Download - Design Principles in Information Security
-
8/13/2019 Design Principles in Information Security
1/60
Pintu R Shah
Unit 2: Design Principles
-
8/13/2019 Design Principles in Information Security
2/60
In this unit..
Pintu R Shah MPSTME SVKM's NMIMS2
Various Security attacks
Method of defense
Design Principles
Security policies Types of security policies
-
8/13/2019 Design Principles in Information Security
3/60
Threat
Pintu R Shah MPSTME SVKM's NMIMS3
Threat: an object, person, or other entity that represents aconstant danger to an asset
Management must be informed of the different threats facing
the organization
By examining each threat category, management effectively
protects information through policy, education, training, and
technology controls
-
8/13/2019 Design Principles in Information Security
4/60
Threats to Information Security
Pintu R Shah MPSTME SVKM's NMIMS4
1. Potential Acts of Human Error or Failure2. Compromises to Intellectual Property3. Deliberate Acts of Espionage or Trespass4. Deliberate Acts of Information Extortion5. Deliberate Acts of Sabotage or Vandalism6. Deliberate Acts of Theft7. Deliberate Software Attacks8. Forces of Nature9. Potential Deviations in Quality of Service from Service
Providers10. Technical Hardware Failures or Errors11. Technical Software Failures or Errors12. Technological Obsolescence
-
8/13/2019 Design Principles in Information Security
5/60
Classification of Security Attacks
Pintu R Shah MPSTME SVKM's NMIMS5
Passive attacks-eavesdropping on, or monitoring of,transmissions to:obtain message contents, or
monitor traffic flows
Active attacksmodification of data stream to:masquerade of one entity as some other
replay previous messages
modify messages in transit
denial of service
-
8/13/2019 Design Principles in Information Security
6/60
Passive Attack: release of messagecontents
Pintu R Shah MPSTME SVKM's NMIMS6
-
8/13/2019 Design Principles in Information Security
7/60
Passive Attack: traffic analysis
Pintu R Shah MPSTME SVKM's NMIMS7
-
8/13/2019 Design Principles in Information Security
8/60
Active Attack: replay
Pintu R Shah MPSTME SVKM's NMIMS8
-
8/13/2019 Design Principles in Information Security
9/60
Active Attack: denial of service
Pintu R Shah MPSTME SVKM's NMIMS9
-
8/13/2019 Design Principles in Information Security
10/60
Examples of security attacks
Pintu R Shah MPSTME SVKM's NMIMS10
Social engineering
-
8/13/2019 Design Principles in Information Security
11/60
Examples of security attacks
Pintu R Shah MPSTME SVKM's NMIMS11
Impersonation
-
8/13/2019 Design Principles in Information Security
12/60
Phishing
Pintu R Shah MPSTME SVKM's NMIMS12
"Reproduced with permission. Please visit www.SecurityCartoon.comfor more material."
http://localhost/var/www/apps/conversion/tmp/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Phishing.wmvhttp://www.securitycartoon.com/http://www.securitycartoon.com/http://localhost/var/www/apps/conversion/tmp/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Phishing.wmv -
8/13/2019 Design Principles in Information Security
13/60
Spoofing
Pintu R Shah MPSTME SVKM's NMIMS13
"Reproduced with permission. Please visit www.SecurityCartoon.comfor more material."
http://www.securitycartoon.com/http://www.securitycartoon.com/ -
8/13/2019 Design Principles in Information Security
14/60
Web spoofing
Pintu R Shah MPSTME SVKM's NMIMS14
"Reproduced with permission. Please visit www.SecurityCartoon.comfor more material."
http://www.securitycartoon.com/http://www.securitycartoon.com/ -
8/13/2019 Design Principles in Information Security
15/60
Web spoofing
Pintu R Shah MPSTME SVKM's NMIMS15
"Reproduced with permission. Please visit www.SecurityCartoon.comfor more material."
