Data Security and Cryptology, I

Introduction. Essence of Data Security

Data Security and Cryptology, I

Introduction. Essence of Data Security

September 3th, 2014

Valdo Praust 

mois@mois.ee

Lecture Course in Estonian IT CollegeAutumn 2014 

  

September 3th, 2014

Valdo Praust 

mois@mois.ee

Lecture Course in Estonian IT CollegeAutumn 2014 

  

Name and GoalName and GoalName: Data Security and Cryptology(Andmeturve ja krüptoloogia)

Place: Estonian IT College

Goal of lecture course: To provide a systematic overview of contemporary data security and cryptology, both from theoretical and practical side. Data security as a practical discipline will considered a little bit more theoretically and cyrpotography as a deep theoretical discipline (and also an important tool for data security) more practically

Processual Data, IProcessual Data, ICode: I378

Invovles: 16 academic pairs of lectures, 12 pairs of practices, 74 hours independent work

Points: 5 ECTS

Schedule (lectures): once a week, on Wednesdays between 2pm and 4pm

Grading: final test (determines the final mark) – 70 multiple choice questions

Processual Data, IIProcessual Data, II

• Distibution of materials: via webpage http://www.itcollege.ee/~valdo/security/ - English slideshows (PPTs); Estonian slideshows from year 2011 also available

• Communication between lecturer and students: via email and the above-mentioned webpage

• Practical exercises will start in 5th week (4 pm)

LecturerLecturer

Valdo Praust

• Master of Science (MSc)

• have 22 years different experience if the field of data security (different roles)

• currently freelancer IT Securiy expert

• ph +372 514 3262

• email valdo.praust@gmail.com

Plan of Lectures, IPlan of Lectures, I1. Introduction. Essense of Data Security. Data

security, it’s essence and importance in contemporary information systems and in whole world. Availability, integrity and confidentiality, its importance in different information systems and in protection of IT assets. Standard model of security harming. Economical side of data security. Practical solving of security problem

2. Security Threats, Classification. Classification of threats: spontaneous (accidental) threats and attacks. Methods used for finding and evaluating threats. Threats frequency

Plan of Lectures, IIPlan of Lectures, II3. Vulnerabilities of Information Assets.

Appliable Security Measues. Classification of vulnerabilities. Interaction between vulnerabilities and theats, examples

4. Risk Management and its Methodics. Risk management as a tool of solving practical security problem. Four alternatives of risk management – detailed risk analysis, baseline security method, mixed method, non-formal method; their comparison. Quantitative and qualitative risk analysis, examples. Examples of baseline security methods, BSI and ISKE

Plan of Lectures, IIIPlan of Lectures, III5. Essence of Cryptogrtaphy. Pre-

Computer Cryptography. Essence and basic concepts of encryption. History of cryptography, traditional cryptography. Pre-computer cryptography, best-known traditional techniques and machines. Theoretical and practical security

6. Basics of Contemporary Cryptography. Main concepts, essence and goals. Main types of algorithms and their’ usage. Cryptanalysis, its’ goal and properties. Practical security of cryptoalgoritms, ways of achieving this

Plan of Lectures, IVPlan of Lectures, IV

7. Symmetric Cryptoalgorithms. AES. Essence of symmetric cryptoalgorithms. Modes of operation, their usability and security. AES – history, main properties, technical description. Security and modes operation of AES

8. Other Symmetric Cryptoalgorithms. IDEA, Skipjack, Blowfish, AES, RC4. Their properties, security, usability. DES as a retrospective view of a classic symmetric algorithm

Plan of Lectures, VPlan of Lectures, V9. Asymmetric Cryptoalgorithms. RSA.

