elementary information security

Elementary

Information

Security

JONES &BARTLETT

LEARNING

Contents

Preface xvii

Chapter 1 Security from the Ground Up 1

1.1 The Security Landscape 1

1.1.1 Making Security Decisions 3

1.1.2 The Security Process 5

1.1.3 Continuous Improvement: A Basic Principle 6

1.2 Process Example: Bob's Computer 7

1.3 Assets and Risk Assessment 11

1.3.1 What Are We Protecting? 14

1.3.2 Security Boundaries 15

1.3.3 Security Architecture 17

1.3.4 Risk Assessment Overview 19

1.4 Identifying Risks 20

1.4.1 Threat Agents 20

1.4.2 Security Properties, Services, and Attacks 22

1.5 Prioritizing Risks 23

1.5.1 Example: Risks to Alice's Laptop 24

1.5.2 Other Risk-Assessment Processes 29

1.6 Ethical Issues in Security Analysis 31

1.6.1 Searching for Vulnerabilities 32

1.6.2 Sharing or Publishing Vulnerabilities 33

1.7 Security Example: Aircraft Hijacking 35

1.7.1 Hijacking: A High-Level Analysis 36

1.7.2 September 11,2001 37

Contents

1.8 Resources 39

1.8.1 Review Questions 41

1.8.2 Exercises 41

Chapter 2 Controlling a Computer 43

2.1 Computers and Programs 43

2.1.1 Input/Output 45

2.1.2 Program Execution 47

2.1.3 Procedures 48

2.2 Programs and Processes 49

2.2.1 Switching Between Processes 51

2.2.2 The Operating System 53

2.3 Buffer Overflow and the Morris Worm 54

2.3.1 The "Finger" Overflow 55

2.3.2 Security Alerts 59

2.4 Access Control Strategies 60

2.4.1 Puzzles and Patterns 61

2.4.2 Chain of Control: Another Basic Principle

2.5 Keeping Processes Separate 65

2.5.1 Sharing a Program 68

2.5.2 Sharing Data 70

2.6 Security Policy and Implementation 71

2.6.1 Analyzing Alice's Risks 73

2.6.2 Constructing Alice's Policy 75

2.6.3 Alice's Security Controls 77

2.7 Security Plan: Process Protection 80

2.8 Resources 85


2.8.2 Exercises 87

Chapter 3 Controlling Files 91

3.1 The File System 91

3.1.1 File Ownership and Access Rights 94

Contents

3.1.2 Directory Access Rights 95

3.2 Executable Files 97

3.2.1 Execution Access Rights 98

3.2.2 Computer Viruses 100

3.2.3 Macro Viruses 103

3.2.4 Modern Malware: A Rogue's Gallery 104

3.3 Sharing and Protecting Files 106

3.3.1 Policies for Sharing and Protection 108

3.4 Security Controls for Files 111

3.4.1 Deny by Default: A Basic Principle 112

3.4.2 Managing Access Rights 114

3.4.3 Capabilities 115

3.5 File Security Controls 117

3.5.1 File Permission Flags 117

3.5.2 Security Controls to Enforce Bob's Policy 120

3.5.3 States and State Diagrams 121

3.6 Patching Security Flaws 123

3.7 Process Example: The Horse 127

3.7.1 Troy: A High-Level Analysis 128

3.7.2 Analyzing the Security Failure 129

3.8 Resources 130


3.8.2 Exercises 131

Chapter 4 Sharing Files 135

4.1 Controlled Sharing 135

4.1.1 Basic File Sharing on Windows 137

4.1.2 User Groups 139

4.1.3 Least Privilege and Administrative Users 140

4.2 File Permission Flags 143

4.2.1 Permission Flags and Ambiguities 146

4.2.2 Permission Flag Examples 147

vi Contents

4.3 Access Control Lists 149

4.3.1 POSIXACLs 151

4.3.2 Macintosh OS-X ACLs 152

4.4 Microsoft Windows ACLs 156

4.4.1 Denying Access 157

4.4.2 Default File Protection 159

4.5 A Different Trojan Horse 163

4.6 Phase Five: Monitoring the System 165

4.6.1 Logging Events 167

4.6.2 External Security Requirements 170

4.7 Resources 173


4.7.2 Exercises 174

Chapter 5 Storing Files 177

5.1 Phase Six: Recovery 177

5.1.1 The Aftermath of an Incident 178

5.1.2 Legal Disputes 180

5.2 Digital Evidence 181

5.2.1 Collecting Legal Evidence 182

5.2.2 Digital Evidence Procedures 184

