lecture 2 security overview
play

Lecture 2 - Security Overview CSE497b - Spring 2007 Introduction - PowerPoint PPT Presentation

Sep 16, 2023 •5 likes •195 views

Lecture 2 - Security Overview CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger

  1. Lecture 2 - Security Overview CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger

  2. Readings • Books – Perlman et al – Gollmann – Both are listed on calendar • Readings – Please check the calendar for the class readings – Today • Gollmann Chs. 1 and 2 • Next, Perlman Ch. 10, Gollmann Ch. 3 2 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  3. What is security? • “the property that a system behaves as expected” – G. Spafford and many others .... • Note that this does not say what a system should or should not do. – Implication -- there is no universal definition or test for security (why?) – Apply this definition to the ATM • How do you think an ATM should behave? • What should it do? • What should it not do? • We talk about expectations often in terms of confidentiality , integrity , and availability . 3 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  4. Risk • At- risk valued resources that can be misused – Monetary – Data (loss or integrity) – Time – Confidence – Trust • What does being misused mean? – Confidentiality (privacy or communication) – Integrity (personal or communication) – Availability (existential or fidelity) • Q: What is at stake in your life? 4 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  5. Adversary • An adversary is any entity trying to circumvent the security infrastructure – The curious and otherwise generally clueless (e.g., script- kiddies) – Casual attackers seeking to understand systems – Venal people with an ax to grind – Malicious groups of largely sophisticated users (e.g, chaos clubs) – Competitors (industrial espionage) – Governments (seeking to monitor activities) 5 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  6. Threats • A threat is a specific means by which a risk can be realized by an adversary – Context specific (a fact of the environment) – An attack vector is a specific threat (e.g., key logger) • A threat model is a collection of threats that deemed important for a particular environment – E.g., should be addressed – A set of “ security requirements ” for a system • Q: What were (unaddressed) risks/threats in the introductory examples? – SQL Slammer – Yale/Princeton 6 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  7. Vulnerabilities (attack vectors) • A vulnerability is a systematic artifact that exposes the user, data, or system to a threat – E.g., buffer-overflow, WEP key leakage • What is the source of a vulnerability? – Bad software (or hardware) – Bad design, requirements – Bad policy/configuration – System Misuse • unintended purpose or environment • E.g., student IDs for liquor store 7 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  8. Are users adversaries? • Have you ever tried to circumvent the security of a system you were authorized to access? • Have you ever violated a security policy (knowingly or through carelessness)? 8 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  9. Attacks • An attack occurs when someone attempts to exploit a vulnerability • Kinds of attacks – Passive (e.g., eavesdropping) – Active (e.g., password guessing) – Denial of Service (DOS) • Distributed DOS – using many endpoints • A compromise occurs when an attack is successful – Typically associated with taking over/altering resources 9 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  10. Participants • Participants are expected system entities – Computers, agents, people, enterprises, … – Depending on context referred to as: servers, clients, users, entities, hosts, routers, … – Security is defined with respect to these entitles • Implication: every party may have unique view • A trusted trusted third party – Trusted by all parties for some set of actions – Often used as introducer or arbiter 10 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  11. Trust • Trust refers to the degree to which an entity is expected to behave – What the entity not expected to do? • E.g., not expose password – What the entity is expected to do (obligations)? • E.g., obtain permission, refresh • A trust model describes, for a particular environment, who is trusted to do what? • Note: you make trust decisions every day – Q: What are they? – Q: Whom do you trust? 11 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  12. Related Terminology • Reliability - property of a system that indicates it will continue to function for long periods of time under varying circumstances • Survivability - ability of a system to maintain function during abnormal or environmentally troubling events • Privacy - the ability to stop information from becoming known to people other than those they choose to give the information • Assurance - confidence that system meets its security requirements • as typically evidenced by some evaluation methodology (FIPs 192, Common Criteria) 12 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  13. Security Model • A security model is the combination of a trust and threat models that address the set of perceived risks – The “security requirements” used to develop some cogent and comprehensive design – Every design must have security model • LAN network or global information system • Java applet or operating system – The single biggest mistake seen in use of security is the lack of a coherent security model – It is very hard to retrofit security (design time) • This class is going to talk a lot about security models – What are the security concerns (risks)? – What are the threats? – Who are our adversaries? – Who do we trust and to do what? • Systems must be explicit about these things to be secure. 13 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  14. Review • An adversary is a subject who tries to gain unauthorized access • A threat is a mechanism that the adversary is capable of employing to gain unauthorized access • A risk is a loss due to an adversary gaining unauthorized access • A vulnerability is a flaw in a that enables a threat to allow the adversary unauthorized access • A threat model describes all the mechanisms available to the adversaries • A trust model describes all the subjects that are trusted not to have vulnerabilities that can be abused or be adversaries • A security model consists of a threat model and a trust model (functional and security goals as well) 14 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  15. Security Overview • Security can be separated into many ways, e.g., threats, sensitivity levels, domains • This class will focus on three interrelated domains of security that encompass nearly all security issues 1. Network Security 2. Systems Security 3. Program Security • There are other areas, e.g., physical security, privacy, etc. that will not directly be covered. 15 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  16. Common problems in network security • Network security attempts to protect communication between hosts carried by the (often untrusted) network. – Eavesdropping communication ( confidentiality ) – Modifying communication ( integrity ) – Preventing communication ( availability ) • Example: securing application traffic (Web) – Protecting on network (HTTP requests/responses) – As passing through intermediaries (proxies) – In server (from malicious requests) – Protecting the client (from malicious content) 16 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  17. Common problems in systems security • Systems security attempts to protect data held on hosts and sometimes (sometimes untrusted) storage. – Prevention of sensitive data leakage ( confidentiality ) • Also known as information flow governance – Prevention of data corruption ( integrity ) – Controlling data response ( availability ) • Systems Security: Controlling Data Leakage • on disk (key in clear -- encrypt with pass phrase) • provide pass-phrase (window manager) • memory of program • swap memory to swap space 17 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