Essence, properties, mathemathical background and main concepts. Example. Practical usability, realisations

10.Hash Functions. Cryptoprotocols, TLS Essence of hash functions, properties, demands. Mostly used algorithms, thoretical and practical secrity. Collisions. Security protocols. TLS as an example - its desciption and usability

Plan of Lectures, VIPlan of Lectures, VI

11. Digital Signature, its Usage. Urgency of digital signature in digital record management. Digital signature as an application of public-key cryptography. Practices of handling both the private and public key. Certification, certificates. Timestamp, validity of approval, service providers. Certification infrastructure, PKI. Digital signature in Estonia

Plan of Lectures, VIIPlan of Lectures, VII

12. Digital Signature and Digital Record Management in Practice. Digital Archieving, Estonian ID card. Peculiarities of digital signature in practice. Comparison with handwritten signature for end users and business. Overview of Estonian ID-card and mobile-ID card. Digital record management and digital archieving from the point of view of security

Plan of Lectures, VIIIPlan of Lectures, VIII

13. Database Security. Network Security. Database security, theory and practice. Importance and usability of cryptographical chaining, integrity and accountability. Confidentiality as a difficultly solvable problem. Importance of network security. Firewall, virtual private network, cryptowall. Secure remote client

Plan of Lectures, IXPlan of Lectures, IX

14. Security Management (Organisational Security). Principles and goals of data security management. Functions and activities. Essence of data security policy. Roles of Data Security Forum. Choosing of appropriate risk management technique. Data security plan, implementation of security measures and follow-up activities. Related national and international standards

Plan of Lectures, XPlan of Lectures, X15. Legal Control of Data Security. Protecting of

Personal Data. Essence of personal data. Common practices of protecting personal data both in Europe and in all around the world. Estonian Data Protection Act. Sensitive personal data, obligation of registration. Peculiarities of data security in public sector – data security classes, etc

16. Social Elements of Data Security. Influence of data security to information systems and society. Cyberattacks, cyberwar, information war. Cyberdefence, the role and share of different institutions. Cyber-security and data security, their main problems and comparison

Practical exercises, IPractical exercises, I

• Classification of threats, vulnerabilities and safeguards, their inter-dependendence

• Different baseline security standards

• Different risk analysis methodics

• Different cryptographic tools, usage of cryptoalgorithms

Practical exercises, IIPractical exercises, II

• Introduction of PKI environment and software

• Practical solving of security task (different aspects and poit of view)

• Different secure authentication means

Will start in 5th week

Independent workIndependent work

Final test (determines the final mark) – 70 multiple choice questions

In order to access to the final test both the referative work and practical exercises must be passed (and marked)

Referative work, related to data security or cryptography (deadline - 14th week). Minimal amount – 20 pages

What We Protect: Information What We Protect: Information Information (informatsioon, teave) – a knowledge concerning any objects, such as facts, events, things, processes or ideas, which have a special meaning in certain contexts

The concept “information” is heavily related to the more general concept – knowledge. It assumes that there is a fact whis is known (an object), and the person who knows the fact (the subject)

Information itself does not have the practical shape. The practical shape of information will occure when we also consider the practical representation of information (and then it is called - data)

Information itself does not have the practical shape. The practical shape of information will occure when we also consider the practical representation of information (and then it is called - data)

What We Protect: DataWhat We Protect: Data

Data are always the presentation of information, usually in a pre-agreed form (which allows to transfer the information beared by the data from one subject to another)

The same data can be interpreted differently by the different subjects having a different background (for example, “hallitus” in Estonian and in Finnish)

Data (andmed) – reinterpretable formalized representation of an information in such a form which is suitable for transfer, processing and/or interpretation

Data (andmed) – reinterpretable formalized representation of an information in such a form which is suitable for transfer, processing and/or interpretation

Digital DataDigital DataAny information can be represented (carried) by the data in many different ways. The more essential ways are two following:

• paper-based data (paberkandjal andmed) – text, schemes, pictures etc are beared on the surface of the carrier (paper sheet(s))

• digital data (digikujul andmed) – all the data are coded into the queues of 0’s and 1’s using certain standards and certain technical equipment

When we talk about the computer-based (computer processable) data we always thought the digital data, which are always coded by using the queues of 0’s and 1’s.

