Chapter 1 Computer Security Principles and Practice (Stallings/Brown)

What does confidentiality include?

Includes data confidentiality and privacy

Integrity

Includes data integrity and system integrity

Traffic Analysis

Opponent observes the pattern of these messages to determine the location and identity of communicating hosts and the frequency and length of messages being exchanged. Resulting in guessing the nature of communication that was taking place

Passive attack

Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the attacker is to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic analysis

Confidentiality

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information.

Denial of service

Prevents or inhibits the normal use or management of communication facilities. An entity may suppress all messages directed to a particular destination (e.g., the security audit service). It can also disrupt all network communications

Replay

Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

Why accountability?

Since truly secure systems are not yet an achievable goal, tracing a security breach to responsible parties is needed. This is done by keeping records of their activities to permit forensic analysis or to aid in transaction disputes

Modification of messages

Some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect.

Authenticity

The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source.

Computer Security

The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources including hardware, software, firmware, information/data, and telecommunications

Accountability

The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports non repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.

Adversary (threat agent)

Threat agent carries out the attack or threat action. An entity that attacks, or is a threat to, a system.

Heart of computer security

key objectives that are at the heart of computer security includes the triad of CIA 1. Confidentiality. 2. Integrity 3. Availability

Active and Passive Attack

1. Active attack: An attempt to alter system resources or affect their operation. 2. Passive attack: An attempt to learn or make use of information from the system that does not affect system resources.

Types of attack

1. Active attack: An attempt to alter system resources or affect their operations 2. Passive attack: An attempt to learn or make use of information from the system that does not affect system resources.

Categories of vulnerability

1. Corruption impacting Integrity where system does the wrong thing, gives wrong answers or has wrong data. 2. Leaky system impacting Confidentiality and giving access to unauthorized users. 3. System Unavailability or slow down making it impossible or impractical impacting availability.

Breach of security, low level of impact

1. Degradation in mission capability to an extent and duration that the organization is to perform its primary functions but the effectiveness of the functions is noticeably reduced. 2. Minor damage to organizational assets. 3. Minor financial loss. 4. Minor harm to individuals.

What attacks or threats can cause unauthorized disclosure?

1. Exposure: Directly releasing sensitive data to unauthorized entity. 2. Interception: Accessing sensitive data traveling between authorized source and destination. 3. Inference: Reasoning from characteristics or to gain access 4. Intrusion: Circumventing a system's security protection to gain access

Integrity severity examples

1. High - Patient allergy information which can cause serious harm or death. 2. Medium - Website forum for registered users. 3. Low integrity - Anonymous polls.

Confidentiality severity examples

1. High - Student grade information should be available only for students and parents - FERPA. 2. Student enrollment information- Moderate. 3. Directory information of students or teachers- Low confidentiality.

Availability severity levels

1. High- System providing authentication services for several other systems. 2. Medium- Public website of the university. 3. Low - Online telephonic directory.

What attacks or threats can cause disruption?

1. Incapacitation: Prevents or interrupts system operation by disabling a system component. 2. Corruption: Undesirably alters system operation by adversely modifying system functions or data. 3. Obstruction: A threat action that interrupts delivery of system services by hindering system operation.

Types of attack based on origin of attack

1. Inside attack: Initiated by an entity inside the security perimeter or an insider. The insider is authorized to access system resources but uses them in a way not approved by those who granted the authorization. 2. Outside attack: Initiated from outside the perimeter, by an unauthorized or illegitimate user of the system or an outsider.

What attacks or threats can cause deception?

1. Masquerade: An unauthorized entity gains access to a system or performs a malicious act by posing as an authorized entity. 2. Falsification: False data deceive an authorized entity. 3. Repudiation: An entity deceives another by falsely denying responsibility for an act.

What attacks or threats can cause usurpation?

1. Misappropriation: An entity assumes unauthorized logical or physical control of a system resource. 2. Misuse: Causes a system component to perform a function or service that is detrimental to system security.

Breach of security, moderate level of impact

1. Primary functions are not impacted, but Significant degradation in mission capability and effectiveness 2. Significant damage to organizational assets 3. Significant financial loss 4. Significant harm to individuals that does not involve loss of life or serious, life-threatening injuries.

Breach of security, High level of impact

1. Severe degradation or loss of mission capability to an extent and duration impacting some of its primary functions 2. Major damage to organizational assets; 3. Major financial loss; or 4. Severe or catastrophic harm to individuals involving loss of life or serious life-threatening injuries

Types of threat consequence

1. Unauthorized Disclosure - an entity gains access to data that is not authorized 2. Deception- authorized entity receiving false data and believing it to be true. 3. Disruption - Interruption or prevention of correct operation of system 4. Usurpation- Control of system by an unauthorized entity

Vulnerability

A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.

Masquerade

A masquerade takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.

Threat

A potential for violation of security, which exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.

Security Policy

A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.

Release of message content

A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.

Countermeasure

An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.

Threat consequence

An attack that is successful leads to undesirable violation of security, or threat consequence.

Risk

An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.

Privacy

Assure that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

System integrity

Assures that a system performs its intended function in unimpaired manner free from deliberate or inadvertent unauthorized manipulation of the system

Data integrity

Assures that information and programs are changed only in a specified an authorized manner

Availability

Assures that systems work promptly and service is not denied to authorized users

Attack

Attack is a threat that is carried out. threat action. An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.

Countermeasure

Countermeasure can be devised to prevent a particular type of attack from succeeding. When prevention is not possible, or fails in some instance, the goal is to detect the attack and then recover from the effects of the attack

Data Confidentiality

Data confidentiality assures private or confidential data is available to authorized users only.

System Resource or Asset

Data, service or a system capability, such as processing power or communication bandwidth; or an item of system equipment, a system component— hardware, firmware, software, or documentation; or a facility that houses system operations and equipment.

Active Attack Types

Four categories: replay, masquerade, modification of messages, and denial of service.

Integrity

Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information.