Date post: | 18-Dec-2015 |
Category: |
Documents |
View: | 214 times |
Download: | 1 times |
ObjectivesObjectives
Get a non-product-specific perspective onto Get a non-product-specific perspective onto security in ITsecurity in IT
Demystify the commonly used terminology – Demystify the commonly used terminology – know your RC2 from AESknow your RC2 from AES
Bring together various aspects of security into Bring together various aspects of security into an integrated wholean integrated whole
Make some simple recommendationsMake some simple recommendations
AgendaAgenda
Defining Integrated Security (level 200) Defining Integrated Security (level 200)
SomeSome Techniques for Securing IT (level 250) Techniques for Securing IT (level 250)
Recommendations (level 200)Recommendations (level 200)
Printed/online slides include a section that covers Printed/online slides include a section that covers security risk analysis process – they are self-explanatory security risk analysis process – they are self-explanatory (7 easy slides – please read at your leisure)(7 easy slides – please read at your leisure)
Warning: this is a fast and furious A-to-Z type of a session. Attend at your own risk.Warning: this is a fast and furious A-to-Z type of a session. Attend at your own risk.
SecuritySecurity
Definition (Cambridge Dictionary of English)Definition (Cambridge Dictionary of English) Ability to avoid being harmed by Ability to avoid being harmed by anyany risk, danger or risk, danger or
threatthreat
……therefore, in practice, an therefore, in practice, an impossibleimpossible goal goal
What can we do then?What can we do then? Be as secure as neededBe as secure as needed Ability to avoid being harmed Ability to avoid being harmed too much too much by by
reasonably reasonably predictable risks, dangers or threats predictable risks, dangers or threats (Rafal’s Definition)(Rafal’s Definition)
AssetsAssets
What we are securing?What we are securing? DataData Services (i.e. business etc. applications or their Services (i.e. business etc. applications or their
individually accessible parts)individually accessible parts)
This session is not about securing:This session is not about securing: People (sorry), cables, carpets, typewriters People (sorry), cables, carpets, typewriters andand
computers (?!)computers (?!) Indeed: we (IT people) will secure the data on the Indeed: we (IT people) will secure the data on the
computer or services it offers and we will often request computer or services it offers and we will often request that a PC should be locked up with an armed guard but that a PC should be locked up with an armed guard but how this is done is not really our businesshow this is done is not really our business Sometimes known as physical securitySometimes known as physical security
Digital Security as Extension of Digital Security as Extension of Physical Security of Physical Security of Key AssetsKey Assets
Strong PhysicalStrong PhysicalSecurity of KASecurity of KA
Strong DigitalStrong DigitalSecuritySecurity
Good SecurityGood SecurityEverywhereEverywhere
Weak PhysicalWeak PhysicalSecurity of KASecurity of KA
Strong DigitalStrong DigitalSecuritySecurity
InsecureInsecureEnvironmentEnvironment
Strong PhysicalStrong PhysicalSecurity of KASecurity of KA
Weak DigitalWeak DigitalSecuritySecurity
InsecureInsecureEnvironmentEnvironment
Aspects of SecurityAspects of Security
Confidentiality Confidentiality ◄ ◄ Your data/service provides no useful information to Your data/service provides no useful information to
unauthorised peopleunauthorised peopleIntegrity Integrity
◄ ◄ If anyone tampers with your asset it will be immediately If anyone tampers with your asset it will be immediately evidentevident
Authenticity Authenticity ◄ ◄ We can verify that asset is attributable to its authors or We can verify that asset is attributable to its authors or
caretakerscaretakersNon-repudiationNon-repudiation
◄ ◄ The author or owner or caretaker of asset cannot deny that The author or owner or caretaker of asset cannot deny that they are associated with itthey are associated with it
IdentityIdentity◄ ◄ We can verify who is the specific individual entity We can verify who is the specific individual entity
associated with your assetassociated with your asset
