Systems
IS-2771 Sec in E-Comm
IS2810/TEL-2813 Sec Mgmt
LIS-2194 Info Ethics
LIS-2184 Legal issues in Handling Info
One S&T Electives(may include another of the SAIS course elective)
IS-2570 Dev sec Systems
IS-2771 Sec in E-Comm
IS2810/TEL-2813 Sec Mgmt
LIS-2194 Info Ethics
LIS-2184 Legal issues in Handling Info
One S&T Electives(may include another of the SAIS course elective)
17
MSTSecurity Assured Information Systems Track
MSTSecurity Assured Information Systems Track
Core Required(9 credits)
Core Required(9 credits)
Human CommMgmt/Policy(6 credits)
Human CommMgmt/Policy(6 credits)
Protocols and Design
(6 credits)
Protocols and Design
(6 credits)
SAIS TrackCore
(12 credits)
SAIS TrackCore
(12 credits)
SAIS TrackElectives
(3 credits)
SAIS TrackElectives
(3 credits)
TEL-2210 ElectronicComm II
TEL-2120 Network
Performance
TEL-2310 ComputerNetworks
TEL-2210 ElectronicComm II
TEL-2120 Network
Performance
TEL-2310 ComputerNetworks
IS-2300 Human InformationProcessing
TEL-2510 US TelecomPolicy OR
TEL-2511 Intl. Telecom
Policy OR
LIS-2194 Information
Ethics
IS-2300 Human InformationProcessing
TEL-2510 US TelecomPolicy OR
TEL-2511 Intl. Telecom
Policy OR
LIS-2194 Information
Ethics
TEL-2110 Network Design
TEL-2121 Network Mgt.
TEL-2320 LANs
TEL-2321 WANs
TEL-2720Cellular Radio and
PCS
TEL-2721Mobile Data
Networks
TEL-2110 Network Design
TEL-2121 Network Mgt.
TEL-2320 LANs
TEL-2321 WANs
TEL-2720Cellular Radio and
PCS
TEL-2721Mobile Data
Networks
IS2150/TEL-2810 Intro
To Security
IS2170/TEL-2820 Cryptography
TEL-2821 NetworkSecurity
IS2190/TEL-2830 Capstone Course
in Security
IS2150/TEL-2810 Intro
To Security
IS2170/TEL-2820 Cryptography
TEL-2821 NetworkSecurity
IS2190/TEL-2830 Capstone Course
in Security
TEL-2825 Infrs. Protection
IS-2771Security in E-Commerce
IS-2810/TEL-2813Security
Management
TEL-2829Adv. Cryptography
OR
Other Electives
TEL-2825 Infrs. Protection
IS-2771Security in E-Commerce
IS-2810/TEL-2813Security
Management
TEL-2829Adv. Cryptography
OR
Other Electives
18
Education @PittCertificate of Advanced Studies
Basic IA Studies Advanced IA Studies
Pre-requisite: MSIS, MST or MS in related areas
15 credits of coursework: • Three SAIS Core courses (9)• Systems & Technology course (3)• Capstone (3)
24 credits of coursework: • Three SAIS Core courses (9)• Security management (3) • One IA Elective (3)• 2 Systems-Tech electives (6)• Capstone (3)
Certificates: CNSS 4011, 4012, and 4013
Certificates: CNSS 4011, 4012, 4013, 4014A, and 4015
19
IS-2150TEL-2810
Intro to Security
IS-2150TEL-2810
Intro to Security
IS-2160TEL-2820
Cryptography
IS-2160TEL-2820
Cryptography
TEL-2821Network Security
TEL-2821Network Security
TEL-2825Infrs. Protection
TEL-2825Infrs. Protection
TEL-2829Adv. Cryptography
TEL-2829Adv. Cryptography
IS-2939TEL-2938
Advanced Topics
IS-2939TEL-2938
Advanced Topics
IS-2570Dev. Secure
Systems
IS-2570Dev. Secure
Systems
IS-2820/TEL-2813Security
Management
IS-2820/TEL-2813Security
Management
TEL-2830/IS2190Capstone
TEL-2830/IS2190Capstone
IS-2771E-commerce
Security
IS-2771E-commerce
Security
TEL-2000TEL-2120
TEL-2000TEL-2120
IS-2510IS-2511IS-2550IS-2710
IS-2510IS-2511IS-2550IS-2710
Expected Pre-requisite StructureExpected Pre-requisite Structure
Check SIS web Check SIS web pages for new pages for new
course numberscourse numbers
Check SIS web Check SIS web pages for new pages for new
course numberscourse numbers
20
SAMPLE
The Department of Information Science and Telecommunication’sLaboratory of Education and Research on Security Assured Information Systems
(LERSAIS),a National Center of Academic Excellence in Information Assurance Education (2004-
2007),hereby certifies that
Mr. John Smithhas successfully completed the requirements for the DIST’s IA certification in Fall 2004
The DIST’s IA certification requires a student to demonstrate competence in the following three IA courses
TELCOM 2810 Introduction to Computer Security;TELCOM 2820 Cryptography
TELCOM 2821 Network Security
These three courses have been certified by the National Security Agency (NSA) as meeting the following IA education standards set by the Committee on National Systems Security
(CNSS)NSTISSI No. 4011, Information Systems Security Professionals
NSTISSI No. 4012, Designated Approving Authority NSTISSI No. 4013, System Administrators in Information Systems Security
Ronald Larsen(Dean, School of Information Sciences)
21
Introduction to Security
Overview of Computer Security
22
Information Systems Security Deals with
Security of (end) systems Examples: Operating system, files in a host,
records, databases, accounting information, logs, etc.
