Documente Academic
Documente Profesional
Documente Cultură
&
Information Security
Module 4: System and Application Security
Chapter 1: Security Architectures and Models
Chapter 2: System Security
Chapter 3: OS Security
Chapter 4: Wireless Network and Security
Chapter I:
Security Architectures and Models
1. Designing Secured/Trusted
Operating Systems.
What makes an operating system secure? Or
trustworthy?
How are trusted systems designed, and which
of those design principles carry over naturally
to other program development tasks?
How do we develop assurance of the
correctness of a trusted operating systems?
Memory protection
File protection
User authentication
Bell-LaPadula
Biba
Clark-Wilson
Chinese Wall
Biba Model
High integrity subjects cannot read lower integrity objects (no read down)
Clark-Wilson Model
Chinese Wall
Focus is on conflicts of interest.
Principle: Users should not access the confidential information of
both a client organization and one or more of its competitors.
How it works
Users have no wall initially.
Once any given file is accessed, files with competitor
information become inaccessible.
Unlike other models, access control rules change with user
behavior
Chapter 2:
System Security
confidentiality
authentication
of sender of message
message integrity
non-repudiation of origin
PGP Mechanisms
Digital Signatures (and consequently
message authentication and integrity)
RSA, DSS
Message Encryption
CAST, IDEA, 3DES, AES (all at least 128 bits)
symmetric keys are used once and encrypted
using RSA or ElGamal (based on discrete logs)
S/MIME
Secure/Multipurpose Internet Mail Extensions
A standard way for email encryption and signing
IETF effort (RFCs 2632, 2633 for version 3.0;
RFCs 3850, 3851 for version 3.1; 5750, 5751 for
version 3.2)
Industry support
Not a standalone software, a system that is to be
supported by email clients
such as MS Outlook and Thunderbird
S/MIME Functions
enveloped data
encrypted content and associated keys
signed data
encoded message + encoded signed message
digest
clear-signed data
cleartext message + encoded signed message
digest
INITIALIZES SECURE
COMMUNICATION
ERROR HANDLING
HANDLES COMMUNICATION
WITH THE APPLICATION
Protocols
HANDLES DATA
COMPRESSION
INITIALIZES COMMUNCATION
BETWEEN CLIENT & SERVER
SET Objectives
Confidentiality of payment and order information
Encryption
SET Security
Digital envelopes, nonces, salt
Two public-private key pairs for each party
One for digital signatures; one for key exchange messages
160-bit message digests
Statistically globally unique IDs (XIDs)
Certificates (5 kinds)
Cardholder, Merchant, Acquirer, Issuer, Payment Gateway
Hardware cryptographic modules (for high security)
Idempotency (message can be received many times but is
only processed once) f (f (x)) = f (x)
Complex protocol. Over 600 pages of detail
Dual signatures
merchant registration
purchase request
payment authorization
payment capture
certificate query
purchase inquiry
purchase notification
sale transaction
authorization reversal
capture reversal
credit reversal
3. Database Security
Security Objectives
Prevent/detect/deter improper
Disclosure of information
Prevent/detect/deter
Improper modification
of information
Secrecy
Integrity
Availability
Prevent/detect/deter improper
Denial of access to services
29
Policy
Organizational policy
Databases
Collection of
31
Database Security
Unauthorized disclosure
Unauthorized modification
Denial of service attacks
Security Controls
Security Policy
Access control models
Integrity protection
Privacy problems
Fault tolerance and recovery
Auditing and intrusion detection
32
33
Access Control
34
Access Control
Requires:
35
Access Control
Access
control components:
- Access control policy: specifies the
authorized accesses of a system
- Access control mechanism: implements
and enforces the policy
36
Chapter 3:
Operating System Security
1. Anti-virus software
2. Configuring the OS for security
1. Antivirus Software.
What is a Virus?
a virus is software that spreads from program to program, or from disk to disk, and
uses each infected program or disk to make copies of itself. basically computer
sabotage.
The Internet
NAV
McAfee
Kasperski
for the average home user and advanced users the Kasperski antivirus
software has an easy to use interface.
the program uses 3 tabs for protection, settings and support.
it updates itself on an hourly basis and is one of the fastest antivirus
programs available.
however, quality comes at a price and year subscription is $49.99.
Hardening the OS
Default OS configurations are for ease of use
Measures have to be done at all stages
Installing and patching
Configuring
Remove unnecessary applications, services and protocols
Users, groups, controls and privileges
Booting
Protect BIOS changes with password
Disable some bootable media
Cryptographic hard drives? Pros and Cons
Authentication
Force default password change
Password definition
Password lifespan
Anti-virus
White list
Run some test cases which attempt to break security (stress testing),
good hackers make a lot of money here
Application Security
Configure applications properly
Use encryption when possible as seen earlier
For storing
For transmit (SSH connections)
Maintenance
This involves
Logging
Problems
Manual analysis is hard, so these logs should contain a format such that a
program (e.g. in Perl) can parse messages
Data Backup
Backup is the act of creating copies of information such
that it may be recovered
Archive is to keep these backups for a long period of
time in order to meet some legal aspects
Should the backup be kept online or offline?
Online makes easier access, faster recover
Offline is more secure, harder to recover
Why not both?: Users should keep their own offline backups, in
case online backup gets removed
Chapter 4:
Wireless Networks and Security
1. Components of wireless networks
2. Security issues in wireless
1)
2)
3)
4)
5)
Equipment
Network
Software
Services
Mobile Worker.