ee579u/1 #1 spring 2004 © 2000-2004, richard a. stanley ee579u information systems security and...

Spring 2004© 2000-2004, Richard A. Stanley

EE579U/1 #1

EE579UInformation Systems Security

and Management1. Introduction

Professor Richard A. Stanley


EE579U/1 #2

Overview of Tonight’s Class

• Administration

• What is this topic all about?


EE579U/1 #3

Organizational Details

• Prof. Stanley contact information– Office: A-K 316– Hours: Mon/Tue 5:00-6:00 PM and by

appointment– Phone: (508) 831-5352 / (508) 276-1060– Email: [email protected]


EE579U/1 #4

Administrivia

• Class will normally meet 6:00 - 8:50 PM every week here. Please be on time.

• We will hold 14 classes; cancellations will be announced in advance (except weather)

• Break from approximately 7:15 to 7:30 PM• If class is cancelled for bad weather, you

should receive notice. Double-check with ECE Dept. (5231) or with me if in doubt.


EE579U/1 #5

Course Text

• Computer Security: Art and Science, Matt Bishop, Addison-Wesley, 2003 ISBN 0-201-44099-7 (optional, but recommended)

• Additional material will be in the form of handouts


EE579U/1 #6

Course Web Page

• http://ece.wpi.edu/courses/ee579u/

• Slides will be posted to the page before class, barring any unfortunate problems


EE579U/1 #7

Grading

• Final course exam (30%)

• Midterm course exam (20%)

• Homework (20%)

• Class participation (10%)

• Course project (20%)


EE579U/1 #8

Course Syllabus(Subject to adjustment)

Class

Topic

1 Course Overview & Security Review

2 Policy Structure and Implementation

3 Policy Examples and Development

4 Application Development Security

5 Operations and Physical Security

6 Information Security Law (1)

7 Midterm Examination

8 Information Security Law (2)

9 Information Security Forensics

10 Incident Response

11 Security Management Practices

12 Business Continuity Planning

13 Student Research Projects Presentations

14 Final Examination


EE579U/1 #9

Course Projects Overview• Teams of 2-4 individuals, ~4 preferred• Identify, through research, a meaningful

information systems security management problem (reported on as a historical event or one you can hypothesize)

• Analyze the problem– Why did it occur?– How could you have prevented or mitigated it?

• Prepare report and present to the class


EE579U/1 #10

Policies - 1• STUDENT CONDUCT: Students are required to

adhere to the Student Conduct Policy. • There is a difference between working in teams

and submitting the same work. If work is a team product, it must be clearly labeled as such. Plagiarism will not be tolerated.

• “Incomplete” grades will not be given unless there is a true emergency, and only by prearrangement


EE579U/1 #11

Policies - 2

• Homework is due at the class following the one in which it is assigned. It will be accepted up to the second class after that in which it is assigned, but not after that, except in truly emergency situations. By definition, emergencies do not occur regularly.


EE579U/1 #12

Getting to Know You

• My interest and experience in this area

• Your interests and expertise in this area– Where you would like to go with this course– What you would like from the course


EE579U/1 #13

What’s the Problem?

• Information systems are more than simple assemblages of computers and network interconnections; they are truly complex systems

• Like any other complex system, they require system-level design and management if they are to work properly


EE579U/1 #14

Security Domains(As Defined for the CISSP)

Security Management Practices

Security Architecture and Models

Access Control Systems & Methodology

Application Development Security

Source: CISSP CBK

EE578EE579SEE579TEE579U

Operations Security

Physical Security

Cryptography

Telecommunica-tions, Network, & Internet Security

Business Continuity Planning

Law, Investigations, & Ethics


EE579U/1 #15

Information System Problem Areas – One View

From http://dheise.andrews.edu/courses/MIS/laudon/13_1.html


EE579U/1 #16

Information System Problem Areas – Another View

Internal Security

External Security

Inter-operability

Policy


EE579U/1 #17

Examples of System Problems Related to Security

• The Northeast Blackout of August, 2003• Physical theft of top-secret computers from a

secure area at Sydney, Australia airport in August, 2003

• Shutdown of MD Motor Vehicle Dept. as a result of the Blaster worm

• Privacy failure at Hampshire hospital system and London Ambulance Service (UK)

• …your favorites?


EE579U/1 #18

So What?

• “It isn’t my problem, it’s (fill in the blank).”

• “The system wasn’t designed to do that.”

• “That is outside the scope of the statement of work.”

• “Security costs too much.”

• …and?


EE579U/1 #19

Where Are We Going?