Security of information in transit over a network Examples: e-commerce transactions, online
banking, confidential e-mails, file transfers, record transfers, authorization messages, etc.
“Using encryption on the internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench” –
Gene Spafford
23
Basic Components of Security Confidentiality
Keeping data and resources secret or hidden Integrity
Ensuring authorized modifications; Includes correctness and trustworthiness May refer to
Data integrity Origin integrity
Availability Ensuring authorized access to data and resources
when desired
Trust Management(Emerging Challenge)
Trust Management(Emerging Challenge)
CIACIA
24
CIA-based Model
NSTISSC 4011 Security Model (CNSS 4011)
25
Basic Components of Security Additional from NIST (National Institute
of Standards and Technology Accountability
Ensuring that an entity’s action is traceable uniquely to that entity
[Security] assurance Assurance that all four objectives are met
Other Non-repudiation:
false denial of an act
26
Interdependencies
confidentialityconfidentiality
IntegrityIntegrity
integrityintegrity
confidentialityconfidentiality
availabilityavailability
IntegrityIntegrity confidentialityconfidentiality
accountabilityaccountability
IntegrityIntegrity confidentialityconfidentiality
27
Security - Years back
Physical security Information was primarily on paper Lock and key Safe transmission
Administrative security Control access to materials Personnel screening Auditing
28
Information security today Emergence of the Internet and distributed
systems Increasing system complexity Open environment with previously unknown
entities interacting Digital information needs to be kept
secure Competitive advantage Protection of assets Liability and responsibility
29
Information security today Financial losses
The FBI estimates that an insider attack results in an average loss of $2.8 million
There are reports that the annual financial loss due to information security breaches is between 5 and 45 billion dollars
National defense Protection of critical infrastructures:
Power Grid; Air transportation; SCADA Interlinked government agencies
Bad Grade for most of the agencies (GAO Reports) DHS gets a failing grade (2005) !!
30
Terminology
SecurityFeatures
orServices
SecurityFeatures
orServices
Attackers/Intruders/Malfeasors
Security Architecture
ResourcesAssetsInformation
RequirementsPolicies
RequirementsPolicies
RequirementsPolicies
RequirementsPolicies
SecurityModels/
Mechanisms
SecurityModels/
Mechanisms
31
Attack Vs Threat A threat is a “potential” violation of
security The violation need not actually occur The fact that the violation might occur
makes it a threat It is important to guard against threats and
be prepared for the actual violation The actual violation of security is called
an attack
32
Common security attacks Interruption, delay, denial of receipt or denial of service
System assets or information become unavailable or are rendered unavailable
Interception or snooping Unauthorized party gains access to information by
browsing through files or reading communications Modification or alteration
Unauthorized party changes information in transit or information stored for subsequent access
Fabrication, masquerade, or spoofing Spurious information is inserted into the system or
network by making it appear as if it is from a legitimate entity
Repudiation of origin False denial that an entity did (send/create) something
33
Classes of Threats (Shirley) Disclosure: unauthorized access to information
Snooping Deception: acceptance of false data
Modification, masquerading/spoofing, repudiation of origin, denial of receipt
Disruption: interruption/prevention of correct operation
Modification Usurpation: unauthorized control of a system
component Modification, masquerading/spoofing, delay, denial
of service
34
Policies and Mechanisms A security policy states what is, and is
not, allowed This defines “security” for the
site/system/etc. Policy definition: Informal? Formal?
Mechanisms enforce policies Composition of policies
If policies conflict, discrepancies may create security vulnerabilities
35
Goals of Security Prevention
To prevent someone from violating a security policy Detection
To detect activities in violation of a security policy Verify the efficacy of the prevention mechanism
Recovery Stop policy violations (attacks) Assess and repair damage Ensure availability in presence of an ongoing attack Fix vulnerabilities for preventing future attack Retaliation against the attacker
36
Assumptions and Trust Policies and mechanisms have implicit
assumptions Assumptions regarding policies
Unambiguously partition system states into “secure” and “nonsecure” states
Correctly capture security requirements Mechanisms
Assumed to enforce policy; i.e., ensure that the system does not enter “nonsecure” state
Support mechanisms work correctly
37
Types of Mechanisms Let P be the set of all the reachable states Let Q be a set of secure states identified
by a policy: Q P Let the set of states that an enforcement
mechanism restricts a system to be R The enforcement mechanism is
Secure if R Q Precise if R = Q Broad if there are some states in R that are
not in Q
38
Types of Mechanisms
secure precise
broad
set R set Q (secure states)
39
Information Assurance Information Assurance Advisory Council (IAAC):
“Operations undertaken to protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation”
National Institute of Standards Technology“Assurance is the basis for confidence that the security measures, both technical and operational, work as intended to protect the system and the information it processes”
40
Assurance Assurance is to indicate “how much” to trust a system and is
achieved by ensuring that The required functionality is present and correctly implemented There is sufficient protection against unintentional errors There is sufficient resistance to intentional penetration or by-
pass Basis for determining this aspect of trust
Specification Requirements analysis Statement of desired functionality
Design Translate specification into components that satisfy the specification
Implementation Programs/systems that satisfy a design
41
Operational Issues Designing secure systems has operational
issues Cost-Benefit Analysis
Benefits vs. total cost Is it cheaper to prevent or recover?
Risk Analysis Should we protect something? How much should we protect this thing? Risk depends on environment and change with time
Laws and Customs Are desired security measures illegal? Will people do them? Affects availability and use of technology
42
Human Issues
Organizational Problems Power and responsibility Financial benefits
People problems Outsiders and insiders
Which do you think is the real threat? Social engineering
43
Tying all together: The Life Cycle
Operation & Maintenance
Implementation
Design
Specification
Policy
ThreatsHuman factor