Additional Aspects of Data Additional Aspects of Data and Service Securityand Service Security
AuthorisationAuthorisation
◄ ◄ It is clear what actions are permitted with respect to your It is clear what actions are permitted with respect to your assetasset
Loss Loss
◄ ◄ Asset is irrecoverably lost (or the cost of recovery is too Asset is irrecoverably lost (or the cost of recovery is too high)high)
Denial of access (aka denial of service)Denial of access (aka denial of service)
◄ ◄ Access to asset is temporarily impossibleAccess to asset is temporarily impossible
““Static” cryptography is useful but not sufficient:Static” cryptography is useful but not sufficient: Backups etc. neededBackups etc. needed Behaviour (pattern) of access analysis neededBehaviour (pattern) of access analysis needed
CryptographyCryptography
Using really hard mathematics to implement most of the Using really hard mathematics to implement most of the security aspects mentioned earliersecurity aspects mentioned earlier““Static”Static” Cannot detect or prevent problems arising from a Cannot detect or prevent problems arising from a
pattern of behaviourpattern of behaviourRelies of physical security of Key Assets (such as Relies of physical security of Key Assets (such as master private keys etc.)master private keys etc.)Strength changes with time, depending on the power of Strength changes with time, depending on the power of computers and developments in cryptanalysiscomputers and developments in cryptanalysis
Behaviour (Pattern) Behaviour (Pattern) AnalysisAnalysis
Prohibits reaching an asset if history of access is out-of-Prohibits reaching an asset if history of access is out-of-pattern, e.g.:pattern, e.g.: Password lock-out after N unsuccessful attemptsPassword lock-out after N unsuccessful attempts Blocking packets at a router if too many come from a Blocking packets at a router if too many come from a
given sourcegiven source Stopping a user from seeing more than N records in a Stopping a user from seeing more than N records in a
database per daydatabase per day Time-out of an idle secure session Time-out of an idle secure session
““Active”Active” Cannot prevent unauthorised use of asset – still need Cannot prevent unauthorised use of asset – still need
cryptocrypto Can prevent legitimate access – need easy and secure Can prevent legitimate access – need easy and secure
“unlock” mechanisms“unlock” mechanisms
Strength varies with sophistication on known attacksStrength varies with sophistication on known attacks
Integrated SecurityIntegrated Security
Security should be Security should be Integrated SecurityIntegrated Security::
Static + Active Static + Active AcrossAcross
All Your Assets All Your Assets Based OnBased On
Risk AssessmentRisk Assessment
11stst Conclusion Conclusion
As 100% security is impossible, you need to As 100% security is impossible, you need to decide what needs to be secured and how well decide what needs to be secured and how well it needs to be securedit needs to be secured
In other words, you need:In other words, you need: Asset listAsset list Risk impact estimate for each assetRisk impact estimate for each asset
What is Really Secure?What is Really Secure?
Look for systemsLook for systems From well-know partiesFrom well-know parties With published (not secret!) algorithmsWith published (not secret!) algorithms That generate a lot of interestThat generate a lot of interest That have been hacked for a few yearsThat have been hacked for a few years That have been analysed mathematicallyThat have been analysed mathematically
Absolutely Absolutely do notdo not “improve” algorithms yourself “improve” algorithms yourself
Employ someone to attempt a break-inEmploy someone to attempt a break-in
Behaviour (Pattern) Behaviour (Pattern) AnalysisAnalysis
Fairly new area (with exceptions)Fairly new area (with exceptions)
In addition to knowing your assets, you need to In addition to knowing your assets, you need to know your perimeter (edge)know your perimeter (edge) Do you?Do you?
Active access inspection and pattern matching Active access inspection and pattern matching are the main techniquesare the main techniques
Many PerimetersMany PerimetersExternal – Network EdgeExternal – Network Edge Between you and internet Between you and internet
etc.etc.