• Cover the remaining topics in the key security domains

• Understand how to insert security-related engineering into the system design and development process

• Learn how to evaluate risks and vulnerabilities, and how to measure the “goodness” of our efforts above


EE579U/1 #20

System Development Cycle

Is anything missing?


EE579U/1 #21

Information Security Review

Or: How I Learned to Stop Worrying and Love Uncertainty


EE579U/1 #22

Security Requirements

• Customers expect “reasonably secure” handling of their sensitive data

• The Devil is in the details– What is “reasonable?”– What is “secure?”– What data is “sensitive?”– When is it your responsibility?


EE579U/1 #23

A Curious Property of Information

• Information is the only thing that can be stolen and still leave the owner in possession of it

• Networks increase the seriousness of the problem, as compared to single computers


EE579U/1 #24

The Security Dilemma

• Security is something most users want, but that most know little about

• Security gets in the way of using the network• The tighter the security, the harder the system is to

use, and the more likely it is that the users will bypass security measures

• It is extremely difficult to calculate a ROI for security systems– How much was it worth NOT to have been hit by the

Blaster worm, for example?


EE579U/1 #25

The Totally Secure System

• Is relatively simple to build

• Is provably secure

• Is useless for any practical purposes

Our job is to design computer networks that provide the necessary

level of security without going overboard.


EE579U/1 #26

Security Needs, Threats

• Confidentiality• Integrity• Availability• Authenticity• Reliability and safety• Vulnerability

assessment• Risk management

• Interception• Modification• Denial of service• Spoofing• Dangerous conditions• Exploitation of

unguarded conditions• Wasted resources


EE579U/1 #27

Security as Asset protection

Protect

Detect

CorrectManage

Risk Analysis


EE579U/1 #28

Identification & Authentication

• Identification– A unique entity descriptor

• Authentication– verifying the claimed identification

• These are crucial to network security

These are two sides of the same coin, but they are NOT the same thing


EE579U/1 #29

Authentication

• Validates you are who you claim to be– Something you know– Something you have– Something you are– Something you do– Somewhere you are

• An intruder who has the authentication keys looks just like the real user!


EE579U/1 #30

Something You Know

• Password

• PIN

• Some other piece of information (e.g. your mother’s maiden name -- very popular)

• NB: anyone who obtains this information is -- so far as the computer knows -- you. Is there a problem here?


EE579U/1 #31

Password

• Most commonly used

• Relatively easy to compromise or break

• Many threats

• Usability issues

• First line of defense, but not a very solid one


EE579U/1 #32

Password Problems

• Security/sharing• System is only as secure as the weakest link• Vulnerable to brute force attack

– Dictionary attacks easy, in any language

– Other intelligent searches

– Exhaustive attacks

• Password file vulnerable• Spoofing, man-in-the middle


EE579U/1 #33

Something You Have

• Physical token– Physical key– Magnetic card– Smart card– Calculator

• What if you lose it?– Illicit use– Need for key escrow?


EE579U/1 #34

Something You Are• Biometrics

– Fingerprints– Face geometry– Voiceprints– Retinal scanning– Hand geometry

• False positives, negatives• User acceptance


EE579U/1 #35

Something You Do

• Mechanical tasks– Signature (pressure, speed)– Joystick

• False positives, negatives

• Potential for forgery, replay, etc.


EE579U/1 #36

Somewhere You Are

• Limit use by user location

• Vet location by GPS, etc.

• Reliability, dependability, complexity


EE579U/1 #37

But First: Security Awareness

• View the world as if you had to design a security solution for whatever situation you are in

• Even paranoiacs have real enemies

• Assumptions are your enemy


EE579U/1 #38

Access Control

• Provides limits on who can do what with objects on the computer

• Can’t happen without identification and authentication

• Is not the same as identification and authentication


EE579U/1 #39

Controls

• Centralized– Simple to conceive and implement– Bottleneck

• Decentralized– May be more efficient– Difficult to implement and maintain

Where to put security tasks and enforcement in a network?


