COMP3052 Computer Security 1 -- Intro
Lecture 1,2 Intro & Motivation
On Security (past vs now)
Past: security originally focus on systems with single, or few users Now: security focus on
- ubiquitous end systems
- interconnected by networks
- danger of attacks from 'un-trustworthy' nodes
- attacks both remotely and locally ## Attacks & Attackers status quo: hackers -> organized crime website -> personal data harvester virus -> trojans and DoS Complexity of system increase -> while our understanding of this cannot
Security Management
- Protecting assets of an organization is the responsibility of
management
- assets: sensitive information - product plans, customer records
- Security measures must have full support of senior management
- Security awareness programmes (这个不是程序的意思) convey the
information (相当于安全培训)
- ensure every member know:
- why security is important
- what is expected of each member
- which good practices should follow
- ensure every member know:
- User is not enemy, developers need more awareness (开发人员也要安全培训)、
Security Policy
- definition: a statement that defines the security objectives of an
organization
- what needs to be protected
- how this should be achieved
- understandcontent / objectives:
- Security Policy Objective(安全策略目标): 是一个用于保护可识别资源(protect identifiable resource),防止未授权使用(unauthorized use)的声明
- Organisational Security Policy(有组织的安全策略): The set of laws, rules, and practices that regulate how an organization manages, protects and distribute resources to achieve specified security objectives (为了确保组织管理达到特定的安全策略目标)
- Automated Security Policy(自动的安全策略): The set of restrictions and properties that specify how a computing system prevents information and computing resources from being used to violate an organizational security policy (为了确保计算资源不违背有组织的安全策略)
[UNDERSTAND] Measuring security
Measures only exist for some aspects of security - how?
- Product Security: number of security flaw (bugs), the number of interfaces to outside callers - 有争议的
- System Security: number of accounts with system privileges or the number of accounts with weak passwords, number of open ports, service accessible from outside, running system has vulnerability
- Cost of an Attack:
- 在攻击的时候,攻击者需要投入的时间,比如找漏洞
- 在攻击的时候需要的花费(计算周期+特殊装备)
- 攻击需要的知识(knowledge)
- Cost of Assets
Risk and Threat Analysis
IT risk analysis can be applied in:
- All information asset
- IT infrastructure
- development of a product or system
Risk - Possibility of an incident or attack to cause damage to your enterprise, informal calculation:
\(Risk = Assets \times Vulnerabilities \times Threat\)
Asset
In an IT system, assets include:
- hardware: laptops, servers, routers ...
- software: applications, operating systems, database management systems, source code...
- data and information - essential data for running and planning your business, design documents, digital content, data about your customer
- reputation
Features:
- Identification of assets is easy and straightforward
- Measurement of asset values is a challenge
- data, information, and reputation is more difficult to measure
Vulnerabilities
- Definition: weaknesses of a system that could be accidentally or intentionally exploited to damage assets
- Typical vulnerability include:
- badly configured privileged account
- program with unnecessary privileges
- programs with known flaws
- weak access control
- weak firewall configuration
Threats
- Definition: actions by adversaries who try to exploit vulnerabilities to damage assets
- Ways of identifying threats
- Categorisation by damage done to assets:
- spoofing identities(欺骗身份认证)
- Tampering with data(数据篡改)
- Repudiation(抵赖): 用户否认执行了带有攻击性的操作
- Information disclosure
- Denial of Service(拒绝服务攻击)
- Elevation of privilege(提高特权)
- Identify threats by source
- who? - member of organization or an outsider? a contractor or a former member
- access the system directly or remotely?
- Analysis of attack execution (Attack graphs)
- Categorisation by damage done to assets:
Risk
- [UNDERSTAND] Quantiative Risk Analysis
- pro: probability theory based on mathematical theory
- con:
- quality of results depends on quality of inputs
- not always feasible
- [UNDERSTAND] Qualitative Risk Analysis
- pro: more applicable
- con: scaling based on judgements of security experts
- Countermeasures - risk mitigation
- The result of a risk analysis is a prioritized list of threats, together with recommended countermeasures to mitigate risk
- why risk analysis is not ideal?
- take time while world outside keeps changing
- cost high
- opt for baseline protection as an alternative
- analyse typical cases and recommends security measures
COMP3052 Computer Security 1 -- Intro
https://jerry20000730.github.io/wiki/Lecture Note/COMP3052 Computer Security/CS3/