DMZ – De-militarized ZoneDMZ – De-militarized Zone Between network edge and Between network edge and
all protected resourcesall protected resources Only minimal protection Only minimal protection
possiblepossible
Default Security ZoneDefault Security Zone The traditional LANThe traditional LAN
High Security ZoneHigh Security Zone ““Network inside network”Network inside network” For key assetsFor key assets
Perimeter (Edge) of IsolationPerimeter (Edge) of Isolation Assets physically not Assets physically not
connected to networksconnected to networks Useful for some key assets Useful for some key assets
(e.g. master keys)(e.g. master keys)
DMZDMZ
DefaultDefault
HighHigh
IsolationIsolation
Network EdgeNetwork Edge
Tools for Behaviour Tools for Behaviour AnalysisAnalysis
Traditional: Firewalls and Proxies around the perimeters Traditional: Firewalls and Proxies around the perimeters (edges)(edges) Stateful packet inspectionStateful packet inspectionTraditional: Limiting number of accesses to Key AssetsTraditional: Limiting number of accesses to Key Assets Password lock-outsPassword lock-outsNewer: Event Analysis and Active AgentsNewer: Event Analysis and Active Agents Rules can be programmed into some security servers Rules can be programmed into some security servers
(ISA) or monitoring tools (MOM)(ISA) or monitoring tools (MOM) Neural networks are showing some promise for out-Neural networks are showing some promise for out-
of-pattern detectionof-pattern detection
Basic Crypto TerminologyBasic Crypto Terminology
PlaintextPlaintext The stuff you want to secure, typically readable by humans The stuff you want to secure, typically readable by humans
(email) or computers (software, order)(email) or computers (software, order)
CiphertextCiphertext Unreadable, secure data that must be decrypted before it Unreadable, secure data that must be decrypted before it
can be usedcan be used
KeyKey You must have it to encrypt or decrypt (or do both)You must have it to encrypt or decrypt (or do both)
CryptanalysisCryptanalysis Hacking it by using scienceHacking it by using science
Complexity TheoryComplexity Theory How hard is it and how long will it take to run a programHow hard is it and how long will it take to run a program
Symmetric Key Symmetric Key CryptographyCryptography
EncryptionEncryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““AxCv;5bmEseTfid3)AxCv;5bmEseTfid3)fGsmWe#4^,sdgfMwifGsmWe#4^,sdgfMwir3:dkJeTsY8R\s@!r3:dkJeTsY8R\s@!q3%”q3%”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
DecryptionDecryption
Plain-text inputPlain-text input Plain-text outputPlain-text outputCipher-textCipher-text
Same keySame key(shared secret)(shared secret)
Symmetric Pros and ConsSymmetric Pros and Cons
Weakness:Weakness: Must agree the key beforehandMust agree the key beforehand Securely pass the key to the other partySecurely pass the key to the other party
Strength:Strength: Simple and really very fast (order of 1000 to Simple and really very fast (order of 1000 to
10000 faster than asymmetric mechanisms)10000 faster than asymmetric mechanisms) Super-fast if done in hardware (DES, Super-fast if done in hardware (DES,
Rijndael)Rijndael) Hardware is more secure than software, Hardware is more secure than software,
so DES makes it really hard to be done in so DES makes it really hard to be done in software, as a preventionsoftware, as a prevention
Public Key Public Key CryptographyCryptography
Knowledge of the Knowledge of the encryptionencryption key doesn’t give key doesn’t give you knowledge of the you knowledge of the decryptiondecryption key key
Receiver of information generates a pair of keys Receiver of information generates a pair of keys Publish the public key in a directoryPublish the public key in a directory
Then anyone can send him messages that only Then anyone can send him messages that only she can readshe can read
Public Key EncryptionPublic Key Encryption
EncryptionEncryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
DecryptionDecryption
Clear-text InputClear-text Input Clear-text OutputClear-text OutputCipher-textCipher-text
DifferentDifferent keys keys
Recipient’s Recipient’s public keypublic key
Recipient’s Recipient’s private keyprivate key
privatprivatee
publicpublic
Public Key Pros and ConsPublic Key Pros and Cons
Weakness:Weakness: Extremely slowExtremely slow Susceptible to “known ciphertext” attackSusceptible to “known ciphertext” attack
StrengthStrength Solves problem of passing the keySolves problem of passing the key
Hybrid Encryption (Real World)Hybrid Encryption (Real World)
As above, repeated As above, repeated for other recipientsfor other recipientsor recovery agentsor recovery agents
DigitalDigitalEnvelopeEnvelope