  18. Common problems in program security • Program security attempts to protect data received, held, and output on a (sometimes untrusted) host. – Prevention of sensitive data leakage ( confidentiality ) • Also known as information flow governance – Prevention of data corruption ( integrity ) – Controlling data access ( availability ) • Example: Handling A Remote Request • process user request (authenticate, authorize) • data-driven attack from request • buffer overflows 18 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page

Recommend

Where are we at - Topic overview Lecture 1A: Security requirements/features Lecture 7A

Where are we at - Topic overview Lecture 1A: Security requirements/features Lecture 7A

Where are we at - Topic overview Lecture 1A: Security requirements/features Lecture 7A Threatens Privacy Threatens Try to achieve Lecture 2B: Network threats Lecture 3A: Attacks on Lecture 6A: Security Protocols Web servers, malware

381 views • 25 slides
TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Eike Ritter Network Security -

881 views • 38 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
TCP/IP: Ethernet, IP, and ARP (and a PGP refresher) Network Security Lecture 2 Any questions

TCP/IP: Ethernet, IP, and ARP (and a PGP refresher) Network Security Lecture 2 Any questions

TCP/IP: Ethernet, IP, and ARP (and a PGP refresher) Network Security Lecture 2 Any questions on Administrativia, organizational matters? Historical/cultural overview? Eike Ritter Network Security - Lecture 2 1 Today PGP in 6

431 views • 42 slides
Lecture #1 Course overview Basics of security Access control matrix Primitive

Lecture #1 Course overview Basics of security Access control matrix Primitive

Lecture #1 Course overview Basics of security Access control matrix Primitive operations and commands Miscellaneous points January 12, 2009 ECS 235B Winter Quarter 2009 Slide #1-1 Matt Bishop, UC Davis Course Overview:

560 views • 18 slides
Network Security I: Overview April 13, 2015 Lecture by: Kevin Chen Slides credit: Vern Paxson,

