![Page 1: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/1.jpg)
Computer Security: Computer Security: Principles and PracticePrinciples and Practice
First EditionFirst Editionby William Stallings and Lawrie Brownby William Stallings and Lawrie Brown
Lecture slides by Lawrie BrownLecture slides by Lawrie Brown
Chapter 1 – Chapter 1 – OverviewOverview
![Page 2: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/2.jpg)
OverviewOverview
Computer Security:Computer Security: protection afforded protection afforded to an automated information system in to an automated information system in order to attain the applicable objectives of order to attain the applicable objectives of preserving the integrity, availability and preserving the integrity, availability and confidentiality of information system confidentiality of information system resources (includes hardware, software, resources (includes hardware, software, firmware, information/data, and firmware, information/data, and telecommunications).
![Page 3: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/3.jpg)
Key Security ConceptsKey Security Concepts
![Page 4: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/4.jpg)
Computer Security ChallengesComputer Security Challenges1.1. not simplenot simple2.2. must consider potential attacksmust consider potential attacks3.3. procedures used counter-intuitiveprocedures used counter-intuitive4.4. involve algorithms and secret infoinvolve algorithms and secret info5.5. must decide where to deploy mechanismsmust decide where to deploy mechanisms6.6. battle of wits between attacker / adminbattle of wits between attacker / admin7.7. not perceived on benefit until failsnot perceived on benefit until fails8.8. requires regular monitoringrequires regular monitoring9.9. too often an after-thoughttoo often an after-thought10.10. regarded as impediment to using systemregarded as impediment to using system
![Page 5: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/5.jpg)
Security TerminologySecurity Terminology
![Page 6: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/6.jpg)
Vulnerabilities and AttacksVulnerabilities and Attacks
system resource vulnerabilities maysystem resource vulnerabilities may be corrupted (loss of integrity)be corrupted (loss of integrity) become leaky (loss of confidentiality)become leaky (loss of confidentiality) become unavailable (loss of availability)become unavailable (loss of availability)
attacks are threats carried out and may beattacks are threats carried out and may be passivepassive activeactive insiderinsider outsideroutsider
![Page 7: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/7.jpg)
CountermeasuresCountermeasures
means used to deal with security attacksmeans used to deal with security attacks preventprevent detectdetect recoverrecover
may result in new vulnerabilitiesmay result in new vulnerabilities will have residual vulnerabilitywill have residual vulnerability goal is to minimize risk given constraintsgoal is to minimize risk given constraints
![Page 8: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/8.jpg)
Threat ConsequencesThreat Consequences
unauthorized disclosureunauthorized disclosure exposure, interception, inference, intrusionexposure, interception, inference, intrusion
deceptiondeception masquerade, falsification, repudiationmasquerade, falsification, repudiation
disruptiondisruption incapacitation, corruption, obstructionincapacitation, corruption, obstruction
usurpationusurpation misappropriation, misusemisappropriation, misuse
![Page 9: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/9.jpg)
Scope of Computer SecurityScope of Computer Security
![Page 10: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/10.jpg)
Network Security AttacksNetwork Security Attacks classify as passive or activeclassify as passive or active passive attacks are eavesdroppingpassive attacks are eavesdropping
release of message contentsrelease of message contents traffic analysistraffic analysis are hard to detect so aim to preventare hard to detect so aim to prevent
active attacks modify/fake dataactive attacks modify/fake data masquerademasquerade replayreplay modificationmodification denial of servicedenial of service hard to prevent so aim to detecthard to prevent so aim to detect
![Page 11: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/11.jpg)
Security Functional Security Functional RequirementsRequirements
technical measures:technical measures: access control; identification & authentication; system & access control; identification & authentication; system &
communication protection; system & information integritycommunication protection; system & information integrity management controls and procedures management controls and procedures
awareness & training; audit & accountability; certification, awareness & training; audit & accountability; certification, accreditation, & security assessments; contingency accreditation, & security assessments; contingency planning; maintenance; physical & environmental planning; maintenance; physical & environmental protection; planning; personnel security; risk assessment; protection; planning; personnel security; risk assessment; systems & services acquisitionsystems & services acquisition
overlapping technical and management:overlapping technical and management: configuration management; incident response; media configuration management; incident response; media
protectionprotection
![Page 12: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/12.jpg)
X.800 Security ArchitectureX.800 Security Architecture
X.800, X.800, Security Architecture for OSISecurity Architecture for OSI systematic way of defining requirements systematic way of defining requirements
for security and characterizing approaches for security and characterizing approaches to satisfying themto satisfying them
defines:defines: security attacks - compromise security security attacks - compromise security security mechanism - act to detect, prevent, security mechanism - act to detect, prevent,
recover from attackrecover from attack security service - counter security attackssecurity service - counter security attacks
![Page 13: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/13.jpg)
Security TaxonomySecurity Taxonomy
![Page 14: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/14.jpg)
Security TrendsSecurity Trends
![Page 15: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/15.jpg)
Computer Security LossesComputer Security Losses
![Page 16: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/16.jpg)
Security Technologies UsedSecurity Technologies Used
![Page 17: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/17.jpg)
Computer Security StrategyComputer Security Strategy specification/policyspecification/policy
what is the security scheme supposed to do?what is the security scheme supposed to do? codify in policy and procedurescodify in policy and procedures
implementation/mechanismsimplementation/mechanisms how does it do it?how does it do it? prevention, detection, response, recoveryprevention, detection, response, recovery
correctness/assurancecorrectness/assurance does it really work?does it really work? assurance, evaluationassurance, evaluation
![Page 18: Computer Security: Principles and Practice, 1/e · Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms](https://reader035.vdocument.in/reader035/viewer/2022062507/5fc437e179048946ca3f6fd6/html5/thumbnails/18.jpg)
SummarySummary
security conceptssecurity concepts terminologyterminology functional requirementsfunctional requirements security architecturesecurity architecture security trendssecurity trends security strategysecurity strategy