5.3 Storing Data on a Hard Drive 185

5.3.1 Hard Drive Controller 189

5.3.2 Hard Drive Formatting 190

5.3.3 Error Detection and Correction 192

5.3.4 Hard Drive Partitions 195

5.3.5 Memory Sizes and Address Variables 197

5.4 FAT: An Example File System 200

5.4.1 Boot Blocks 201

5.4.2 Building Files from Clusters 203

5.4.3 FAT Directories 206

Contents vii

5.5 Modern File Systems 207

5.5.1 Unix File System 209

5.5.2 Apple's HFS Plus 211

5.5.3 Microsoft's NTFS 212

5.6 Input/Output and File System Software 214

5.6.1 Software Layering 217

5.6.2 A Typical I/O Operation 220

5.6.3 Security and I/O 221

5.7 Resources 223


5.7.2 Exercises 225

Chapter 6 Authenticating People 229

6.1 Unlocking a Door 229

6.1.1 Authentication Factors 231

6.1.2 Threats and Risks 233

6.2 Evolution of Password Systems 237

6.2.1 One-Way Hash Functions 240

6.2.2 Sniffing Credentials 243

6.3 Password Guessing 244

6.3.1 Password Search Space 247

6.3.2 Truly Random Password Selection 249

6.3.3 Cracking Speeds 251

6.4 Attacks on Password Bias 252

6.4.1 Biased Choices and Average Attack Space 254

6.4.2 Estimating Language-Based Password Bias 257

6.5 Authentication Tokens 258

6.5.1 Challenge-Response Authentication 260

6.5.2 One-Time Password Tokens 264

6.5.3 Token Vulnerabilities 266

6.6 Biometric Authentication 268

6.6.1 Biometric Accuracy 269

6.6.2 Biometric Vulnerabilities 271

viii Contents

6.7 Authentication Policy 272

6.7.1 Weak and Strong Threats 272

6.7.2 Policies for Weak Threat Environments 274

6.7.3 Policies for Strong and Extreme Threats 276

6.7.4 Password Selection and Handling 279

6.8 Resources 281


6.8.2 Exercises 282

Chapter 7 Encrypting Files 285

7.1 Protecting the Accessible 285

7.1.1 Process Example: The Encrypted Diary 286

7.1.2 Encryption Basics 287

7.1.3 Encryption and Information States 291

7.2 Encryption and Cryptanalysis 293

7.2.1 The Vigenere Cipher 294

7.2.2 Electromechanical Encryption 296

7.3 Computer-Based Encryption 298

7.3.1 Exclusive Or: A Crypto Building Block 300

7.3.2 Stream Ciphers: Another Building Block 302

7.3.3 Key Stream Security 305

7.3.4 The One-Time Pad 306

7.4 File Encryption Software 309

7.4.1 Built-in File Encryption 309

7.4.2 Encryption Application Programs 311

7.4.3 Erasing a Plaintext File 313

7.4.4 Choosing a File Encryption Program 315

7.5 Digital Rights Management 317

7.6 Resources 320


7.6.2 Exercises 322

Contents ix

Chapter 8 Secret and Public Keys 325

8.1 The Key Management Challenge 325

8.1.1 Rekeying 327

8.1.2 Using Text for Encryption Keys 329

8.1.3 Key Strength 332

8.2 The Reused Key Stream Problem 333

8.2.1 Avoiding Reused Keys 335

8.2.2 Key Wrapping: Another Building Block 338

8.2.3 Separation of Duty: A Basic Principle 341

8.2.4 DVD Key Handling 343

8.3 Public-Key Cryptography 345

8.3.1 Sharing a Secret: Diffie-Hellman 348

8.3.2 Diffie-Hellman: The Basics of the Math 350

8.3.3 Elliptic Curve Cryptography 352

8.4 RSA: Rivest-Shamir-Adleman 353

8.4.1 Encapsulating Keys with RSA 354

8.4.2 An Overview of RSA Mathematics 356

8.5 Data Integrity and Digital Signatures 360

8.5.1 Detecting Malicious Changes 361

8.5.2 Detecting a Changed Hash Value 364

8.5.3 Digital Signatures 365

8.6 Publishing Public Keys 368

8.6.1 Public-Key Certificates 370

8.6.2 Chains of Certificates 371

8.6.3 Authenticated Software Updates 376

8.7 Resources


8.7.2 Exercises 379

Chapter 9 Encrypting Volumes 383

9.1 Securing a Volume 383

9.1.1 Risks to Volumes 384

9.1.2 Risks and Policy Trade-Offs 386

X Contents

9.2 Block Ciphers 389

