-the challenge of survivability
TRANSCRIPT
-
7/25/2019 -The Challenge of Survivability
1/27
The Challenge
OfSurvivability
-
7/25/2019 -The Challenge of Survivability
2/27
Survivability Dened
The capability of a system to full its mission, in a timelymanner, in the presence of attacks, failures or accidents.
-
7/25/2019 -The Challenge of Survivability
3/27
System
1) The term system is used in the broadest possible sense andincludes network and large-scalesystem of system.
) !ur"i"ability pro"ides a new technical andbusiness perspecti"e on security, which is essential
to our search for solutions.
-
7/25/2019 -The Challenge of Survivability
4/27
ecurity vs. Survivability
!ur"i"ability is an emerging discipline that blends computersecurity with business risk management for the purpose ofprotecting highly distributed information ser"ices and assets. #fundamental assumption is that no system is totally immune toattacks, accidents, or failures.$mpro"ing sur"i"ability in the presence of cyber-attacks also
impro"es the capacity to sur"i"e accidents and systemfailures that are not malicious in nature.
-
7/25/2019 -The Challenge of Survivability
5/27
curity as a component of sur"i"ability
Mission Security
Components
Other Key
Component
Timely%eli"ery ofmail
1. &ockedmailbo'es.. !egregatedcargo on (ights
amera*s inpost o+ces.. reuentinspections./. 0'tensi"esecurity
policies.. ederal lawsand strict0nforcementetc.
Automation2 3ar codes, optical scanners,web tracking, omputeri4edparsing, etc.
ault Tolerance2 #lternate (ights5hubs,substituteletter-carriers, interpose 6+cecommunicationManagement
2 &ocked mailbo'es2 !egregated cargo on(ights.Design2 7ip code system, le"els ofser"ice, hub
and spoke topology, etc.
-
7/25/2019 -The Challenge of Survivability
6/27
!ayered Approach to Survivability
#pplying synergistic solutions in an attempt to accomplish the
mission and mitigate potential failures
The Driving Analogy"
-
7/25/2019 -The Challenge of Survivability
7/27
#pplying multiple sur"i"ability measures increase the
likelihood of mission accomplishment while reducing thechance of failure.
These measures are applied as a holistic system, notnumerous, stand-alone pieces.
or e#ample8-
The airbags in a car work in con9unction with the seatbeltsystem. $f passengers are not wearing their seatbelts and arein a serious accident, it is unlikely that they will escape
unin9ured solely as a result of the airbags deploying.
-
7/25/2019 -The Challenge of Survivability
8/27
Anticipate ailures and$ntrusions"%
:ou won*t necessarily ha"e warning
-
7/25/2019 -The Challenge of Survivability
9/27
&lan for the 'orst"1. ;atural %isaster
. Terrorism.
-
7/25/2019 -The Challenge of Survivability
10/27
$nformation Security Model
-
7/25/2019 -The Challenge of Survivability
11/27
Characteri(es information
security in three dimensions").$nformation Security &roperties
$t*s generally accepted that $nformation !ecuritycontains three properties8 ondentiality, $ntegrity, and
#"ailability.*. $nformation States
$nformation is not a static entity. $t e'ists in processing>i.e. ?#@), storage >i.e. on disk), and transmission >i.e. onthe wire).
+. Security Measures6rgani4ations must apply security measures in order toeAecti"ely mitigate risk to their information assets.
-
7/25/2019 -The Challenge of Survivability
12/27
formation Security &roperties
The goal of informationsecurity is to sustain anddefend three critical security
properties ofinformation: condentiality,integrity, and availability.
-
7/25/2019 -The Challenge of Survivability
13/27
$nformation States
or the purposes of this model,information states refer to wherein the information systemsen"ironment the information to
be protected may be found.
-
7/25/2019 -The Challenge of Survivability
14/27
&rocessing
#t any gi"en moment, information may be accessible in an
information system*s local memory.
Storage
?ecorded on some formofphysical media.
transmission
Transit as it is being deli"ered from one place to anotherwithin and between systems
-
7/25/2019 -The Challenge of Survivability
15/27
rity of discarded media and output
$f media or other output >e.g., printouts, slides) on which condentialinformation was written is not completely erased or destroyed, anunauthori4ed reader may be able to sal"age the content from discardedmaterials >aka dumpster di"ing). 3ackup media such as tapes%5%B%, etc, need to be treated with the same amount of careCcriticalinformation is most likely stored on this media. Therefore, careful
planning should be conducted to facilitate proper disposal.