Other recipient’s or Other recipient’s or agent’s agent’s publicpublic key key (in certificate)(in certificate)in recovery policyin recovery policy
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
Symmetric key Symmetric key encrypted asymmetrically encrypted asymmetrically
(e.g., RSA)(e.g., RSA)
Digital Digital EnvelopeEnvelope
User’sUser’spublicpublic key key(in certificate)(in certificate)
RNGRNG
Randomly-Randomly-Generated Generated symmetricsymmetric“session” key “session” key
SymmetricSymmetric encryption encryption(e.g. DES)(e.g. DES)
*#$fjda^j*#$fjda^ju539!3tu539!3t
t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd
*#$fjda^j*#$fjda^ju539!3tu539!3t
t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
SymmetricSymmetricdecryption decryption (e.g. DES)(e.g. DES)
Digital Digital EnvelopeEnvelope
Asymmetric Asymmetric decryption of decryption of
“session” key (e.g. RSA)“session” key (e.g. RSA)
Symmetric Symmetric “session” key“session” key
Session key must be Session key must be decrypted using the decrypted using the recipient’s recipient’s private private keykey
Digital envelope Digital envelope contains “session” contains “session” key encrypted key encrypted using recipient’s using recipient’s public keypublic key
Recipient’s Recipient’s privateprivate keykey
Hybrid DecryptionHybrid Decryption
Digital SignaturesDigital Signatures
Want to give plain text data to someone, and Want to give plain text data to someone, and allow them to verify the originallow them to verify the origin Integrity, authenticity & non-repudiationIntegrity, authenticity & non-repudiation
Much more on this in my PKI session SEC390 at Much more on this in my PKI session SEC390 at 16:45 in room 6 today 16:45 in room 6 today
DES, IDEA, RC2, RC5DES, IDEA, RC2, RC5SymmetricSymmetric
DES (Data Encryption Standard) is the most popularDES (Data Encryption Standard) is the most popular
Keys very short: 56 bitsKeys very short: 56 bits
Brute-force attack took 3.5 hours on a machine costing Brute-force attack took 3.5 hours on a machine costing US$1m in 1993. Today it probably is done real-time.US$1m in 1993. Today it probably is done real-time.
Triple DES (3 DES) not much more secure but may thwart Triple DES (3 DES) not much more secure but may thwart NSANSA
Just say no, unless value of data is minimalJust say no, unless value of data is minimal
IDEA (International Data Encryption Standard)IDEA (International Data Encryption Standard)
Similar to DES, but “not” from NSASimilar to DES, but “not” from NSA
128 bit keys128 bit keys
RC2 & RC5 (by R. Rivest)RC2 & RC5 (by R. Rivest)
RC2 is older and RC5 newer (1994) - similar to DES and RC2 is older and RC5 newer (1994) - similar to DES and IDEAIDEA
RijndaelRijndael
Standard replacement for DES for US government, and, Standard replacement for DES for US government, and, probably for all of us as a result…probably for all of us as a result… Winner of the AES (Advanced Encryption Standard) Winner of the AES (Advanced Encryption Standard)
competition run by NIST (National Institute of Standards competition run by NIST (National Institute of Standards and Technology in US) in 1997-2000and Technology in US) in 1997-2000
Comes from Europe (Belgium) by Joan Daemen and Comes from Europe (Belgium) by Joan Daemen and Vincent Rijmen. “X-files” stories less likely (unlike DES). Vincent Rijmen. “X-files” stories less likely (unlike DES).
Symmetric block-cipher (128, 192 or 256 bits) with variable Symmetric block-cipher (128, 192 or 256 bits) with variable keys (128, 192 or 256 bits, too)keys (128, 192 or 256 bits, too)
Fast and a lot of good properties, such as good immunity from Fast and a lot of good properties, such as good immunity from timing and power (electric) analysistiming and power (electric) analysis
Construction deceptively similar to DES (S-boxes, XORs etc.) Construction deceptively similar to DES (S-boxes, XORs etc.) but but really really differentdifferent
CAST and GOSTCAST and GOST
CASTCAST Canadians Carlisle Adams & Stafford TavaresCanadians Carlisle Adams & Stafford Tavares 64 bit key and 64 bit of data64 bit key and 64 bit of data Chose your S-boxesChose your S-boxes Seems resistant to differential & linear cryptanalysis and Seems resistant to differential & linear cryptanalysis and
only way to break is brute force (but key is a bit short!)only way to break is brute force (but key is a bit short!)
GOSTGOST Soviet Union’s “version” of DES but with a clearer design Soviet Union’s “version” of DES but with a clearer design
and many more repetitions of the processand many more repetitions of the process 256 bit key but really 610 bits of secret, so pretty much 256 bit key but really 610 bits of secret, so pretty much
“tank quality”“tank quality” Backdoor? Who knows…Backdoor? Who knows…
Careful with Streams!Careful with Streams!