http://www.securitycartoon.com/http://www.securitycartoon.com/ -
8/13/2019 Design Principles in Information Security
16/60
-
8/13/2019 Design Principles in Information Security
17/60
Malware
Pintu R Shah MPSTME SVKM's NMIMS17
Pest on your PC
"Reproduced with permission. Please visit www.SecurityCartoon.comfor more material."
http://localhost/var/www/apps/conversion/tmp/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Pests%20on%20your%20PC.wmvhttp://www.securitycartoon.com/http://www.securitycartoon.com/http://localhost/var/www/apps/conversion/tmp/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Pests%20on%20your%20PC.wmv -
8/13/2019 Design Principles in Information Security
18/60
Other examples
Pintu R Shah MPSTME SVKM's NMIMS18
Botnet
DoS
Net Threats
Losing your data Drive by downloads
Misleading Applications
Under ground economy
http://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Botnets.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Denial%20of%20Service%20Attacks.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Net%20Threats.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Losing%20your%20data.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20No%204%20Drive-by%20downloads.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20No%205%20Misleading%20Applications.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Underground%20Economy.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Underground%20Economy.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20No%205%20Misleading%20Applications.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20No%204%20Drive-by%20downloads.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Losing%20your%20data.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Net%20Threats.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Denial%20of%20Service%20Attacks.wmvhttp://localhost/var/www/apps/conversion/BtechIS/IS201011/resources/YouTube%20%20%20%20%20%20%20%20-%20Symantec%20Guide%20to%20Scary%20Internet%20Stuff%20-%20Botnets.wmv -
8/13/2019 Design Principles in Information Security
19/60
Methods of Defense
Pintu R Shah MPSTME SVKM's NMIMS19
Five basic approaches to defense of computing systems Preventattack
Block attack / Close vulnerability
Deterattack Make attack harder (cant make it impossible)
Deflectattack Make another target more attractive than this target
Detectattack During or after
Recover from attack
-
8/13/2019 Design Principles in Information Security
20/60
Common Security Principles
Pintu R Shah MPSTME SVKM's NMIMS20
Information security is not new, many principles comefrom military and commercial fields Separation of Privileges Principle
Least Privilege Principle Defense in Depth Principle Security through Obscurity Fail safe defaults Economy of mechanism
Complete mediation Psychological Acceptability
-
8/13/2019 Design Principles in Information Security
21/60
Separation of Privileges Principle
Pintu R Shah MPSTME SVKM's NMIMS21
No single person should have enough authority to cause a criticalevent to happen
Many examples from outside of computing, e.g., two keys needed
to launch a missile Tradeoff between security gained and manpower required to
achieve it
CIO should not have access to all systems
DBA should not have access to encryption key
Example:Accountant with privilege to write check as well as balance the businesses
account is potential for abuse
-
8/13/2019 Design Principles in Information Security
22/60
Least Privilege Principle
Pintu R Shah MPSTME SVKM's NMIMS22
An individual should have only the minimum level ofaccess controls necessary to carry out job functions
A common violation of this principle occurs because of
administrator inattentionUsers are placed in groups that are too broad Another common violation occurs because of privilege
creepUsers are granted new privileges when they change roles
without reviewing existing privileges
-
8/13/2019 Design Principles in Information Security
23/60
Defense in Depth Principle
Pintu R Shah MPSTME SVKM's NMIMS23
Defenses should be layered
Layers begin with points of access to a network and continue
with cascading security at bottleneck points
-
8/13/2019 Design Principles in Information Security
24/60
Defense in Depth
Pintu R Shah MPSTME SVKM's NMIMS24
-
8/13/2019 Design Principles in Information Security
25/60
Security through Obscurity
Pintu R Shah MPSTME SVKM's NMIMS25
In early days of computing, administrators depended upon
secrecy about the security that was in place
No longer very effective in most cases because so much
information is freely available
-
8/13/2019 Design Principles in Information Security
26/60
Fail safe defaults
Pintu R Shah MPSTME SVKM's NMIMS26
This principles states that unless a subject is given explicitaccess to an object, it should be denied access to that object
-
8/13/2019 Design Principles in Information Security
27/60
Economy of mechanism
Pintu R Shah MPSTME SVKM's NMIMS27
Economy of mechanism states that security mechanismshould be as simple as possible
-
8/13/2019 Design Principles in Information Security
28/60
Complete mediation
Pintu R Shah MPSTME SVKM's NMIMS28
Complete mediation requires that all accesses to objects bechecked to ensure that they are allowed
-
8/13/2019 Design Principles in Information Security
29/60
Psychological acceptability
Pintu R Shah MPSTME SVKM's NMIMS29
Psychological acceptability states that security mechanismshould not make the difficult to access than if the security
mechanisms were not present.
