430 likes | 792 Views
CS3600: Introduction to Computer Security. Introduction and Course Overview. About the Class. Survey in computer security A mile wide, an inch deep Foundations for further research and education at NPS and beyond Lectures will be conceptual, labs will allow you to apply those concepts
E N D
CS3600: Introduction to Computer Security Introduction and Course Overview
About the Class • Survey in computer security • A mile wide, an inch deep • Foundations for further research and education at NPS and beyond • Lectures will be conceptual, labs will allow you to apply those concepts • Don't take this the wrong way: this class will not enable you to claim to be a security expert or to build or design secure systems • Develop some understanding and intuition about security • Moral: Building secure systems is hard and subtle (for everyone!)
About the Class—Course Topics • Broken into (currently) 9 units; units are about 1 week, some more some less • Unit 1: Introduction • Unit 2: Intro to Crypto & Symmetric Key Crypto • Unit 3: Public Key Crypto & Crypto Protocols • Unit 4: Identity & Authentication • Unit 5: Secure Systems • Unit 6: Software Security, Malware, and Mitigation • Unit 7: Access Control & Trusted Computing • Unit 8: Security Evaluation • Unit 9: Network Security
This Friday • There is lab this Friday • Familiarize you with the lab environment • Introduce basics of Python programming • Work out any kinks in your lab infrastructure • If you've never interacted with Linux (or other *NIX OS) or if you've never programmed in Python: DO NOT MISS THIS LAB!
Instructor Info • LCDR Mark Heller, USN • Office GE 222 • (w) 831-656-2220 • (c) 831-264-3108 • mdheller@nps.edu
Unit 1 Introduction
Security is… • Historical & Contemporary • Cross Disciplinary • Mathematics • Software • Hardware • Physics • Electrical Engineering • Psychology • Economics • Law • …
Security: What is it good for? • Needed because we don't live in a "perfect" world • We need tools to protect ourselves from "imperfections" • When computer security fails: • Loss of data • Loss of money • Loss of privacy/reputation • Loss of life
Why Security is Hard • Constantly evolving research and practice • Most active "build & break" field • One of the only fields where breaking something is considered a contribution • Tradeoff between usability and security—users often don't perceive any benefit from security measures • Essentially asymmetric playing field • Proving absence of any flaw much harder than finding some flaw • Defenders must always be right; attackers only need to be right once • Legacy and many current systems not designed for security—it is often an afterthought • Perfect security is infeasible given finite budgets • What choices do we make? • What are the costs? • Multi-faceted with wide-ranging attacks—one weak link breaks the chain
What is Security? • What does it mean for something to be secure?
What is Security? • Are these different types of security flaws? • Should the camera have been designed to see through objects?
What is Security • Security is ill-defined • Someone "broke" it, but it was never meant to do that • Constantly evolving set of requirements • Human factors are particularly under-defined and dynamic • Requirements may be in apparent conflict with one another • Example: Votes should be both authentic and anonymous They should be private, yet the aggregate is public
What is Security? • Protection that keeps an entity free from danger or threats • Often, is objective-based • Keeping data secure • Ensuring computations are authentic or free of faults • Making services available • For computer security, we must consider • Hardware – Software • Firmware – Data (in its many states) • Communication – Physics It's all fair game!
What is Privacy? • Negative rights • Right to not be tracked and surveyed • Right to not have our data aggregated and sold • Right to be left alone • Is it orthogonal to security? Part of security? • Do senior officers want to be easily recognized on the battlefield? • Are you allowed to cast your vote during an election in a publicly viewable place?
Threats • What is a threat? • What types of threats to information do we worry about?
Threats • Threat: something with the potential to cause loss or harm • Examples relating to computers include: • Theft (loss of copy) • Destruction or interruption • Alteration or fabrication • Impersonation • Causing the perception of harm—bad publicity, loss of credibility
Vulnerabilities • What is a vulnerability? • What types of vulnerability do we worry about in the physical world?