EE579U/1 #40

Subjects and Objects

• Remember your English grammar

• Subjects act

• Objects are acted upon

• These roles are not graven in stone– If you hit the ball, you are the subject– If the ball hits you, you are the object

• It is just the same in computer science


EE579U/1 #41

Access Control Model

Subject RequestReferenceMonitor Object


EE579U/1 #42

Reference Monitor

• Makes access control work• You can tell it

– What a subject is allowed to do– What may be done with an object

• In order to specify these things, you need to know all the possibilities, or you need to define things narrowly so that what you don't know doesn’t become allowed


EE579U/1 #43

Cryptography = Key to Identification and Authentication

• Cryptography = “secret writing”• Input = plaintext• Output = ciphertext• Ciphertext = plaintext + key (in general)

– Intention is that the cipher text be unintelligible to an eavesdropper

• Two basic types of cipher– Symmetric– Asymmetric


EE579U/1 #44

Encryption• A means for rendering plain language text

(cleartext) into recoverable gibberish (ciphertext)

• Only ONE provably secure cryptosystem– One-time pad– Secure even if pad or operator captured– BUT…errors can lead to decryption– http://www.cia.gov/csi/books/venona/preface.htm


EE579U/1 #45

Problem Areas

• Languages have well-known statistics– E.g., “e” is most common letter in English– This can be exploited for cryptanalysis– Thus, substitution ciphers are not very secure– Similar problems plague book ciphers, etc.

• The only way to achieve true security is to make the ciphertext appear as random as possible


EE579U/1 #46

Modern Cryptography Uses Electronic Digital Systems

• Advantages:– Speed– Accuracy– Ability of using complex mathematics

• Disadvantages– Complex equipment– Electronic vulnerabilities– Key management


EE579U/1 #47

Cipher Example (Vernam)

• Encipher• Plain: 001 010 011 100

• +key: 111 011 010 101

• Cipher: 110 001 001 001

• Decipher• Cipher: 110 001 001 001

• +key: 111 011 010 101

• Plain: 001 010 011 100

The ciphertext is simply the plain text added to the key,

modulo 2. This is a reversible process, as seen above.


EE579U/1 #48

How to Achieve Good Cryptography?

• Well-reviewed algorithms– So weaknesses cannot “hide” until after

implementation

• Excellent key generation & management– To maintain secrecy of the key

• Algorithms that are sufficiently complex so as to not permit feasible exhaustive attacks


EE579U/1 #49

Kerckhoffs’ Assumption

• Secrecy must reside solely in the key– It is assumed that the attacker knows the

complete details of the cryptographic algorithm and implementation

• A. Kerckhoffs was a 19th century Dutch cryptographer

• Ergo, Security by obscurity doesn’t work!


EE579U/1 #50

More Definitions• Block cipher

– Data is broken into fixed-size blocks, and encrypted a block at a time

– Blocks are padded out if necessary

• Stream cipher– Data is encrypted a bit at a time, as it is presented to the

encryption engine

• Most algorithms in use today are block ciphers


EE579U/1 #51

Feistel Ciphers: Characteristics• Special class of iterated block ciphers

• Ciphertext calculated from plaintext by repeated application of the same transformation or round function

• Encryption and decryption are structurally identical (subkey order reversed for decryption)

• Fast, even in software implementation

• Easily analyzed (i.e., deficiencies more readily found by analysis)


EE579U/1 #52

Subkey Generation

• Creating the subkeys in a Feistel cipher has a major effect on the overall security of the algorithm– Possible to create weak keys– Changes in the subkey algorithm can result in

effectively different realizations of the algorithm

• DES is based on Feistel rounds, and uses a complex method of subkey generation


EE579U/1 #53

DES: Feistel Applied

• DES: Data Encryption Standard• Formal specification -- FIPS PUB 46-3, last

affirmed 25 October 1999 http://www.csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf

• Describes two cryptographic algorithms– DES– TDEA (commonly referred to as 3DES)

• DES based on IBM Lucifer cipher of 1974


EE579U/1 #54

DES Characteristics• 64-bit block cipher• 56-bit key, with additional 8 bits used for

error checking (odd parity on each byte)• Four operating modes

– Electronic Codebook (ECB)– Cipher Block Chaining (CBC)– Cipher Feedback (CFB)– Output Feedback (OFB)


EE579U/1 #55

DES Enciphering Computation

Feistel round


EE579U/1 #56

Initial Permutation


EE579U/1 #57

Cipher Function, f(Rn,Kn)


EE579U/1 #58

How Can This Happen?

• Turn 32-bit plaintext into 48-bit output

• Add to 48-bit key

• Get 32-bit output


EE579U/1 #59

Details

• E-function takes the input to the Feistel round and expands it to 48 bits

• S boxes (for substitution) permute bits to produce the proper output

• Inverse permutation (IP-1) restores bit order after the 16 Feistel rounds


EE579U/1 #60

S-box Example


EE579U/1 #61

Key Scheduling


EE579U/1 #62

Principal DES Operating Modes(FIPS PUB 81)

• Electronic Code Book (ECB)– Encrypts one block at a time with selected key– Vulnerability: repeated plaintext can reveal

key, and then all cipher blocks can be decrypted• Cipher Block Chaining (CBC)

– Input to each block is the output of the previous block next plaintext block

– Initial block XOR’d with an Initialization Vector (IV)


EE579U/1 #63

ECB


EE579U/1 #64

CBC


EE579U/1 #65

Additional DES Modes -1

• Cipher Feedback Mode– previous ciphertext block encrypted and output

XOR’d with plaintext block to produce current ciphertext block

– can use feedback that is less than one full data block

– initialization vector used as “seed” for the process.


