Copyright, 2013-15 1. Copyright, 2013-15 2 Copyright, 2013-15 3.

Copyright,2013-15

1

Copyright,2013-15

2

QuickTime™ and aTIFF (LZW) decompressor

are needed to see this picture.QuickTime™ and aTIFF (LZW) decompressor

are needed to see this picture.



Copyright,2013-15

3





QuickTime™ and aTIFF (LZW) decompressorare needed to see this picture.QuickTime™ and a

TIFF (LZW) decompressorare needed to see this picture.





Copyright,2013-15

4

•







Copyright,2013-15

5

Neworked Information SystemsThis Series of Six Lectures1. Application Architectures

.1 Master-Slave Architecture

.2 Client-Server Architecture• Cloud Computing

.3 Peer-to-Peer (P2P) Architecture2. Categories of Networked Application

.1 Mobile Computing

.2 Web 2.0 and Social Media

3. Networked Info Systems Security

.1 Security of Info and I.T.

.2 Malware and Other Attacks

.3 Mobile Security

Copyright,2013-15

6

COMP 2410 – Networked Information Systems

SC1 – Security of Information and I.T.

Roger ClarkeXamax Consultancy, Canberra

Visiting Professor, A.N.U. and U.N.S.W.

http://www.rogerclarke.com/II/NIS2410.html#L4http://www.rogerclarke.com/II/NIS2410-4 {.ppt, .pdf}

ANU RSCS, 1 April 2015

Copyright,2013-15

7

The Notion of Security

A condition in which harm does not arise

despite the occurrence of threatening events

A set of safeguards whose purpose is

to achieve that condition

Copyright,2013-15

8

Information Security

• Data SecrecyPrevent access by those who should not

see it

Copyright,2013-15

9


• Data SecrecyPrevent access by those who should not see

it

• Data Quality / Data IntegrityPrevent inappropriate change and deletion

• Data AccessibilityEnable access by those who should have it

Copyright,2013-15

10


• Data Secrecy ConfidentialityPrevent access by those who should not see

it

• Data Quality / Data ... IntegrityPrevent inappropriate change and deletion

• Data Accessibility AvailabilityEnable access by those who should have it

'The CIA Model'

Copyright,2013-15

11

IT Security• Security of Service

• Fit• Reliability

• Availability• Accessibility• Robustness• Resilience• Recoverability

• Integrity• Maintainability

• Security of Investment

• Assets• The Business

http://www.rogerclarke.com/II/CCSA.html#RA

Copyright,2013-15

12

2. The Conventional Security Model

• Threats act on Vulnerabilities and result in Harm

• Each Threatening Event is a Security Incident

• Safeguards are deployed to provide protection

• Countermeasures are used against Safeguards

Copyright,2013-15

13

The Key Concepts

• A Threat is a circumstance that could result in HarmA Threatening Event is an instance of a generic ThreatA Threat may be natural, accidental or intentional

An intentional Threatening Event is an AttackA party that creates an Intentional Threat is an

Attacker

Copyright,2013-15

14

The Key Concepts

• A Threat is a circumstance that could result in HarmA Threatening Event is an instance of a generic ThreatA Threat may be natural, accidental or intentional

An intentional Threatening Event is an AttackA party that creates an Intentional Threat is an

Attacker

• A Vulnerability is a susceptibility to a Threat

• Harm is any kind of deleterious consequence to an Asset

• A Safeguard is a measure to counter a Threat• A Countermeasure is an action to circumvent a

Safeguard

Copyright,2013-15

15

http://www.rogerclarke.com/EC/PBAR.html#App1

QuickTime™ and aTIFF (Uncompressed) decompressor


ConventionalIT Security

Model

Copyright,2013-15

16

Categories of Threat• Environmental Events (Acts of God or

Nature)• Accidents, caused by:

• Humans who are directly involved• Other Humans• Artefacts and their Designers

• Attacks, by:• Humans who are directly involved• Other Humans• The Designers of Artefacts

Copyright,2013-15

17

Situations in Which Threats Arise

Corp.Wkstns

CorporationsGovernment AgenciesIndividualsBotsThe InternetCorp.Servers

. . .

Copyright,2013-15

18

Situations in Which Threats Arise

• Computing and Comms Facilities, incl.

• Data Storage• Software• Data Transmission

• of:• The Organisation• Service Providers• Users• Others

• Physical Premises housing relevant facilities

• Supporting Infrastructure, incl. data cabling, telecomms infrastructure, electrical supplies, air-conditioning, fire protection systems

• Manual Processes, Content and Data Storage

Copyright,2013-15

19

Intentional Threats / Attacks

• Physical Intrusion

• Social Engineering• Confidence Tricks• Phishing

• Masquerade

• Abuse of Privilege• Hardware• Software• Data

• Electronic Intrusion• Interception• Cracking / ‘Hacking’

• Bugs• Trojans• Backdoors• Masquerade

• Distributed Denialof Service (DDOS)

• Infiltration by Software with a Payload

By Outsiders & Insiders – Host/Server-side, User/Client-side

Copyright,2013-15

20

Categories of Harm

• Data Loss, Alteration, Access or Replication

• Reputation or Confidence Loss• Asset Value Loss• Financial Loss• Opportunity Cost

• Property Damage• Personal Injury

Copyright,2013-15

21

IT and Data Security Safeguards

The Physical Site• Physical Access Control

(locks, guards, ...)• Smoke Detectors, UPS, ...