Vulnerabilities • Vulnerability: a weakness in the system that MAY be exploited resulting in loss or harm • Crack in the dam • Unlocked door • Bad brakes • Unpatched software
Threats + Vulnerabilities • Threat is a potential for loss or harm • Vulnerability is an existing weakness • Risk should relate to the value of the asset Risk Vulnerability Asset Threat
In the Digital World • Electronic Data is easy to: • Copy • Destroy • Alter • Share • Access and deny access to • Often our requirements are at odds with one another
Requirements • "The CIA triad" A good starting place for understanding simple requirements • Confidentiality • Integrity • Availability
Confidentiality • Data Confidentiality: the ability to prevent unauthorized disclosures of data • Sometimes called privacy or secrecy • What are some techniques we use in the physical world to maintain confidentiality? • Do these techniques prevent tampering or ensure authenticity?
Integrity • Data Integrity • Accurate and consistent across accesses • Prevent and/or detect modification • Authenticity: truthfulness in origin • What are some techniques we use in the physical world? • Do these methods prevent unauthorized disclosure?
Availability • Data Availability: data access when and where needed • Information is accessible • Availability should not be delayed beyond its value • Bounded wait times • Information timeliness has value • What are some techniques we use in the physical world to ensure availability? • Do these techniques prevent unauthorized disclosure or ensure integrity/authenticity?
Striking a Balance Confidentiality Online software Stock quote Bank balance Medical Record MP3 Integrity Availability
Striking a Balance • Principle of Adequate Protection • Ex: Video game industry "… there is no tail. Literally, you will get most of your sales within three months of launch …" Denis Dyack (founder, Silicon Knights) Items must be protected to a degree consistent with their value. They must be protected only until they lose their value.
Keep in Mind: States of Data • Data can be • At rest • In transit • In process • Different techniques are required to secure data at each state • Possibly different interpretations of security at each state
CIA is just the beginning of the story… • Non-repudiation: inability to deny an action you took Ex: signing a contract before a notary (difficult to claim you didn't sign) • Unlinkability: inability to associate two pieces of data (based on source) Ex: shopping at two different stores with cash • Anonymity: cannot determine source of data, among set of possible sources Ex: associating voters with their ballots • Unobservability: state of items indistinguishable from other items Ex: buying a can of soda from a vending machine Ex: listening to the radio We will be looking at Confidentiality and Integrity for a while…
Attackers • Who are we securing ourselves against and what can they do? • Impersonate and falsify (people and software) • Overwhelm and misuse • Manipulate and corrupt (at rest, in transit, or in process) • Hide (themselves, their tools) • Collaborate and investigate Attackers do not have to play by the rules!!!
Attackers • In some ways, it's not as easy to be an attacker anymore • Low-hanging fruit is gone • Creating exploits is challenging • In other ways it's much easier • Targets are numerous • Attackers are better connected • Expanding markets for malicious behavior (at all levels) • What differentiates a professional from an amateur is often their motivation • Ego • Money • Politics
Attackers: Amateur Techniques • Exploit well-known and un-patched vulnerabilities • "Script kiddies"—leveraging the intelligence of others • Persistent and non-targeted attackers • Example countermeasures • Keeping systems up to date • Limiting your attack surface (e.g., minimize services)
Attackers: Professional Techniques • Sophisticated, well-funded, previously unknown techniques • Distributed across the globe (multiple jurisdictions) • Targeted victims or wide-net approaches • Find complex vulnerabilities (zero-day) • Play psychological games (phishing, trojans, pre-texting, dumpster diving) • Run large networks of compromised computers (botnets) • Be a mole, install a backdoor
Attackers • Defense is difficult • Does keeping a system up-to-date (hardening) insure safety? • What about installing the latest anti-virus software? • Legal issues • Finding • Prosecuting
Black Hat & White Hat • Often beneficial to pretend to be the bad guy • Secure your own systems • Learn about your weaknesses • Red Team / Tiger Team (Friendly Cyber Defense Forces) • Ethical limitations?