04/21/23 1

Computer Security

Introduction

04/21/23 2

Basic Components

1. Confidentiality: Concealment of information (prevent unauthorized disclosure of information).2. Integrity: Trustworthiness of data/resources (prevent unauthorized modifications).

• Data integrity• Origin integrity (authentication)

3. Availability: Ability to use information/resources. (prevent unauthorized withholding of information/resources).

04/21/23 3

Basic Components

Additionally:Authenticity, accountability, reliability, safety, dependability, survivability . . .

04/21/23 4

Confidentiality

Historically, security is closely linked to secrecy. Security involved a few organizations dealing mainlywith classified data.However, nowadays security extends far beyond confidentiality.Confidentiality involves:• privacy: protection of private data,• secrecy: protection of organizational data.

04/21/23 5

Integrity

“Making sure that everything is as it is supposed to be.”For Computer Security this means: Preventing unauthorized writing or modifications.

04/21/23 6

Availability

For Computer Systems this means that:Services are accessible and useable (without undue Delay) whenever needed by an authorized entity.

For this we need fault-tolerance.Faults may be accidental or malicious (Byzantine).Denial of Service attacks are an example of malicious attacks.

04/21/23 7

Relationship between Confidentiality Integrity and Availability

Integrity

Confidentiality

Secure

Availability

04/21/23 8

Other security requirements• Reliability – deals with accidental damage,• Safety – deals with the impact of system failure caused by the

environment,• Dependability – reliance can be justifiably placed on the system• Survivability – deals with the recovery of the system after

massive failure.• Accountability -- actions affecting security must be traceable to the responsible party. For this,

– Audit information must be kept and protected,– Access control is needed.

04/21/23 9

Basic Components

Threats – potential violations of securityAttacks – violationsAttackers – those who execute the violations

04/21/23 10

Threats

• Disclosure or unauthorized access• Deception or acceptance of falsified data• Disruption or interruption or prevention• Usurpation or unauthorized control

04/21/23 11

More threats• Snooping (unauthorized interception)• Modification or alteration

– Active wiretapping– Man-in-the-middle attacks

• Masquerading or spoofing• Repudiation of origin• Denial of receipt• Delay• Denial of Service

04/21/23 12

Policy and Mechanisms

1. A security policy is a statement of what is / is not allowed.

2. A security mechanism is a method or tool that enforces a security policy.

04/21/23 13

Assumptions of trustLet • P be the set of all possible states of a system

• Q be the set of secure states

A mechanism is secure if P ≤ Q A mechanism is precise if P = Q A mechanism is broad if there are states in P which

are not in Q

04/21/23 14

AssuranceTrust cannot be quantified precisely. System specifications design and implementation can provide a basis for how much one can trust a system. This is called assurance.

04/21/23 15

Goals of Computer Security

Security is about protecting assets.This involves:• Prevention• Detection • Reaction (recover/restore assets)

04/21/23 16

Computer Security

How to achieve Computer Security: 1. Security principles/concepts: explore general

principles/concepts that can be used as a guide to design secure information processing systems.

2. Security mechanisms: explore some of the security mechanisms that can be used to secure information processing systems.

3. Physical/Organizational security: consider physical & organizational security measures (policies)

04/21/23 17

Computer Security

Even at this general level there is disagreement on the precise definitions of some of the required security aspects.References:• Orange book – US Dept of Defense, Trusted Computer System

Evaluation Criteria.• ITSEC – European Trusted Computer System Product Criteria.• CTCPEC – Canadian Trusted Computer System Product

Criteria

04/21/23 18

Fundamental Dilemma: Functionality or Assurance

• Security mechanisms need additional computational

• Security policies interfere with working patterns, and can be very inconvenient.

• Managing security requires additional effort and costs.

• Ideally there should be a tradeoff.

04/21/23 19

Operational issues

Operational issues– Cost-benefit analysis

• Example: a database with salary info, which is used by a second system to print pay checks

– Risk analysis• Environmental dependence• Time dependence• Remote risk

04/21/23 20

Laws and Customs

• Export controls• Laws of multiple jurisdiction• Human issues

– Organizational problems (who is responsible for what)– People problems (outsiders/insiders)

04/21/23 21

Tying it all together: how ????