Chapter 1 Computer Security Principles and Practice (Stallings/Brown)
What does confidentiality include?
Includes data confidentiality and privacy
Integrity
Includes data integrity and system integrity
Traffic Analysis
Opponent observes the pattern of these messages to determine the location and identity of communicating hosts and the frequency and length of messages being exchanged. Resulting in guessing the nature of communication that was taking place
Passive attack
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the attacker is to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic analysis
Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information.
Denial of service
Prevents or inhibits the normal use or management of communication facilities. An entity may suppress all messages directed to a particular destination (e.g., the security audit service). It can also disrupt all network communications
Replay
Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
Why accountability?
Since truly secure systems are not yet an achievable goal, tracing a security breach to responsible parties is needed. This is done by keeping records of their activities to permit forensic analysis or to aid in transaction disputes
Modification of messages
Some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect.
Authenticity
The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source.
Computer Security
The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources including hardware, software, firmware, information/data, and telecommunications
Accountability
The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports non repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.
Adversary (threat agent)
Threat agent carries out the attack or threat action. An entity that attacks, or is a threat to, a system.
Heart of computer security
key objectives that are at the heart of computer security includes the triad of CIA 1. Confidentiality. 2. Integrity 3. Availability
Active and Passive Attack
1. Active attack: An attempt to alter system resources or affect their operation. 2. Passive attack: An attempt to learn or make use of information from the system that does not affect system resources.
Types of attack
1. Active attack: An attempt to alter system resources or affect their operations 2. Passive attack: An attempt to learn or make use of information from the system that does not affect system resources.
Categories of vulnerability
1. Corruption impacting Integrity where system does the wrong thing, gives wrong answers or has wrong data. 2. Leaky system impacting Confidentiality and giving access to unauthorized users. 3. System Unavailability or slow down making it impossible or impractical impacting availability.
Breach of security, low level of impact
1. Degradation in mission capability to an extent and duration that the organization is to perform its primary functions but the effectiveness of the functions is noticeably reduced. 2. Minor damage to organizational assets. 3. Minor financial loss. 4. Minor harm to individuals.
What attacks or threats can cause unauthorized disclosure?
1. Exposure: Directly releasing sensitive data to unauthorized entity. 2. Interception: Accessing sensitive data traveling between authorized source and destination. 3. Inference: Reasoning from characteristics or to gain access 4. Intrusion: Circumventing a system's security protection to gain access
Integrity severity examples
1. High - Patient allergy information which can cause serious harm or death. 2. Medium - Website forum for registered users. 3. Low integrity - Anonymous polls.
Confidentiality severity examples
1. High - Student grade information should be available only for students and parents - FERPA. 2. Student enrollment information- Moderate. 3. Directory information of students or teachers- Low confidentiality.
Availability severity levels
1. High- System providing authentication services for several other systems. 2. Medium- Public website of the university. 3. Low - Online telephonic directory.
What attacks or threats can cause disruption?
1. Incapacitation: Prevents or interrupts system operation by disabling a system component. 2. Corruption: Undesirably alters system operation by adversely modifying system functions or data. 3. Obstruction: A threat action that interrupts delivery of system services by hindering system operation.
Types of attack based on origin of attack
1. Inside attack: Initiated by an entity inside the security perimeter or an insider. The insider is authorized to access system resources but uses them in a way not approved by those who granted the authorization. 2. Outside attack: Initiated from outside the perimeter, by an unauthorized or illegitimate user of the system or an outsider.
What attacks or threats can cause deception?
1. Masquerade: An unauthorized entity gains access to a system or performs a malicious act by posing as an authorized entity. 2. Falsification: False data deceive an authorized entity. 3. Repudiation: An entity deceives another by falsely denying responsibility for an act.
What attacks or threats can cause usurpation?
1. Misappropriation: An entity assumes unauthorized logical or physical control of a system resource. 2. Misuse: Causes a system component to perform a function or service that is detrimental to system security.
Breach of security, moderate level of impact
1. Primary functions are not impacted, but Significant degradation in mission capability and effectiveness 2. Significant damage to organizational assets 3. Significant financial loss 4. Significant harm to individuals that does not involve loss of life or serious, life-threatening injuries.
Breach of security, High level of impact
1. Severe degradation or loss of mission capability to an extent and duration impacting some of its primary functions 2. Major damage to organizational assets; 3. Major financial loss; or 4. Severe or catastrophic harm to individuals involving loss of life or serious life-threatening injuries
Types of threat consequence
1. Unauthorized Disclosure - an entity gains access to data that is not authorized 2. Deception- authorized entity receiving false data and believing it to be true. 3. Disruption - Interruption or prevention of correct operation of system 4. Usurpation- Control of system by an unauthorized entity
Vulnerability
A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.
Masquerade
A masquerade takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.
Threat
A potential for violation of security, which exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.
Security Policy
A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
Release of message content
A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.
Countermeasure
An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.
Threat consequence
An attack that is successful leads to undesirable violation of security, or threat consequence.
Risk
An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.
Privacy
Assure that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed
System integrity
Assures that a system performs its intended function in unimpaired manner free from deliberate or inadvertent unauthorized manipulation of the system
Data integrity
Assures that information and programs are changed only in a specified an authorized manner
Availability
Assures that systems work promptly and service is not denied to authorized users
Attack
Attack is a threat that is carried out. threat action. An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
Countermeasure
Countermeasure can be devised to prevent a particular type of attack from succeeding. When prevention is not possible, or fails in some instance, the goal is to detect the attack and then recover from the effects of the attack
Data Confidentiality
Data confidentiality assures private or confidential data is available to authorized users only.
System Resource or Asset
Data, service or a system capability, such as processing power or communication bandwidth; or an item of system equipment, a system component— hardware, firmware, software, or documentation; or a facility that houses system operations and equipment.
Active Attack Types
Four categories: replay, masquerade, modification of messages, and denial of service.
Integrity
Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information.