Security Jerry den Hartog Room: MF 6.063 - PowerPoint PPT Presentation

(An Introduction to Computer) Security Jerry den Hartog Room: MF 6.063 http://www.win.tue.nl/~jhartog/CourseSecurity/

What is Security? Lets start with some free association

Course rse O Overvi rview Goal Challenge IT Infrastructures & Security Goals Approach Course Privacy Schedule Confidentiality EHR Network Integrity Availability

Course rse O Overvi rview Goal Challenge Threats & Countermeasures Approach Course Schedule EPD Network

Course rse O Overvi rview Goal See www.win.tue.nl/~jhartog/CourseSecurity Challenge Approach Topic Wednesday Topic Friday Lab session Schedule Introduction Cryptography basics Web of Trust Cryptography Network security basics HTTP basics, Sniffing and tampering Malware, web services Hashes, Certificates, SQL injection and XSS security etc. Access Control (AC) Digital Rights AC and session Management information stealing Authentication Authentication Authentication Flaws, (Passwords, (Hardware tokens) Password cracking Biometrics) Security Protocols Exercises: Security Session stealing & Protocol and side phishing channel attack Privacy and Anonymity Exercises & Exam --- Preparation

Se Security : : Wh What Wh When Wh Why & y & How Content Security What-When-Why-How What Why When How  What & When  How  Dependability ~ Security  Security approaches, models & tools  Security Attributes  Security trade-offs  Security Policies  Security architectures & engineering  Why  attacks & attackers  Analysing a scenario  common security issues  Security requirements  Measuring security  Conclusions

Se Secu curity: WWW&H WWW&H Content What Why When What How The Why of Security How

Se Secu curity: WWW&H WWW&H Content What To get Security... Why When How  prevent “disallowed” usage ? “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards” E. Spafford  ... and enable “allowed” usage ?  Difference “Dependability” and “Security” ?  Other options than prevention

Se Secu curity: WWW&H WWW&H Content Dependability vs. Security What Why When Dependability Problem ? How program x  only works half of the time  crashes the computer  may cause the computer to explode  no longer works with the firewall installed  can stop the firewall from working  posts all your emails on a public website  tracks all your online activities  changes the data used by program y Security Problem ?

The `What’ of security - Security Attributes Confidentiality Dependability Integrity Availability Privacy vs. Authenticity Non-repudiation Security (2) Accountability Basic Concepts and Taxonomy of Dependable and Secure Computing IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING

The `What’ of security - Security Attributes C-I-A Privacy Online Privacy Authenticity Non-repudiation Accountability Peter Steiner 1993 Nik Scott 2008

The `What’ of security - Security Attributes C-I-A Privacy Privacy Alice Authenticity Non-repudiation Accountability  EU directives (e.g. 95/46/EC) to protect privacy.  College Bescherming Persoonsgegevens (CBP)  What is privacy? • Users “ must be able to determine for themselves when, how, to what extent and for what purpose information about them is communicated to others ” (Definition PRIME, European project on privacy & ID management.)  Try to protect: Privacy Enhancing Technologies (PETs)

The `What’ of security - Security Attributes C-I-A EU Data Protection Directive Privacy Authenticity Non-repudiation Personal data usage requirements: Accountability  Notice of data being collected  Purpose for data use  Consent for disclosure  Informed who is collecting their data  Kept secure  Right to access & correct data  Accountability of data collectors

The `What’ of security - Security Attributes C-I-A Other Security Attributes Privacy Authenticity Non-repudiation  Authenticity Accountability  users or data are genuine  Prescription is real and issued by a genuine Md.  Non-repudiation  Cannot be denied (action/agreement/...)  Dr. cannot claim not issuing prescription To achieve (means): (Digital) signatures  Accountability  Ability to hold users accountable for their actions  Dr. can be identified, found and is liable for wrong prescriptions

The `When’ of security - Security policies Security Policies & Models  Policy: Specifies “allowed” / “disallowed”  Context; applies to ..., approved/imposed by ...  Usage; required enforcement, dealing with breaches  Different notions of `security policy’:  from general intention statement “Data shall only be available to those with a `need-to-know’”  to formal, detailed specification “drwxr-xr-x”, access control list, XACML policy, etc.  Security Model  (Formal) Framework to express and interpret policies. E.g. relations on Users - Objects - Permissions - Groups.