Hardware• Parity-checking, read-after-

write• Backup and Recovery

Network• Channel encryption• Firewalls• Intrusion Detection

Software• Authentication of data, of value,

of (id)entity, and/or of attributes• Access Control, Authorisations

Liveware• Human Procedures

Control Totals, Reconciliations

• OrganisationRespy/Authy, Separation of duties

Legal Measures• Duty Statements, Terms of Use,

Contractual Commitments

Copyright,2013-15

22

Summary of Key Terms• Threat

A circumstance that could result in Harm

• VulnerabilityA susceptibility to a Threat

• Threatening EventAn occurrence of a Threat

• SafeguardA measure to prevent, to enable detection or investigation of, or to mitigate Harm from, a Threatening Event

• Risk“The likelihood of Harm arising from a Threat”A measure of the likelihood and/or seriousness of Harm arising from a Threatening Event impinging on a Vulnerability and not being dealt with satisfactorily by the existing Safeguards

Copyright,2013-15

23

3. Business Processes

1. Risk AssessmentIdentify and Prioritisethe Residual Risks You Face

2. Risk ManagementDo something about them!!

Copyright,2013-15

24

3.1 Risk Assessmentcf. Analysis

• Define Objectives and Constraints• Identify Stakeholders, Assets, Values,

Harm• Identify Threats, Vulnerabilities,

and Threat-Vulnerability Combinations• Consider Existing Safeguards• Evaluate the Residual Risks• Prioritise the Residual Risks

Copyright,2013-15

25

3.2 Risk Managementcf. Design and Implementation

• Define additional and adapted Safeguards that will address the Priority Risks

• Express a Plan to implement the Safeguards

• Implement the Plan• Monitor the Implementation• Audit the Implementation

ISO 27005, NIST 800-30, DSD/ASD ISM

Copyright,2013-15

26

Generic Risk Management Strategies

• Proactive Strategies

• Avoidance• Deterrence• Prevention

• Reactive Strategies• Isolation• Recovery• Transference• Insurance

• Non-Reactive Strategies

• Tolerance• Abandonment• Dignified Demise• Graceless

Degradation

Copyright,2013-15

274. Security Safeguards



ExternalSecurity

InternalSecurity

PerimeterSecurity

QuickTime™ and aTIFF (LZW) decompressorare needed to see this picture.




Copyright,2013-15

28

Key IT Security Safeguards Categories

External Security• Content Transmission

Security ('Confidentiality')e.g. SSL/TLS

• Authentication of Sender, Recipient, Contente.g. Dig Sigs, SSL/TLS, Tunnelling, VPNs

• 'White Hat Hacking'• Network-Based

Intrusion Detection (ID)• ...

Copyright,2013-15

29







Perimeter SecurityInspection and Filtering• Traffic, i.e. 'Firewalls'• Malcontent, Malware

Copyright,2013-15

304. Security Safeguards



ExternalSecurity

InternalSecurity

PerimeterSecurity





Copyright,2013-15

31







Perimeter SecurityInspection and Filtering• Traffic, i.e. 'Firewalls'• Malcontent, MalwareInternal Security• Access Control• Vulnerability Inspection• Intrusion (Threat)

Detection• Safeguard Testing• Backup and Recovery,

Business Continuity,Disaster Recovery

Copyright,2013-15

32

Backup of What Data Assets?

• Personal Dataincl. sensitive data:

• of an individual• of family• of other people

• Infrastructure Config Data (settings, parameters, scripts to support normal computing operations)

• Business-Related Content

• Identity Authenticators (passwords, passport and driver's licence details)

• Payment Authenticators (PINs, credit-card details)

• Financial Data• Funds, e.g. bitcoin

wallets

http://www.rogerclarke.com/EC/PBAR.html#Tab2

Copyright,2013-15

33

Harm to Values Associated with Data

• Accessibility• Data Loss

• In Volatile Memory

• In Non-Volatile Memory

• Theft, Destruction, Malfunction

• Data Unavailability

• Inaccessibility• Data Access• Data Disclosure• Data Interception

• Quality• Low when collected• Low at time of use,

(Data Modification, Data Integrity Loss, Corruption)

http://www.rogerclarke.com/EC/PBAR.html#Tab4

Copyright,2013-15

34

Some Threat-Vulnerability Combinations

• You make changes to a file, and regret it, and want to get back to the earlier version

• Disk-Crash

• Data Hostage 'Cryptohack'

• ...