9.2.1 Evolution of DES and AES 392

9.2.2 The RC4 Story 395

9.2.3 Qualities of Good Encryption Algorithms 397

9.3 Block Cipher Modes 400

9.3.1 Stream Cipher Modes 402

9.3.2 Cipher Feedback Mode 406

9.3.3 Cipher Block Chaining 408

9.4 Encrypting a Volume 409

9.4.1 Volume Encryption in Software 411

9.4.2 Adapting an Existing Mode 413

9.4.3 A "Tweakable" Encryption Mode 416

9.4.4 Residual Risks 418

9.5 Encryption in Hardware 420

9.5.1 The Drive Controller 421

9.5.2 Drive Locking and Unlocking 422

9.6 Managing Encryption Keys 423

9.6.1 Key Storage 425

9.6.2 Booting an Encrypted Drive 427

9.6.3 Residual Risks to Keys 429

9.7 Resources 432


9.7.2 Exercises 433

Chapter 10 Connecting Computers 435

10.1 The Network Security Problem 435

10.1.1 Basic Network Attacks and Defenses 436

10.1.2 Physical Network Protection 438

10.1.3 Host and Network Integrity 439

10.2 Transmitting Information 442

10.2.1 Message Switching 444

10.2.2 Circuit Switching 446

10.2.3 Packet Switching 447

Contents

10.3 Putting Bits on a Wire 450

10.3.1 Wireless Transmission 451

10.3.2 Transmitting Packets 454

10.3.3 Recovering a Lost Packet 456

10.4 Ethernet: A Modern LAN 458

10.4.1 Wiring a Small Network 460

10.4.2 Ethernet Frame Format 461

10.4.3 Finding Host Addresses 463

10.4.4 Handling Collisions 465

10.5 The Protocol Stack 467

10.5.1 Relationships Between Layers 468

10.5.2 The OSI Protocol Model 470

10.6 Network Applications 472

10.6.1 Resource Sharing 474

10.6.2 Data and File Sharing 475

10.7 Resources 478


10.7.2 Exercises 479

Chapter 11 Networks of Networks 481

11.1 Building Information Networks 481

11.1.1 Point-to-Point Network 483

11.1.2 Star Network 484

11.1.3 Bus Network 486

11.1.4 Tree Network 487

11.1.5 Mesh 490

11.2 Combining Computer Networks 491

11.2.1 Hopping Between Networks 493

11.2.2 Evolution of Internet Security 495

11.2.3 Internet Structure 498

11.3 Talking Between Hosts 501

11.3.1 IP Addresses 503

11.3.2 IP Packet Format 504

11.3.3 Address Resolution Protocol 506

xii Contents

11.4 Internet Addresses in Practice 507

11.4.1 Addresses, Scope, and Reachability 509

11.4.2 Private IP Addresses 510

11.5 Network Inspection Tools 512

U.5.1 Wireshark Examples 514

11.5.2 Mapping a LAN with Nmap 516

11.6 Resources 520

U.6.1 Review Questions 520


Chapter 12 End-to-End Networking 525

12.1 "Smart" Versus "Dumb" Networks 525

12.2 Internet Transport Protocols 526

12.2.1 Transmission Control Protocol 528

12.2.2 Attacks on Protocols 532

12.3 Names on the Internet 535

12.3.1 Domain Names in Practice 537

12.3.2 Looking Up Names 539

12.3.3 DNS Protocol 540

1.2.3.4 Investigating Domain Names 543

12.3.5 Attacking DNS 545

12.4 Internet Gateways and Firewalls 547

12.4.1 Network Address Translation 549

12.4.2 Filtering and Connectivity 553

12.4.3 Software-Based Firewalls 554

12.5 Long-Distance Networking 555

12.5.1 Older Technologies 557

12.5.2 Mature Technologies 559

12.5.3 Evolving Technologies 561

12.6 Resources 561



Contents xiii

Chapter 13 Enterprise Computing 567

13.1 The Challenge of Community 567

13.1.1 Companies and Information Control 568

13.1.2 Enterprise Risks 571

13.1.3 Social Engineering 573

13.2 Management Process 575

13.2.1 Security Management Standards 576

13.2.2 Deployment Policy Directives 578

13.2.3 Management Hierarchies and Delegation 579

13.2.4 Managing Information Resources 581

13.2.5 Security Audits 583

13.2.6 Information Security Professionals 584

13.3 Enterprise Issues 587

13.3.1 Personnel Security 588

13.3.2 Physical Security 592