Network Security I: Overview April 13, 2015 Lecture by: Kevin Chen Slides credit: Vern Paxson,

Network Security I: Overview April 13, 2015 Lecture by: Kevin Chen Slides credit: Vern Paxson, Dawn Song 1 network security 2 s T o d a y L e c t u r e Networking overview + security issues Keep in mind, networking is:

1.02k views • 71 slides
TCP/IP: TCP Network Security Lecture 7 Eike Ritter Network Security - Lecture 7 1 TCP

TCP/IP: TCP Network Security Lecture 7 Eike Ritter Network Security - Lecture 7 1 TCP

TCP/IP: TCP Network Security Lecture 7 Eike Ritter Network Security - Lecture 7 1 TCP spoofing Alice trusts Bob (e.g., logins on Alice are allowed with no password if TCP connection comes from host Bob) Mallory wants to impersonate

923 views • 17 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Outline Security Principles and Policies Security terms and concepts CS 239 Security

Outline Security Principles and Policies Security terms and concepts CS 239 Security

Outline Security Principles and Policies Security terms and concepts CS 239 Security policies Computer Security Basic concepts Peter Reiher Security policies for real systems January 13, 2005 Lecture 2 Lecture 2 Page 1

347 views • 9 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code,

210 views • 18 slides
CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed:

CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed:

CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code, we

211 views • 18 slides
CSE 154 LECTURE 25: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 25: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 25: WEB SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code,

445 views • 18 slides
Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

1/24/2012 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Network Security Lecture 5 Eike Ritter Network

281 views • 7 slides
CCM4350 Security Architecture and Engineering Lecture 2 Security Design Principles 15.10.2012

CCM4350 Security Architecture and Engineering Lecture 2 Security Design Principles 15.10.2012

CCM4350 Security Architecture and Engineering Lecture 2 Security Design Principles 15.10.2012 1 Content of Todays Lecture Summary and Wrap up on Security Terminology The Fundamental Dilemma of Security Five Design Principles

801 views • 25 slides
Announcements This Thursday: Last lecture! Special Lecture on Smart Transportation Security

Announcements This Thursday: Last lecture! Special Lecture on Smart Transportation Security

Announcements This Thursday: Last lecture! Special Lecture on Smart Transportation Security Recent advance in security issues of self-driving cars and smart traffic light --- one of the most disruptive tech today, impacting the safety

518 views • 29 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL:

CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL:

CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 OS Security An secure OS should provide the

873 views • 28 slides
CompSci 356: Computer Network Architectures Lecture 24: Network Security Xiaowei Yang

CompSci 356: Computer Network Architectures Lecture 24: Network Security Xiaowei Yang

CompSci 356: Computer Network Architectures Lecture 24: Network Security Xiaowei Yang xwy@cs.duke.edu Overview Why studying network security? The topic itself is worth another class Basic cryptography building blocks

768 views • 49 slides
Lecture 1: Introduction and Overview January 4, 2011 Lecture 1, Slide 1 ECS 235B, Foundations of

Lecture 1: Introduction and Overview January 4, 2011 Lecture 1, Slide 1 ECS 235B, Foundations of

Outline About This Course Basic Components Policy and Mechanism Assurance Practical Issues Lecture 1: Introduction and Overview January 4, 2011 Lecture 1, Slide 1 ECS 235B, Foundations of Information and Computer Security January 4, 2011

412 views • 28 slides
Network Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture

Network Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture

Network Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 9 Page 1 CS 236 Online Some Important Network Characteristics for Security Degree of locality Media used Protocols used Lecture 9

156 views • 11 slides
CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL:

CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL:

CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Mandatory Access Control Is about administration

462 views • 19 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 2 Material from Chapter 2 in

Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 2 Material from Chapter 2 in

Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 2 Material from Chapter 2 in textbook and Lecture 2 handout (Chapter 8, Bishops book) Slides adapted from Matt Bishop Overview Classical Cryptography Csar cipher

897 views • 50 slides

More recommend