-
8/13/2019 Design Principles in Information Security
30/60
Least common mechanism
Pintu R Shah MPSTME SVKM's NMIMS30
Least common mechanism principle states that mechanismused to access resources should not be shared.
-
8/13/2019 Design Principles in Information Security
31/60
Considering Security Tradeoffs
Pintu R Shah MPSTME SVKM's NMIMS31
Security can be looked at as a tradeoff between risks andbenefits
Cost of implementing the security mechanism and the amount
of damage it may prevent Tradeoff considerations are security, user convenience,
business goals, and expenses
-
8/13/2019 Design Principles in Information Security
32/60
Considering Security Tradeoffscontinued)
Pintu R Shah MPSTME SVKM's NMIMS32
An important tradeoff involves user convenience
Between difficulty of use and willingness of users
If users wont use a system because of cumbersome security
mechanisms, there is no benefit to having security
If users go out of their way to circumvent security, the system
may be even more vulnerable
-
8/13/2019 Design Principles in Information Security
33/60
Policy and Education
Pintu R Shah MPSTME SVKM's NMIMS33
Cornerstone of a security effort is toImplement proper policies
Educate users about those policies
Information security policies should beFlexible enough not to require frequent rewrites
Comprehensive enough to ensure coverage of situations
Available to all members of the organization
Readable and understandable
-
8/13/2019 Design Principles in Information Security
34/60
What Are Information Security Policies?
Pintu R Shah MPSTME SVKM's NMIMS34
Documented, High-level Management Instructions Formal Way To Say "This Is How We Do It Here"
Generalized Requirements Statements to minimize risk
Higher Level Than Standards & Procedures Policy attributes include the following:
Require compliance (mandatory)
Failure to comply results in disciplinary action
Focus on desired results, not on means of implementation Further defined by standards and guidelines
-
8/13/2019 Design Principles in Information Security
35/60
A Standard
Pintu R Shah MPSTME SVKM's NMIMS35
A mandatory action or rule designed to support and conformto a policy.
A standard should make a policy more meaningful and
effective.
A standard must include one or more accepted specifications
for hardware, software, or behavior.
-
8/13/2019 Design Principles in Information Security
36/60
A guideline
Pintu R Shah MPSTME SVKM's NMIMS36
General statements, recommendations, or administrativeinstructions designed to achieve the policys objectives by
providing a framework within which to implement
procedures.
A guideline can change frequently based on the environmentand should be reviewed more frequently than standards and
policies.
A guideline is not mandatory, rather a suggestion of a best
practice. Hence guidelines and best practice are
interchangeable
-
8/13/2019 Design Principles in Information Security
37/60
Relation between policies, standards
and Guidelines
Pintu R Shah MPSTME SVKM's NMIMS37
Policies
Standards
Guideline
-
8/13/2019 Design Principles in Information Security
38/60
Policy Analogy
Pintu R Shah MPSTME SVKM's NMIMS38
Think of a company that builds cabinet and has hammerpolicy
-
8/13/2019 Design Principles in Information Security
39/60
Policy
Pintu R Shah MPSTME SVKM's NMIMS39
All boards must be nailed together using company issueshammers to ensure end product consistency and worker
safety.