Copyright,2013-15

35

Backup

To Where?

• An internal storage-medium• An external storage-medium• Local Network Attached

Storage (NAS)

• Remote storage-medium

• Stored locally / remotely• Stored online / offline

How often?

• Instant• Frequent• Occasional

Copyright,2013-15

36

Backup Procedures

1. Single-File Backup2. Periodic Full Backup3. Incremental Multi-

File Backup with Overwrite of Prior Versions

4. Incremental Multi-File Backup with Retention

of Prior Versions5. Mirror File Backup6. Rotation of File

Backups

7. Off-Site / 'Fire' Backup

8. Storage-Medium or Partition Backup

9. Write-Twice / Copy-On-Write

10. Archival11. Spooling of

Storage-Media12. Spooling of

Storage-Media Type

http://www.rogerclarke.com/EC/PBAR.html#App3

Copyright,2013-15

37

Threat-Vulnerability Relevant Backup Combinations Procedures

• Mistaken File Amendment, Deletion, or Overwrite

• Storage-Media Failure

• Malware or Hacking Attack denying access to the data

1. File-Versioning; or4. Incremental File Backup

& Retention of Old Versions

2. Full File Backup; or3. Full plus Incrementals; or8. Storage-Medium Backup

Offline Storage &2, 3 or 8

Copyright,2013-15

38

Security of Information and I.T.Agenda

1. The Concept of Security2. The Conventional Security Model3. Business Processes

3.1 Risk Assessment3.2 Risk Management

4. Security Safeguards4.1 Backup and Recovery

Copyright,2013-15

39

COMP 2410 – Networked Information Systems

SC1 – Security of Information and I.T.

Roger ClarkeXamax Consultancy, Canberra

Visiting Professor, A.N.U. and U.N.S.W.

http://www.rogerclarke.com/II/NIS2410.html#L4http://www.rogerclarke.com/II/NIS2410-4 {.ppt, .pdf}

ANU RSCS, 1 April 2015

Copyright,2013-15

40

Drill-Down Slides

Copyright,2013-15

41

Costs of Risk Mitigation• Executive Time, for assessment, planning, control• Consultancy Time, for assessment, design• Operational Staff Time for:

• Training, Rehearsals, Incident Handling, Backups• Computer Time for backups• Storage costs for on-site and off-site (‘fire backup’)

copies of software, data and log-files• Transmission Costs for database replication• Loss of Service to clients during backup time• Redundant Capacity (Hardware, Networks)• Contracted Support from a 'hot-site' / 'warm-site'

Copyright,2013-15

42

4.1 Access ControlAn Important Example of a

Safeguard

• Protect System Resources against Unauthorised Access

• Provide convenient access to the right people, to relevant data and software capabilities, by providing User Accounts with Privileges and Restrictions

• Prevent access by the wrong people to data and software capabilities

• Person-Based, or Role-Based (RBAC)

Copyright,2013-15

43

Access ControlPre-Authentication

of Evidence ofIdentity or Attribute

Permissions Storeor Access

Control List

Authenticationusing the Issued

Authenticator

AuthorisationAccessControl

Registerof

Authenticators

Copyright,2013-15

44

Threats to Passwords1. Guessing2. 'Brute Force' Guessing3. Visual Observation4. Electronic Observation5. Interception6. Phishing7. Use of One Password for Multiple Accounts8. Discovery of a Password Database9. Compromise of the Password-Reset Process10. Continued Use of a Compromised Password11. Compromise of a Password Stored by a Service-Provider12. Acquisition and Hacking of the Password-Hash File

http://www.rogerclarke.com/II/Passwords.html

Copyright,2013-15

45

Ways of Strengthening Access Control

• Channel Encryption, e.g. SSL/TLS, so that even if the password is intercepted, it is not ‘in clear’

• Transmission of only a hash of the password• Server-Side Storage of only a hash of the

password• One-Time Passwords

Copyright,2013-15

46

Ways of Strengthening Access Control

• what you knowpassword, 'shared secrets'

• what you haveone-time password gadget, a digital signing key

• where you areyour IP-address, device-ID

• what you area biometric, e.g. fingerprint

• what you dotime-signature of password-typing key-strikes

• who or what you arereputation, 'vouching'

• Channel Encryption, e.g. SSL/TLS, so that even if the password intercepted, it is not ‘in clear’

• Transmission of only a hash of the password• Server-Side Storage of only a hash of the password• One-Time Passwords• Multi-Factor Use Authentication:

Date post:	28-Dec-2015
Category:	Documents
Upload:	griselda-montgomery
View:	219 times
Download:	0 times

Copyright, 2013-15 1. Copyright, 2013-15 2 Copyright, 2013-15 3.

Documents