Computer Security and Privacy

Information Security Fundamentals

Learning objectives
 What is our goal in this course?
 What is security?
 What is privacy?
 Who are the adversaries?

Assets, vulnerabilities, threats, attacks and controls
 Methods of defence

1-2
 What is our goal in this course?
 Our primary goal is to be able to identify security and
privacy issues in various aspects of computing,
including:
 Programs
 Operating systems
 Networks
 Internet applications
 Databases

Secondarily, to be able to use this ability to design
systems that are more protective of security and
privacy.

1-3
 The Present

The Internet brings millions of computer
networks into communication with each other—
many of them unsecured


Ability to secure a computer’s data influenced
by the security of every computer to which it is
connected

1-4
What is Security?

You Will Never Own a Perfectly

Secure System.
Well … Maybe If You Do This:

(Even then you have to do it in the right way –

there are standards how to destroy computers to prevent
security/privacy risks...) 1-5
 What is Security?

“The quality or state of being secure—to be
free from danger”

A successful organization should have multiple
layers of security in place:
 Physical security
 Personal security
 Operations security
 Communications security
 Network security
 Information security
1-6
 “Secure” Computer System
 To decide whether a computer system is “secure”, you must first decide what “secure”
means to you, then identify the threats you care about.
 Some threats are named in the ovals

Denial
Cyberterrorism of Modified
Service Databases

Virus
Espionage

Identity
Theft
Equipment
Theft Stolen
Customer
Data

7 Section 1 (Ch.1) – Computer Security and Information Assurance – Spring 2007

 Critical Characteristics of Information

The value of information comes from the
characteristics it possesses:
 Availability

 Accuracy

 Authenticity

 Confidentiality

 Integrity

 Utility

 Possession

8
1-8
 Components of an Information System

Information system (IS) is entire set of
software, hardware, data, people, procedures,
and networks necessary to use information as
a resource in the organization

9
1-9
 Security and reliability
 Security has a lot to do with reliability
 A secure system is one you can rely on to (for
example):
 Keep your personal data confidential
 Allow only authorized access or modifications to
resources
 Give you correct and meaningful results
 Give you correct and meaningful results when you want
them

1-10
 What is privacy?
 There are many definitions of privacy
 A useful one: “informational self-determination”
 This means that you get to control information about
you
 “Control” means many things:
 Who gets to see it
 Who gets to use it
 What they can use it for
 Who they can give it to
 etc.

1-11
 Example: PIPEDA

PIPEDA (Personal Information Protection and Electronic
Documents Act) is Canada's private-sector privacy legislation

It lists ten Fair Information Principles companies have to abide by:
 Be accountable
 Identify the purpose of data collection
 Obtain consent
 Limit collection
 Limit use, disclosure and retention
 Be accurate
 Use appropriate safeguards
 Be open
 Give individuals access
 Provide recourse

1-12
 Who are the adversaries?
 Who's trying to mess with us?
 Various groups:
 Amateurs
 “Script kiddies”
 Crackers
 Organised crime
 Terrorists
 Which of these is the most serious threat today?

1-13
 Some terminology
 Assets
 Things we might want to protect, such as:
 Hardware
 Software
 Data

 Vulnerabilities
 Weaknesses in a system that may be able to be
exploited in order to cause loss or harm
 e.g., a file server that doesn't authenticate its users

1-14
 Some terminology
 Threats --a potential cause of an incident that may result in
harm to a system or organization
 A loss or harm that might befall a system
 e.g., users' personal files may be revealed to the public
 There are four major categories of threats:
 Interception
 Interruption
 Modification
 Fabrication
 When we design a system, we need to state a threat model
 This is the set of threats we are undertaking to defend against
 Whom do we want to stop from doing what?

1-15
 Some terminology
 Attack
 An action which exploits a vulnerability
 e.g., telling the file server you are a different user in an
attempt to read or modify their files

 Control
 Removing or reducing a vulnerability
 You control a vulnerability to prevent an attack and
block a threat.
 How would you control the file server vulnerability?
 Our goal: control vulnerabilities

1-16
 Why Security?
 Security is not simple as it might first appear.

In developing a particular security measure one
has to consider potential counter measures.

Because of the counter measures, the problem
itself becomes complex.

Once you have designed the security measure, it
is necessary to decide where to use them.
 Security mechanisms usually involve more than a
particular algorithm or protocol.

1
7
1-17
 Methods of defence
 How can we defend against a threat?
 Prevent it: block the attack
 Deter it: make the attack harder or more expensive
 Deflect it: make yourself less attractive to attacker
 Detect it: notice that attack is occurring (or has
occurred)
 Recover from it: mitigate the effects of the attack

 Often, we'll want to do many things to defend against

the same threat
 “Defence in depth”

1-18
Example of defence: Class exercise
 Threat: your laptop may get stolen
 How to defend?
 Prevent:
 Deter:
 Deflect:
 Detect:
 Recover:

1-19
 Example of defence
 Threat: your laptop may get stolen
 How to defend?
 Prevent: is it possible to absolutely prevent?
 Deter: Store your laptop in a secure place Use “laptop
tie down brackets, laptop locks
 Deflect:” do not openly display you laptop (e.g. while
travelling )
 Detect: alarms, tracking features
 Recover: Insurance

1-20
 Defence of computer systems
 Remember we may want to protect any of our assets
 Hardware, software, data
 Many ways to do this; for example:

Cryptography
 Protecting data by making it unreadable to an attacker
 Authenticating users with digital signatures
 Authenticating transactions with cryptographic protocols
 Ensuring the integrity of stored data
 Aid customers' privacy by having their personal
information automatically become unreadable after a
certain length of time
1-21
 Defence of computer systems
 Software controls
 Passwords and other forms of access control
 Operating systems separate users' actions from each
other
 Virus scanners watch for some kinds of malware
 Development controls enforce quality measures on the
original source code
 Personal firewalls that run on your desktop

1-22
 Defence of computer systems
 Hardware controls
 (Not usually protection of the hardware itself, but rather
using separate hardware to protect the system as a
whole.)
 Fingerprint readers
 Smart tokens
 Firewalls
 Intrusion detection systems(IDS)

1-23
 Defence of computer systems
 Physical controls
 Protection of the hardware itself, as well as physical
access to the console, storage media, etc.
 Locks
 Guards
 Off-site backups

1-24
 Information Security Project Team

A number of individuals who are experienced in
one or more facets of required technical and
nontechnical areas:
 Champion

 Team leader

 Security policy developers

 Risk assessment specialists

 Security professionals

 Systems administrators

 End users

25
1-25
 Defence of computer systems
 Policies and procedures
 Non-technical means can be used to protect against
some classes of attack
 If an employee connects his own Wi-fi access point to
the internal company network, that can accidentally
open the network to outside attack.
 So don't allow the employee to do that!
 Rules about changing passwords
 Training in best security practices

1-26
 Vulnerabilities


The three broad computing system resources are
 hardware

interruption (denial of service), interception (theft)
 software

interruption (deletion), interception, modification
 data

interruption (loss), interception, modification and fabrication

1-27