-
8/13/2019 Design Principles in Information Security
40/60
Standard
Pintu R Shah MPSTME SVKM's NMIMS40
Eleven inch fiberglass hammers will be used. Only hardened-steel nails will be used with the hammers. Automatic
hammers are to be used for the repetitive jobs that are > 1
hr.
-
8/13/2019 Design Principles in Information Security
41/60
-
8/13/2019 Design Principles in Information Security
42/60
Procedure
Pintu R Shah MPSTME SVKM's NMIMS42
Position the nail in the upright position on the board. Strike nail with full swing of hammer
Repeat until nail is flush with board
If the thumb is caught between the nail and board, see NailFirst Aid procedure
-
8/13/2019 Design Principles in Information Security
43/60
Policies are NOT
Pintu R Shah MPSTME SVKM's NMIMS43
Not Systems Settings For Firewalls & Other Security Gear Unlike Guidelines, Policies Are Not Optional
Unlike Architectures, Policies Are Product Independent
-
8/13/2019 Design Principles in Information Security
44/60
Security Policy Drivers
Pintu R Shah MPSTME SVKM's NMIMS44
C f ff f
-
8/13/2019 Design Principles in Information Security
45/60
Characteristics of Effective Information
Security Policies
Pintu R Shah MPSTME SVKM's NMIMS45
Complete - Address all critical areas of information risk. OrganizedPolicies based on a recognized standard or
frameworks (ISO 27002)
DocumentedWritten and maintained with clear
ownership and version history. UpdatedPeriodically reviewed for updates based on
the latest risks.
CommunicatedPolicies are read and understood by allpeople in the organization.
-
8/13/2019 Design Principles in Information Security
46/60
Types of security policies
Pintu R Shah MPSTME SVKM's NMIMS46
According to NIST, security policies are of following typesProgram policyis used to create an organization's computer
security program.
Issue-specific policiesaddress specific issues of concern to theorganization.
System-specific policiesfocus on decisions taken by management to
protect a particular system. (Source: http://csrc.nist.gov/publications/nistpubs/800-
12/800-12-html/chapter5.html)
-
8/13/2019 Design Principles in Information Security
47/60
Program-Level Policies
47
Establish a security program
Assign program management responsibilities
State an organization-wide computer securitypurpose and objectives
Establish a basis for policy compliance
Pintu R Shah MPSTME SVKM's NMIMS
-
8/13/2019 Design Principles in Information Security
48/60
Program level policies
Pintu R Shah MPSTME SVKM's NMIMS48
Components of program level policy are Purposeincludes the objectives of the program,
such as: Improved recovery times
Reduced costs or downtime due to loss of data
Reduction in errors for both system changes and operational activities
Regulatory compliance
Management of overall confidentiality, integrity, and availability Scopeprovides guidance on whom and what are covered by the policy.
Coverage may include: Facilities, Lines of business, Employees ordepartments ,Technology, Processes
Responsibilitiesfor the implementation and management of the policy areassigned in this section. Organizational units or individuals are potential
assignment candidates. Complianceprovides for the policy's enforcement. Describe oversight
activities and disciplinary considerations clearly. But the contents of thissection are meaningless unless an effective awareness program is in place.
