Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 1: Overview modified from slides of Lawrie Brown.

Published byIsabel Williams Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture 1: Overview modified from slides of Lawrie Brown."— Presentation transcript:

1 Lecture 1: Overview modified from slides of Lawrie Brown

2 Outline The focus of this chapter is on three fundamental questions: What assets do we need to protect? How are those assets threatened? What can we do to counter those threats?

3 Computer Security Overview The NIST Computer Security Handbook defines the term Computer Security as: “The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources” includes hardware, software, firmware, information/data, and telecommunications.

4 The CIA Triad

5 Key Security Concepts Confidentiality preserving authorized restrictions on information access and disclosure. including means for protecting personal privacy and proprietary information Integrity guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity Availability ensuring timely and reliable access to and use of information Integrity Is this all?

6 Computer Security Challenges computer security is not as simple as it might first appear to the novice potential attacks on the security features must be considered procedures used to provide particular services are often counterintuitive physical and logical placement needs to be determined multiple algorithms or protocols may be involved

7 Computer Security Challenges attackers only need to find a single weakness, the developer needs to find all weaknesses users and system managers tend to not see the benefits of security until a failure occurs security requires regular and constant monitoring is often an afterthought to be incorporated into a system after the design is complete thought of as an impediment to efficient and user-friendly operation

8 Computer Security Terminology Adversary (threat agent) - An entity that attacks, or is a threat to, a system. Attack - An assault on system security that derives from an intelligent threat; a deliberate attempt to evade security services and violate security policy of a system. Countermeasure - An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.

9 Computer Security Terminology Risk - An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result. Security Policy - A set of rules and practices that specify how a system or org provides security services to protect sensitive and critical system resources. System Resource (Asset) - Data; a service provided by a system; a system capability; an item of system equipment; a facility that houses system operations and equipment.

10 Computer Security Terminology Threat - A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. Vulnerability - Flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.

11 Security Concepts and Relationships

12 Vulnerabilities, Threats and Attacks vulnerabilities – corrupted (loss of integrity) – leaky (loss of confidentiality) – unavailable or very slow (loss of availability) threats – capable of exploiting vulnerabilities – represent potential security harm attacks (threats carried out) – passive or active attempt to alter/affect system resources – insider or outsider

13 Countermeasures means used to deal with security attacks may introduce new vulnerabilities Residual vulnerabilities may remain goal is to minimize residual level of risk to the assets prevent detect recover

14 Threat Consequences Unauthorized disclosure is a threat to confidentiality Exposure: This can be deliberate or be the result of a human, hardware, or software error Interception: unauthorized access to data Inference: e.g., traffic analysis, use of limited access to get detailed information Intrusion: unauthorized access to sensitive data

15 Threat Consequences Deception is a threat to either system or data integrity Masquerade: e.g., an attempt by an unauthorized user to gain access to a system by posing as an authorized user; Trojan horse. Falsification: altering or replacing of valid data or the introduction of false data Repudiation: denial of sending, receiving or possessing the data.

16 Threat Consequences Disruption is a threat to availability or system integrity Incapacitation: a result of physical destruction of or damage to system hardware Corruption: system resources or services function in an unintended manner; unauthorized modification Obstruction: e.g. overload the system or interfere with communications

17 Threat Consequences Usurpation is a threat to system integrity. Misappropriation: e.g., theft of service, distributed denial of service attack Misuse: security functions can be disabled or thwarted

18 Scope of Computer Security

19 Computer and Network Assets

20 Passive and Active Attacks Passive attacks attempt to learn or make use of information from the system but does not affect system resources eavesdropping/monitoring transmissions difficult to detect emphasis is on prevention rather than detection two types: – release of message contents – traffic analysis Active attacks involve modification of the data stream goal is to detect them and then recover four categories: – masquerade – replay – modification of messages – denial of service

21

22 Answers to Questions 1 - The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). 3 - Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored. Active attacks include the modification of transmitted data and attempts to gain unauthorized access to computer systems. 4 - Passive attacks: release of message contents and traffic analysis. Active attacks: masquerade, replay, modification of messages, and denial of service.

Download ppt "Lecture 1: Overview modified from slides of Lawrie Brown."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
Chapter 18: Computer and Network Security Threats

Chapter 18: Computer and Network Security Threats
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.

Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 1: Overview.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 1: Overview.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)

“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1

Similar presentations

Ads by Google