When we talk about the computer-based (computer processable) data we always thought the digital data, which are always coded by using the queues of 0’s and 1’s.

Data FormatData Format

Data format (andmevorming, vorming) — a desciption how different type of information – text, picture, voice, video etc – is coded into the queue of 0’s and 1’s

A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data

A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data

From Data Format to MeaningFrom Data Format to MeaningDifferent data formats are supported by a different application software which usually allow to write the file in certain format, or to made the content of data (information) human-perceptable etc.

Different data formats are supported by a different application software which usually allow to write the file in certain format, or to made the content of data (information) human-perceptable etc.

A typical end-user usually don’t know anything about different data formats and interpretation. He/she usually associates the certain format only to the certain software which is able to interpretate these format(s).

End user usually receives only an human-perceptable form, prepared by the software, so-calles WYSIWYG (What You See Is What You Get, in Estonian adekvaatkuva)

Necessity of Data Security

If we possess (or process) the data then the information carried by the data has always a certain value for us (for our business process). It does not depend either the infomation is represented by the digital nor by the paper-based data

Information security (infoturve) or data security (andmeturve) is a discipline concerning the maintaining these values/properties of information (performed in practice by the maintaining the properties of data)

Information security (infoturve) or data security (andmeturve) is a discipline concerning the maintaining these values/properties of information (performed in practice by the maintaining the properties of data)

Components of Information Security

Infortmation security (infoturve) or data security (andmeturve) is a complex concept consisting of following three properties:• information availability (käideldavus)• information integrity (terviklus)• information confidentiality (konfidentsiaalsus)

Infortmation security (infoturve) or data security (andmeturve) is a complex concept consisting of following three properties:• information availability (käideldavus)• information integrity (terviklus)• information confidentiality (konfidentsiaalsus)

These three properties (branches of secrity) must be maintained for all information/data items we possess.

In pre-computer world (paper-based information) we talked only about the confidentiality, not for other branches

About Different ConceptsThe following four concepts:

• information security (infoturve)

• information protection (infokaitse)

• data security (andmeturve)

• data protection (andmekaitse)

are widely taken synonyms

It’s mainly a question about traditions and culture where we use which concept. For example in Europe the concept data protection is often used in a context of protection of personal data (isikuandmete kaitse)

It’s mainly a question about traditions and culture where we use which concept. For example in Europe the concept data protection is often used in a context of protection of personal data (isikuandmete kaitse)

Data AvailabilityData availabilty (andmete käideldavus) is a timely and convenient access and usage of information carried by the data for all authorized persons and other entities

Data availabilty (andmete käideldavus) is a timely and convenient access and usage of information carried by the data for all authorized persons and other entities

Availability is the most important component of data security – the worst thing which must be happened is that data are no more available for the subjects which need them during business process (maybe destroyed forever)

Examples:• border guard does not have the list of fugitives (or the list

isn’t up-to-date);• National Board of Land does not know the who possesses

the concrete plot of land

Data IntegrityData integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain source and haven’t been altered (both by an accident or by a deliberate act or by the fake)

Data integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain source and haven’t been altered (both by an accident or by a deliberate act or by the fake)

Integrity are the second important security branch (by the availability)

In the business process we usually assume that the data we used (information carried by the data) are firmly related to the creator/source of the data, creation time etc. Violation or absense of these relationships will usually causes serios negative consequences

Näide: karistusregistri kuritahtliku muutmisega saab vang õigusevastaselt varem vabaks

Data ConfidentialityData confidentiality (andmete konfidentsiaalsus ehk salastatus ehk salastus) is the availability of the information, carried by the data, only by the authorized subjects (and strict non-availability for other subjects)

Data confidentiality (andmete konfidentsiaalsus ehk salastatus ehk salastus) is the availability of the information, carried by the data, only by the authorized subjects (and strict non-availability for other subjects)

Examples:• state of corporative secret will be disclosed• operational intelligence information will be disclosed• personal data will be spread without the permission of

data subject

Security of Data vs IT Assets Security of data (security of information beared by the data) is ensured by the securing the (IT) assets surrounding the data