The `When’ of security - Security policies Security Policies & Models  Policy: Specifies “allowed” / “disallowed”  Context;  applies to ...,  approved/imposed by ...  Etc.  Usage;  required enforcement  dealing with breaches  Different notions of `security policy’  Security Model

The `When’ of security - Security policies Security Policies & Models  Policy: Specifies “allowed” / “disallowed”  Different notions of `security policy’:  from general intention statement “Data shall only be available to those with a `need-to-know’”  to formal, detailed specification “drwxr-xr-x”, access control list, XACML policy, etc.  Security Model

The `When’ of security - Security policies Security Policies & Models  Policy: Specifies “allowed” / “disallowed”  Different notions of `security policy’:  Security Model  (Formal) Framework to express and interpret policies. E.g. relations on Users - Objects - Permissions - Groups

Summerizing the What & When  Security attributes – what to achieve  Security Policies – When to achieve them  Security Model – Setting to interpret policies

What The Why of Security How

A day’s worth of security news (2012)  Android-malware verstopt zich via steganografie  Microsoft: hang op als we bellen  Google mailt gebruikers over nieuw privacybeleid  OpenDNS laat Mac-gebruiker onzichtbaar internetten  "Google Chrome ruimt andermans rotzooi op”  Cybercriminelen vluchten naar Sovjet-Unie  FBI zet 15.000 euro op hoofd internetoplichter  Microsoft en Google samen tegen phishing  Leerlingen opgepakt wegens hacken schoolcijfers  DigiD offline wegens hash collision-lek  Rootkit infecteert pc via Windows Media Player  Android-malware besmet miljoenen gebruikers Source: Security.nl

A day’s worth of security news (28-1-13)  58.000 toezichtcamera's open voor hackers  CBP: overheid weet veel te veel van ons  'WhatsApp schendt privacy gebruikers'  Autorun-worm houdt huis in Pakistan  200MB groot virus verrast onderzoekers  Pornosites veroorzaken piek in politievirussen  5 beveiligingstips voor WordPress-gebruikers  Afmeldlink e-mail blijft grootste bron van ergernis  Pentagon vervijfvoudigt aantal cybersoldaten  'Brussel moet privacy burgers beter beschermen'  Veel gemeenten lek door verouderde software  'Apple laat verwijderde iPhone sms'jes staan'  Oracle gaat veiligheid Java verbeteren Source: Security.nl

Attackers & Attacks  (WHAT) Break Security goals (Attributes)  (WHY) Reach Attacker goals  (WHO) IBM Attacker classification  I: Clever outsiders  II: Knowledgeable insiders  III: Funded Organisations  (WHO’) CPA - CCA - etc.  Formalization attack context  Attacker goals and capabilities

Some common security issues  Security as an after thought  Needs to be addressed from the start  Forgetting security depends on the whole system  Focusing where the risk isn't (...more below)  Single point of failure  Breach of a security feature causes complete breakdown of system  Security by obscurity  Obscurity may help but it is dangerous to have the security design depend on it (Kerckhoff’s principle)

Some common security issues (2)  Lack of Security policies  Lack of Preventative management  Keep systems up to date (e.g. patching)  Practice failure situations  Lack of Use of security features  E.g. Windows XP included firewall but not active (pre SP2)  Only need to check single checkbox  Relying on users for security AliceBob  expertise, awareness, priorities

Weakest Link – Different aspects of security  ``A chain is as strong as its weakest link’’  Security needs to be addressed in its whole; Looking at a single aspect is like looking at a single link.  system design (security not addressed)  quality of software (bugs in code)  strength of encryption (bad algorithm, bad `randomness’, length/chose of key)  system usage (bad passwords, not using security features)