cs470, a.selcukthe big picture1 the big picture practical, economic, legal considerations cs 470...
TRANSCRIPT
CS470, A.Selcuk The Big Picture 1
The Big PicturePractical, Economic, Legal Considerations
CS 470
Introduction to Applied Cryptography
Instructor: Ali Aydin Selcuk
CS470, A.Selcuk The Big Picture 2
Prudent Practices for Info.Sec.
• Compartmentalize– Not everyone should have access to everything– e.g. root vs. user accounts, kernel vs. user mode– “least privilege” principle– need-to-know basis
• Secure the weakest link(10,000 bit symmetric key doesn’t make sense)
• Use chock points– Constrain access to the system (gateways, firewalls,
etc.)
CS470, A.Selcuk The Big Picture 3
Prudent Practices (cont’d)
• Provide “defense in depth”E.g., in bank security: door lock – alarm – safe
E.g., firewall – IDS – an internal firewall
• Don’t release unnecessary informationE.g., version of the OS, of the program running, etc.
• Embrace simplicity• Educate & convince users• Question your assumptions constantly
CS470, A.Selcuk The Big Picture 4
80/20 Rule of InfoSec
Pareto principle: Top 20% owns 80% of the land.80/20 Rule of InfoSec (according to Symantec):• Remove unneeded services
– remove components, programs, services from your system until the minimum "business needed" remain.
• Keep Patch Levels Current (helped by Item 1)– use automation whenever possible– priority to public and internal servers
• Enforce Strong Passwords – long, mixed-character passwords– periodic changes
CS470, A.Selcuk The Big Picture 5
Economic Drawbacks
• Ordinary users don’t care much about security(care more about fancy features)
• First mover advantage– Ship the product now; get it right by v3.
(e.g., Microsoft IE)
• Asymmetric information– There is no easy way to tell a good security product
from a bad one– which pulls prices & quality down
CS470, A.Selcuk The Big Picture 6
Economic Drawbacks(of lesser significance)
• Differentiated pricing– To keep low-cost alternatives poorer in quality (on
purpose)– any security-product applications?
• Network effects– Number of users determine the value of product– E.g., telephone, fax, the Internet, E-bay, etc.– Security: not-so-tight security helps attracting
developers & users (any practical cases?)
CS470, A.Selcuk The Big Picture 7
Legal Drawbacks
• Who is liable (in addition to the attacker)?– the faulty software manufacturer?– the attack origin ISP?– the victim’s system administrator?– the network operators?
• Involved parties can help to reduce the potential of an attack, but don’t have much incentive to do so.
CS470, A.Selcuk The Big Picture 8
Other Drawbacks
• Lack of information sharing– Market forces discourage revealing past incidents
(for consumer confidence) – e.g., Citibank, 1995 (“Don’t publicize”)– Result: No reliable information or estimates
(Sol’n attempt: CERTs, “Center for Internet Security”)
• Position of the interior– Attacker has the initiative of when & where to hit
• Potential Solution (partial): – UL model, pushed by the insurance industry (may solve
the problem of product evaluation)– Limitation: Hard to evaluate software security
CS470, A.Selcuk The Big Picture 9
Detection, Response, Risk Management
• Prevention alone is not sufficient. Detection & response mechanisms are also needed. (E.g., no door lock can alone prevent burglaries)
• Risk management – Risks will always be with us; it’s important to know
how to manage them.
• Every security system must answer: – Defense against what kind of adversary, with what
resources?– What is the potential loss?