Security of data (security of information beared by the data) is ensured by the securing the (IT) assets surrounding the data

IT assets (infovarad) include:• IT equipment (hardware, communication devices, power

supplies etc)• data communication channels• software (both system and application software)

but it also MUST include (must taken into the account):• organization (its structure and operation)• personnel• data carriers (incl. documents)• infrastructure (buildings, offices etc)

Main Properties of Digital Data (from the security point of view)1. A great but indirect value of a data

(information): it’s very hard to measure it

2. Portativity: data which can be stored by the very small and easily movable carriers can possess a huge value for our business process

3. Possibility of avoiding the physical contact: the physical and virtual structures are usually very different

4. Disclosure of security losses especially for integrity and confidentiality losses

Standard Model of Security Harming1. Threats (ohud) influence the data (via IT assets)

2. Threats use the vulnerabilities (nõrkused, turvaaugud) of IT assets or components of IT system

3. Threats with co-influence the vulnerabilites will determine the risk or security risk (risk, turvarisk)

4. When a certain risk realises, there will appear a security loss or security breach or security incident (turvakadu, turvarike, turvaintsident)

5. In order to minimize the risks there’s necessary to minimise vulnerabilities using safeguards of security measures (turvameetmeid)

Harming of Security

Influence of Safeguard(s)

Essence of Security Concepts• Threat (oht) – a potential extern-influenced harm of

information security

• Vulnerability (nõrkus ehk turvaauk) – the property of each IT asset (component) from the point of view of external threats

• Risk (risk) – a probability that threat can use the certain vulnerability and will realise

• Security loss (turvakadu) – an event when the security (availability, integrity and/or confidentiality) of some IT asset(s) will be harmed

• Safeguard or security measure (turvameede) – a modification of IT asset(s) which will minimise the risk(s) (the rate of vulnerabilities of asset(s))

Examples of Security Losses• failure of equipment – integrity loss of IT

asset

• theft of equipment – availability loss of IT asset

• Unauthorised modifying of register – integrity loss of data

• destroying of office rooms by fire – availability loss of infrastructure

• wiretapping of non-crypted data cabels – confidentiality loss of data

Relations Between Main Concepts

Security and Residual Risk

Instead of absolute security usually the concept acceptable residual risk by the business process (äriprotsessi jaoks aktsepteeritav jääkrisk) is used

NB! It does not matter how many safeguards we implement, we NEVER achieve the absolute security. If we implement more safeguards we only minimise the probability that security (availability, integrity of confidentiality) will be harmed but it will never fall into zero

NB! It does not matter how many safeguards we implement, we NEVER achieve the absolute security. If we implement more safeguards we only minimise the probability that security (availability, integrity of confidentiality) will be harmed but it will never fall into zero

An acceptable residual risk is a situation where the total price of all implemented safeguards is approximately equal to the forecasted total loss of security (measured by the amount of money)

Economical View of Data Security

The both graphs are hardly predictable (estimatable):

• We do not know the exact expenses of the all safeguards (it will change over the times)

• Even less we can estimate the graph of damages – we do not have the actual data of threat frequences and their impact for all IT assets

• Even we have all this estimation data, the exact calculation (quantitative risk analysis) is very time-consuming prosess - there’s a hunderds of different IT assets, thousands of threats, thousands of vulnerabilities (and all of them must be taken account together)

Serious Obstacles of Evaluating the Optimal Security Point

Necessity for a Risk Management Techniques

Necessity for a Risk Management Techniques

• to standardise different security levels i.e. different availability, integrity and confidentiality levels

• to create a system which is able to determine standardised actions (safeguards), for different security levels, which result ensures us to approximately achieve the optimum point (to archieve the acceptable residual risk situation

This process is usually called a risk management (riskihaldus)This process is usually called a risk management (riskihaldus)

In order to simplify a practical security task it’s usually necessary