-
7/25/2019 -The Challenge of Survivability
16/27
Security Measures
@easures to implement andsustain information securityin"ol"e policy and procedures,technology, and theknowledge and abilities of
system and networkadministrators and users.
-
7/25/2019 -The Challenge of Survivability
17/27
$nformation Security Model
This model of information securityemphasi4es the need to sustainthe condentiality, integrity, anda"ailability of information assets
and resources in e"ery state thatthe information could be found ina networked information systemsen"ironment.
-
7/25/2019 -The Challenge of Survivability
18/27
nformation Security Concepts
The properties ofondentiality, $ntegrity,and #"ailability are at thefoundation of what it
means for information tobe secure.
-
7/25/2019 -The Challenge of Survivability
19/27
1. $dentication
?efers to the uniue properties of users that separate them fromothers and the means in which these users claim their identities on a
system. Dsernames are common means of identication. This istightly linked with authentication.
. Authentication
is the process of pro"ing that you are who you say you areestablishing proof of identity. This can be achie"ed through
passwords, smart cards, biometrics, etc.
. Accountability
is a system*s ability to determine the actions and beha"iour of asingle indi"idual within a system, and to identify that particularindi"idual.
/. ,onrepudiationis the mechanism that keeps an indi"idual from denying that theydid something.
. Authori(ation
is the rights and permissions granted to an indi"idual which
enable access to a computer resource.
-
7/25/2019 -The Challenge of Survivability
20/27
tecting $nformation Assets
#"oidance
Ere"ention %etection ontainment and response ?eco"ery $mpro"ement
# comprehensi"e approach toimplementing and sustaininginformationsecurity can include the followingstrategies and practices
-
7/25/2019 -The Challenge of Survivability
21/27
Avoidance# desirable strategy for impro"ing security is to a"oid congurationsthat present unnecessary opportunities for problems to occur.
&revention
Ere"ention refers to the implementation of measures and controls tominimi4e the possibility of security problems occurring
Detection
%espite all eAorts to pre"ent unauthori4ed access to informationassets and resources, security incidents are bound to occur
Containment and -esponse
Fhen information security incidents do occur, you will ha"e to workuickly to contain the damage and respond to pre"ent further
unauthori4ed acti"ity. -ecovery
Fhen system failures and security incidents occur, you will need toha"e resources and data backups a"ailable to restore your data,systems, networks, and security infrastructure to a known-good
state.
-
7/25/2019 -The Challenge of Survivability
22/27
$mprovement
;ew threats to the security of information and information systems aredisco"ered e"ery day. $ntruders acti"ely seek ways to inltrate systems
in search of information and resources.dministrative -esponsibilities
#uthori4ation #uthentication #ccountability
@onitoring $ncident response %amage assessment and reco"ery #nalysis !ystem life-cycle management 3ackups, fault tolerance
-
7/25/2019 -The Challenge of Survivability
23/27
$ntruders
Someone who attempts tobreach the security of aninformation asset.
a. $nternal "s. e'ternalb.
-
7/25/2019 -The Challenge of Survivability
24/27
ac/ers
$ndi"iduals more interested in probing systems and networks fortheir own en9oyment and curiosity rather than actually causing
harm. Crac/ers
$ndi"iduals who attempt to maliciously altar systems for theirbenet.
or 0#ample
web site defacements or breaking license codes for games,applications, and web sites.
Cyber%Criminals
#ttempt to conduct large-scale crime online, i.e., credit cardtheft5scams, $nternet drug sales, corporate blackmail.
-
7/25/2019 -The Challenge of Survivability
25/27
Mean Motive andOpportunityThey ask uestions such as,
"id the suspect have themeans to commit the crime!id they have something togain!
id they have the opportunityto carry out the crime
-
7/25/2019 -The Challenge of Survivability
26/27
Means
$ntrusion tools has become high and is getting highermean for $ntruders.
These tools are well documented and are freelya"ailable on the $nternet.
Motives
@oney, prot
#ccess to additional resources ompetiti"e ad"antage1. 0conomic. Eolitical Eersonal grie"ance, "engeance1. uriosity. @ischief. #ttention/. Terrorism
-
7/25/2019 -The Challenge of Survivability
27/27
Opportunities for $ntrusion
1. ?apid adoption of computer and network technology ingo"ernment, industry, and educational organi4ations.
. $nternet e'plosion and e-commerce.. Thousands of e'ploitable "ulnerabilities in technology./. &ack of awareness regarding information security.. !hortage of ualied system and network administratorsand information security staA.=. &ack of applicable laws and means of enforcement.'c"ba