Академический Документы
Профессиональный Документы
Культура Документы
Course site: Moodle Midterm Exams: 30% Final exam: 30% Assignment and Projects: 35% Participation: 5%
Midterm Exams (tentative): October 12, 2011 Final exam: December 14, 8:00pm 10:30pm, 2011 (check UNCC website for the final date)
Other details
Office hours: Wednesday 4:00pm6:00pm at Woodward Hall 310G Drop in any time or send an email Slides on web site, a few hours before class TA:
Textbooks
Textbooks William Stallings and Lawrie Brown. Computer Security, Principles and Practice. Pearson Prentice Hall. ISBN-13: 978-0-13-600424-0. ISBN-10: 0-13-600424-5. Recommended Reading
Optional readings: Ross Anderson. Security Engineering, a guide to building dependable distributed systems. ISBN: 0471389226
Policies
Discussion of project is allowed, collaboration costs points Please DO observe the academic integrity, cheating is immediately out
Confidentiality
Only authorized people can see protected data Prevention/detect/deter improper disclosure of information
Confidentiality (cont.)
We will often use Alice and Bob Alice is on a vacation and wants to send a command to her assistantBobor just a computer to control the nuclear power plant, how can she do that?
Confidentiality (cont.)
There are eavesdroppers that can listen on the communication channels Information needs to be forwarded through packet switches, and these switches can be reprogrammed to listen to or modify data in transit Is it hopeless for Alice?
Integrity
Precise Accurate Unmodified Modified only in acceptable way Modified by authorized subject Consistent
Availability
4.
5. 6.
7.
8. 9.
10.
not simple must consider potential attacks procedures used counter-intuitive involve algorithms and secret info must decide where to deploy mechanisms battle of wits between attacker / admin not perceived on benefit until fails requires regular monitoring too often an after-thought regarded as impediment to using system
Achieving security
Security Policy
Organizational Policy
Risk Management
Threats
Possible attacks on the systems Weakness that may be exploited to cause loss or harm A measure of the possibility of security breaches and severity of the ensuing damage
Vulnerabilities
Risks
Threats
Passive attacks
1. 2.
Illegal interception Traffic analysis Denial of Service un-authorised modification Fabrication (Impersonation) Replay Man-in-the-middle attacks
Active attacks
1. 2.
3.
4. 5.
Illegal Interception
also called un-authorised access example: US military Tempest program measures how far away an intruder must be before eavesdropping is impossible.
The movement of electron can be measured from a surprising distance (control zone)
Eavesdropper
Traffic analysis
Military applications (spy identification) Onion routing http://www.onionrouter.net/ Anonymizer http://www.anonymizer.com/ Findnot: http://www.findnot.com P2P anonymization http://www.pdos.lcs.mit.edu/tarzan/index. html Untraceable E-mails: Mix by David Chaum
Denial of Service
also called Interruptionrecent example: DDoS information resources (hardware, software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction
S R
Un-authorized Modification
un-authorised access & tampering with a resource (data, programs, hardware devices, copy of hand-written signature, etc.)
Perpetrator
Masquerader: from S
Replay attacks
The attacker records a valid transaction and plays it back again later Most often when a same shared key is used between two peers Defending against replay attacks is possible but painful as it requires maintenance of state
Man-in-the-middle attack
MITM attacks: Alice attackerreal site There are several reported attacks (we will come to this topic later) Mafia in the Middle attack Alice coffee Jewelry
IFF System
IFF = Identify Friend or Foe Used by the military to avoid shooting at friendly units Unless implemented correctly IFF systems may subject to man-in-the-middle attack
In the late 1980s, the South African Defense Force (SADF) was fighting a war in northern Namibia and southern Angola with a goal to keep Namibia under white rule and impose UNITA as a client government During this conflict, the Cubans broke the South African Air Force (SAAF) identify-friend-or-foe (IFF) system by performing a man-in-the-middle attack SADF casualties were proof that air supremacy was lost, and a factor in abandoning Nambia
Cubans waited until SAAF bombers cross into Angola airspace Cubans then sent MIGs directly into SA air space in Namibia SAAF anti-aircraft defenses challenge incoming MIGs using IFF MIGs relay challenge to Angolan anti-aircraft defenses devices Angolan devices bounce the IFF challenge to the SAAF bombers and then relayed back to the MIGs in real time MIGs use it to cause the SAAF anti-aircraft defenses to stand down
MIG 1
SAAF F15
Identification of Risk
Asset Resource, product, data Threat Action with a negative impact Vulnerability Absence of control Safeguard Control or countermeasure
Risk Analysis
Exposure Factor
Single Loss Expectancy (SLE) Expected financial loss for single event
SLE = Asset Value x Exposure Factor represents estimated frequency in which threat will occur within one year
X.800, Security Architecture for OSI systematic way of defining requirements for security and characterizing approaches to satisfying them defines:
security attacks - compromise security security mechanism - act to detect, prevent, recover from attack security service - counter security attacks
Security Taxonomy
Security Trends
specification/policy
what is the security scheme supposed to do? codify in policy and procedures how does it do it? prevention, detection, response, recovery does it really work? assurance, evaluation
implementation/mechanisms
correctness/assurance
Reading Assignments
Chapter 1 of the textbook and some of the recommended readings and web sites mentioned in section 1.8