Do NOT use a block cipher in a loopDo NOT use a block cipher in a loop
Use a crypto-correct technique for treating Use a crypto-correct technique for treating streams of data, such as CBC (Cipher Block streams of data, such as CBC (Cipher Block Chaining)Chaining) .NET Framework implements it as .NET Framework implements it as
ICryptoTransform on a crypto stream with ICryptoTransform on a crypto stream with any supported algorithmany supported algorithm
RC4RC4
SymmetricSymmetric Fast, streaming encryptionFast, streaming encryptionR. Rivest in 1994R. Rivest in 1994 Originally secret, but “published” on sci.cryptOriginally secret, but “published” on sci.cryptRelated to “one-time pad”, theoretically most secureRelated to “one-time pad”, theoretically most secureBut!But!It relies on a really good random number generatorIt relies on a really good random number generator And that is the problemAnd that is the problem
RSA, DSA, ElGamal, ECCRSA, DSA, ElGamal, ECCAsymmetricAsymmetric Very slow and computationally expensive – need a Very slow and computationally expensive – need a
computercomputer Very secureVery secureRivest, Shamir, Adleman – 1978Rivest, Shamir, Adleman – 1978 Popular and well researchedPopular and well researched Strength in today’s inefficiency to factorise into prime Strength in today’s inefficiency to factorise into prime
numbersnumbers Some worries about key generation process in some Some worries about key generation process in some
implementationsimplementationsDSA (Digital Signature Algorithm) – NSA/NIST thingDSA (Digital Signature Algorithm) – NSA/NIST thing Only for digital signing, not for encryptionOnly for digital signing, not for encryption Variant of Schnorr and ElGamal sig algorithmVariant of Schnorr and ElGamal sig algorithmElGamalElGamal Relies on complexity of discrete logarithmsRelies on complexity of discrete logarithmsECC (Elliptic Curve Cryptography)ECC (Elliptic Curve Cryptography) Really hard maths and topologyReally hard maths and topology Better than RSA, in general and under a mass of researchBetter than RSA, in general and under a mass of research
Quantum CryptographyQuantum Cryptography
Method for generating and passing a secret key or a random Method for generating and passing a secret key or a random streamstream Not for passing the actual data, but that’s irrelevantNot for passing the actual data, but that’s irrelevant
Polarisation of light (photons) can be detected only in a way Polarisation of light (photons) can be detected only in a way that destroys the “direction” (basis)that destroys the “direction” (basis) So if someone other than you observes it, you receive So if someone other than you observes it, you receive
nothing useful and you know you were buggednothing useful and you know you were bugged
Perfectly doable over 10-50km long fibre-optic linkPerfectly doable over 10-50km long fibre-optic link But seems pretty perfect, if a bit tedious and slowBut seems pretty perfect, if a bit tedious and slow
Don’t confuse it with quantum computing, which won’t be Don’t confuse it with quantum computing, which won’t be with us for at least another 50 years or so, or maybe longer…with us for at least another 50 years or so, or maybe longer…
MD5, SHAMD5, SHA
Hash functions – not encryption at all!Hash functions – not encryption at all!
Goals:Goals: Not reversible: can’t obtain the message from its hashNot reversible: can’t obtain the message from its hash Hash much shorter than originalHash much shorter than original Two messages won’t have the same hashTwo messages won’t have the same hash
MD5 (R. Rivest)MD5 (R. Rivest) 512 bits hashed into 128512 bits hashed into 128 Mathematical model still unknownMathematical model still unknown But it resisted major attacksBut it resisted major attacks
SHA (Secure Hash Algorithm)SHA (Secure Hash Algorithm) US standard based on MD5US standard based on MD5
Diffie-Hellman, “SSL”, Diffie-Hellman, “SSL”, CertsCerts
Methods for key exchangeMethods for key exchange
DH is very clever since you always generate a new “key-DH is very clever since you always generate a new “key-pair” for each asymmetric sessionpair” for each asymmetric session STS, MTI, and certs make it even saferSTS, MTI, and certs make it even safer