13.3.3 Software Security 594

13.4 Enterprise Network Authentication 598

13.4.1 Direct Authentication 600

13.4.2 Indirect Authentication 602

13.4.3 Off-Line Authentication 606

13.5 Contingency Planning 608

13.5.1 Data Backup and Restoration 608

13.5.2 Handling Serious Incidents 612

13.5.3 Disaster Preparation and Recovery 613

13.6 Resources 616



Chapter 14 Network Encryption 619

14.1 Communications Security 619

14.1.1 Crypto by Layers 621

14.1.2 Administrative and Policy Issues 627

xiv Contents

14.2 Crypto Keys on a Network 629

14.2.1 Manual Keying: A Building Block 632

14.2.2 Simple Rekeying 633

14.2.3 Secret-Key Building Blocks 635

14.2.4 Public-Key Building Blocks 638

14.2.5 Public-Key Versus Secret-Key Exchanges 641

14.3 Crypto Atop the Protocol Stack 642

14.3.1 Transport Layer Security—SSL and TLS 645

14.3.2 SSL Handshake Protocol 647

14.3.3 SSL Record Transmission 648

14.4 Network Layer Cryptography 651

14.4.1 The Encapsulating Security Payload 654

14.4.2 Implementing a VPN 656

14.4.3 Internet Key Exchange Protocol 657

14.5 Link Encryption on 802.11 Wireless 659

14.5.1 Wireless Packet Protection 661

14.5.2 Security Associations 663

14.6 Encryption Policy Summary 665

14.7 Resources 668



Chapter 15 Internet Services and Email 673

15.1 Internet Services 673

15.2 Internet Email 674

15.2.1 Email Protocol Standards 679

15.2.2 Tracking an Email 681

15.2.3 Forging an Email Message 684

15.3 Email Security Problems 687

15.3.1 Spam 688

15.3.2 Phishing 691

15.3.3 Email Viruses and Hoaxes 693

Contentsxv

15.4 Enterprise Firewalls 695

15.4.1 Controlling Internet Traffic 697

15.4.2 Traffic-Filtering Mechanisms 698

15.4.3 Implementing Firewall Rules 701

15.5 Enterprise Point of Presence 705

15.5.1 POP Topology 706

15.5.2 Attacking an Enterprise Site 709

15.5.3 The Challenge of Real-Time Media 711

15.6 Resources 712



Chapter 16 The World Wide Web 715

16.1 Hypertext Fundamentals 715

16.1.1 Addressing Web Pages 719

16.1.2 Retrieving a Static Web Page 722

16.2 Basic Web Security 724

16.2.1 Static Website Security 728

16.2.2 Server Authentication 730

16.2.3 Server Masquerades 735

16.3 Dynamic Websites 738

16.3.1 Scripts on the Web 739

16.3.2 States and HTTP 743

16.4 Content Management Systems 746

16.4.1 Database Management Systems 747

16.4.2 Password Checking: A CMS Example 750

16.4.3 Command Injection Attacks 752

16.5 Ensuring Web Security Properties 756

16.5.1 Web Availability 757

16.5.2 Web Privacy 758

16.6 Resources 760



xvi Contents

Chapter 17 Governments and Secrecy 765

17.1 Secrecy in Government 765

17.1.1 The Challenge of Secrecy 767

17.1.2 Information Security and Operations 770

17.2 Classifications and Clearances 773

17.2.1 Security Labeling 775

17.2.2 Security Clearances 777

17.2.3 Classification Levels in Practice 779

17.2.4 Compartments and Other Special Controls 780

17.3 National Policy Issues 786

17.3.1 Facets of National System Security 788

17.3.2 Security Planning 790

17.3.3 Certification and Accreditation 792

17.4 Communications Security 793

17.4.1 Cryptographic Technology 795

17.4.2 Crypto Security Procedures 797

17.4.3 Transmission Security 800

17.5 Data Protection 803

17.5.1 Protected Wiring 804

17.5.2 TEMPEST 805

17.6 Trustworthy Systems 808

17.6.1 Integrity of Operations 810

17.6.2 Multilevel Security 814

17.6.3 Computer Modes of Operation 816

17.7 Resources 818



Appendix A Acronyms 823

Appendix B Alternative Security Terms and Concepts 833

Index 841

Credits 889

elementary information security

Documents