-
8/13/2019 Design Principles in Information Security
49/60
Examples
49
Business continuity planning (BCP) frameworkPhysical security requirements framework for
data centers
Application development security framework
Pintu R Shah MPSTME SVKM's NMIMS
E l A li ti D l t
-
8/13/2019 Design Principles in Information Security
50/60
Example: Application Development
Policy
Pintu R Shah MPSTME SVKM's NMIMS50
Application development process Methodology
Development environment
Access to program source library
Business requirements
Risk assessment
Installation process
Restriction on changes to software packages
Software acquisistion
User procedure and training
-
8/13/2019 Design Principles in Information Security
51/60
Example (cont)
Pintu R Shah MPSTME SVKM's NMIMS51
System business requirements Design Design exceptions Input validation Control of internal processing Message authentication Output validation Application auditing / logging
Application testing Application review Acceptance testing criteria
User acceptance testing Post implementation review Protection of System test data
-
8/13/2019 Design Principles in Information Security
52/60
Issue specific security Policies
Pintu R Shah MPSTME SVKM's NMIMS52
Addresses specific areas of technology
Requires frequent updates
Contains a statement on the organizations position on aspecific issue
Examples: Email policy
Backup policy
Wireless device policy
Use of telecommunication policy
-
8/13/2019 Design Principles in Information Security
53/60
Issue-Specific Policies
53
Basic components Issue statementdefines a security issue, along with any relevant terms,
distinctions, and conditions
Statement of the organizations positionclearly states anorganizations position on the issue
Applicabilityclearly states where, how, when, to whom, and to what aparticular policy applies
Roles and responsibilitiesassigns roles and responsibilities to the issue
Compliancegives descriptions of the infractions and states thecorresponding penalties
Points of contact and supplementary informationlists the namesof the appropriate individuals to contact for further information and listsany applicable standards or guidelines
Pintu R Shah MPSTME SVKM's NMIMS
http://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdfhttp://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdfhttp://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdfhttp://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdf -
8/13/2019 Design Principles in Information Security
54/60
Acceptable Use Policy
Pintu R Shah MPSTME SVKM's NMIMS54
Defines allowable uses of an organizations informationresources
Must be specific enough to guide user activity but flexible
enough to cover unanticipated situationsShould answer key questions What activities are acceptable? What activities are not acceptable? Where can users get more information as needed? What to do if violations are suspected or have occurred?
http://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdfhttp://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdfhttp://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdfhttp://localhost/var/www/apps/conversion/tmp/scratch_7/resources/Acceptable_Use_Policy.pdf -
8/13/2019 Design Principles in Information Security
55/60
Backup Policy
Pintu R Shah MPSTME SVKM's NMIMS55
Data backups protect against corruption and loss of data To support the integrity and availability goals of security
Backup policy should answer key questions
What data should be backed up and how? Where should backups be stored? Who should have access? How long should backups be retained? How often can backup media be reused?
-
8/13/2019 Design Principles in Information Security
56/60
Confidentiality Policy
Pintu R Shah MPSTME SVKM's NMIMS56
Outlines procedures used to safeguard sensitive information
Should cover all means of information dissemination includingtelephone, print, verbal, and computer
Questions include What data is confidential and how should it be handled?
How is confidential information released?
What happens if information is released in violation of the policy?
Employees may be asked to sign nondisclosure agreements
-
8/13/2019 Design Principles in Information Security
57/60
Data Retention Policy
Pintu R Shah MPSTME SVKM's NMIMS57
Defines categories of data Different categories may have different protections under the policy
For each category, defines minimum retention time Time may be mandated by law, regulation, or business needs, e.g., financial
information related to taxes must be retained for 7 years
For each category, defines maximum retention time This time may also be mandated by law, regulation, or business needs
Common in personal privacy areas
-
8/13/2019 Design Principles in Information Security
58/60
Wireless Device Policy
Pintu R Shah MPSTME SVKM's NMIMS58
Includes mobile phones, PDAs, palm computers
Users often bring personal devices to the workplace
Policy should define
Types of equipment that can be purchased by the organizationType of personal equipment that may be brought into the
facilityPermissible activitiesApproval authorities for exceptions
-
8/13/2019 Design Principles in Information Security
59/60
System-Specific Policies
59
State security objectives of a specific system Define how the system should be operated to achieve
objectives
Specify how the protections and features of the technology
used to support or enforce the security objectives
Examples : ACL
Who is allowed to read or modify data in the system?
Under what conditions can data be read or modified?
Are users allowed to dial into the computer system from homeor while on travel?
Pintu R Shah MPSTME SVKM's NMIMS
-
8/13/2019 Design Principles in Information Security
60/60
Exercise
Pi R Sh h MPSTME SVKM' NMIMS