Certs (certificates) are the most common way to Certs (certificates) are the most common way to exchange public keysexchange public keys Foundation of Public Key Infrastructure (PKI)Foundation of Public Key Infrastructure (PKI)
SSL uses a protocol to exchange keys safelySSL uses a protocol to exchange keys safely See session on PKISee session on PKI
CryptanalysisCryptanalysis
Brute forceBrute force Good for guessing passwords, and some 40-bit symmetric Good for guessing passwords, and some 40-bit symmetric
keys (in some cases needed only 27 attempts)keys (in some cases needed only 27 attempts)
Frequency analysisFrequency analysis For very simple methods only (US mobiles)For very simple methods only (US mobiles)
Linear cryptanalysisLinear cryptanalysis For stronger DES-like, needs 243 plain-cipher pairsFor stronger DES-like, needs 243 plain-cipher pairs
Differential cryptanalysisDifferential cryptanalysis Weaker DES-like, needs from 214 pairsWeaker DES-like, needs from 214 pairs
Power and timing analysisPower and timing analysis Fluctuations in response times or power usage by CPUFluctuations in response times or power usage by CPU
Breaking It on $10 MillionBreaking It on $10 Million
Symme-tric Symme-tric KeyKey
ECC KeyECC KeyRSA KeyRSA KeyTime to Time to BreakBreak
MachinesMachinesMemoryMemory
5656112112420420 < <55 minsmins1000010000TrivialTrivial
8080160160760760600600 monthsmonths
430043004GB4GB
96961921921020102033 million million yearsyears
114114170GB170GB
1281282562561620162010E16 10E16 yearsyears
0.160.16120TB120TB
From a report by Robert Silverman, RSA Laboratories, 2000
Strong SystemsStrong Systems
It is always a mixture! Changes all the time…It is always a mixture! Changes all the time…
Symmetric:Symmetric: Min. 128 bits for RC2 & RC5, 3DES, IDEA, carefully Min. 128 bits for RC2 & RC5, 3DES, IDEA, carefully
analysed RC4, 256 bit betteranalysed RC4, 256 bit better
Asymmetric:Asymmetric: RSA, ElGamal, Diffie-Hellman (for keys) with RSA, ElGamal, Diffie-Hellman (for keys) with
minimum 1024 bits (go for the maximum, typically minimum 1024 bits (go for the maximum, typically 4096, if you can afford it)4096, if you can afford it)
Hash:Hash: Either MD5 or SHA but with at least 128 bit results, Either MD5 or SHA but with at least 128 bit results,
256 better256 better
Weak SystemsWeak Systems
Anything with 40-bits (including 128 and 56 bit versions Anything with 40-bits (including 128 and 56 bit versions with the remainder “fixed”)with the remainder “fixed”)
CLIPPERCLIPPER
A5 (GSM mobile phones outside US)A5 (GSM mobile phones outside US)
Vigenère (US mobile phones)Vigenère (US mobile phones) Dates from 1585!Dates from 1585!
Unverified certs with no trustUnverified certs with no trust
Weak certs (as in many “class 1” personal certs)Weak certs (as in many “class 1” personal certs)
SummarySummary
Decide what to secure and howDecide what to secure and how
Have someone fulfil the role of CSO (Chief Have someone fulfil the role of CSO (Chief Security Officer)Security Officer)
Combine static crypto-based security with Combine static crypto-based security with active behaviour (pattern) analysisactive behaviour (pattern) analysis
Use reasonably strong security mechanismsUse reasonably strong security mechanisms
Balance security against accessibilityBalance security against accessibility
Resources & ReadingResources & ReadingVisit Visit www.microsoft.com/securitywww.microsoft.com/security
Attend sessions on PKI (incl. SEC390)Attend sessions on PKI (incl. SEC390)
For more detail, read:For more detail, read: Applied CryptographyApplied Cryptography, B. Schneier, John Wiley & Sons, , B. Schneier, John Wiley & Sons,
ISBN 0-471-12845-7ISBN 0-471-12845-7 Foundations of CryptographyFoundations of Cryptography, O. Goldereich, , O. Goldereich,
www.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_boowww.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_book_readme.htmlk_readme.html
Handbook of Applied CryptographyHandbook of Applied Cryptography, A.J. Menezes, CRC , A.J. Menezes, CRC Press, Press, ISBN 0-8493-8523-7ISBN 0-8493-8523-7
PKIPKI, A. Nash et al., RSA Press, ISBN 0-07-213123-3, A. Nash et al., RSA Press, ISBN 0-07-213123-3 Cryptography in C and C++Cryptography in C and C++, M. Welschenbach, Apress, , M. Welschenbach, Apress,
ISBN 1-893115-95-X (includes code samples CD)ISBN 1-893115-95-X (includes code samples CD)
evaluations…evaluations…
Please don’t Please don’t forget to forget to
complete your complete your online Evaluation online Evaluation
FormForm
Risk Analysis for IT SecurityRisk Analysis for IT SecurityA Bonus Section for Your Reading A Bonus Section for Your Reading
PleasurePleasure
ExamplesExamples
Asset:Asset: Internal mailbox of your Managing DirectorInternal mailbox of your Managing Director
Risk Impact Estimate (examples!)Risk Impact Estimate (examples!) Risk of loss: Medium impactRisk of loss: Medium impact Risk of access by staff: High impactRisk of access by staff: High impact Risk of access by press: Catastrophic impactRisk of access by press: Catastrophic impact Risk of access by a competitor: High impactRisk of access by a competitor: High impact Risk of temporary no access by MD: Low impactRisk of temporary no access by MD: Low impact Risk of change of content: Medium impactRisk of change of content: Medium impact
Creating Your Asset ListCreating Your Asset List
List all of your List all of your namednamed assets starting with the assets starting with the most sensitivemost sensitive
Your list won’t ever be complete, keep updating Your list won’t ever be complete, keep updating as time goes onas time goes on
Create default “all other assets” entriesCreate default “all other assets” entries Divide them into logical groups based on Divide them into logical groups based on
their probability of attacks or the risk of their their probability of attacks or the risk of their “location” between perimeters“location” between perimeters
Risk Impact AssessmentRisk Impact Assessment
For each asset and risk attach a measure of impactFor each asset and risk attach a measure of impactMonetary scale if possible (difficult) or relative numbers Monetary scale if possible (difficult) or relative numbers with agreed meaningwith agreed meaning E.g.: Trivial (1), Low (2), Medium (3), High (4), E.g.: Trivial (1), Low (2), Medium (3), High (4),
Catastrophic (5)Catastrophic (5)Ex:Ex: Asset: Internal MD mailboxAsset: Internal MD mailbox Risk: Access to content by pressRisk: Access to content by press Impact: Catastrophic (5)Impact: Catastrophic (5)
Risk Probability Risk Probability AssessmentAssessment
Now for each entry measure probability the loss Now for each entry measure probability the loss may happenmay happen
Real probabilities (difficult) or a relative scale Real probabilities (difficult) or a relative scale (easier) such as: Low (0.3), Medium, (0.6), and (easier) such as: Low (0.3), Medium, (0.6), and High (0.9)High (0.9)
Ex:Ex: Asset: Internal MD mailboxAsset: Internal MD mailbox Risk: Access to content by pressRisk: Access to content by press Probability: Low (2)Probability: Low (2)
Risk Exposure and Risk Risk Exposure and Risk ListList
Multiply probability by impact for each entryMultiply probability by impact for each entry ExposureExposure = Probability x Impact = Probability x Impact
Sort by exposureSort by exposure High-exposure risks need very strong security High-exposure risks need very strong security
measuresmeasures Lowest-exposure risks can be covered by default Lowest-exposure risks can be covered by default
mechanisms or ignoredmechanisms or ignoredExample:Example: Press may access MD mailbox: Press may access MD mailbox:
Exposure = P(Low=0.3) x I(Catastrophic=5) = 1.5Exposure = P(Low=0.3) x I(Catastrophic=5) = 1.5 By the way, minimum exposure is 0.3 and maximum is By the way, minimum exposure is 0.3 and maximum is
4.5 is our examples4.5 is our examples
Mitigation and Mitigation and ContingencyContingency
For high-exposure risks have a plan:For high-exposure risks have a plan: Mitigation: Reduce its probability or impact (so Mitigation: Reduce its probability or impact (so
exposure)exposure) Transfer: Make someone else responsible for Transfer: Make someone else responsible for
the riskthe risk Avoidance: avoid the risk by not having the Avoidance: avoid the risk by not having the
assetasset Contingency: what to do if the risk becomes Contingency: what to do if the risk becomes
realityreality
22ndnd Conclusion Conclusion
Security risk management is an ongoing activity Security risk management is an ongoing activity which requires someone to be responsible for itwhich requires someone to be responsible for it
Who?Who?
Your CSO – Chief Security OfficerYour CSO – Chief Security Officer Do you have one?Do you have one?