EE579U/1 #66

CFB


EE579U/1 #67

Additional DES Modes -2

• Output Feedback Mode (OFB)– similar to CFB mode except data XOR’d with

each plaintext block is generated independently of both the plaintext and ciphertext

– initialization vector s0 used as “seed” for a sequence of data blocks si

– each data block si derived from encryption of the previous data block si-1


EE579U/1 #68

OFB


EE579U/1 #69

Importance of DES

• Ubiquitous, U.S. federal standard• When standardized, 56-bit made cipher

computationally secure– This is no longer the case

– DES has been broken using brute force attacks in 56 hours, using recycled computer boards costing less than $250,000 (July 15, 1998)

• Immediate fix: Triple Data Encryption Algorithm (or Triple DES, 3DES)


EE579U/1 #70

TDEA

Encryption

Decryption


EE579U/1 #71

TDEA Realities

• Two keying options– Three separate keys (as shown previous slide)– Two keys; EK1 = EK3

– Resultant key lengths of 168 or 112 bits• For mathematical reasons we won’t go into here,

3-key TDEA is only about twice as secure as DES, not 3 times as secure

• Implemented in hardware, 3-key TDEA can achieve throughputs approaching 1 Gbps


EE579U/1 #72

TDEA Advantages

• Thoroughly analyzed, unlikely to have any hidden vulnerabilities

• Much less vulnerable to brute force attack than DES

• Can be implemented in silicon, with very fast throughput


EE579U/1 #73

TDEA Disadvantages

• Algorithm produces slow software implementations

• Limited to 64-bit block size

• Trebles the key distribution problem of DES


EE579U/1 #74

DES Decryption• As DES is a Feistel cipher, decryption uses

the same engine as does encryption• For decryption:

– The DES engine is precisely the same as the encryption engine -- it is not run in reverse (e.g. with the input coming in the “bottom”)

– Instead, the key schedule is run in reverse; i.e. the first subkey used is K16, then K15, etc., finishing with K1


EE579U/1 #75

DES Mathematics

• Only two functions used– XOR– Data permutation or shifting

• At the heart of the DES engine, inside the f-box, is a Vernam cipher machine!

• Vernam, by itself, is insecure. What makes DES secure?


EE579U/1 #76

Symmetric Crypto Keys

• Ideally, are purely random numbers• This is possible because:

– The keys are prepositioned at each end– Random numbers can be generated by capturing stellar

noise, diode shot noise, etc.– The parties need only agree on where in the key stream

to start– The key does not have to obey any mathematical

function other than randomness

• Many implementations use pseudo-random


EE579U/1 #77

AES: The Next Generation

• Advanced Encryption Standard (FIPS PUB 197)

– Established to counter weaknesses of DES– Adopted as U. S. standard November 26, 2001– Becomes effective May 26, 2002– Based on Rijndael algorithm

• Joan Daemen and Vincent Rijmen, Belgians, authors

– Key lengths of 128, 192, and 256 bits– Block size of 128 bits


EE579U/1 #78

Rijndael Structure • Rijndael is not a Feistel cipher; rather, it

uses substitution boxes• “...typically part of the bits of the

intermediate state are simply transposed unchanged to another position”

• “...[each] round transformation is composed of three distinct invertible uniform transformations”


EE579U/1 #79

AES’ Future

• Intended to replace DES & TDEA

• Designed for efficient software implementation

• Not yet as thoroughly analyzed as DES

• Many implementations exist

• Probably a long coexistence of TDEA & AES


EE579U/1 #80

Breaking Symmetric Ciphers• Brute force

– Inelegant, but sometimes effective if enough computing power can be brought to bear

– If cipher is complex enough, this doesn’t work

• Exploit errors– Same message enciphered in two codes– Plaintext attack– Exploit operator errors


EE579U/1 #81

Key Types

• Permanent – Used for a fixed, prearranged period of time– Typically used for applications such as key

distribution, government communications, etc.

• Session– Valid only for current communications session– Destroyed after session terminates


EE579U/1 #82

Key Distribution Problem

• Secret keys must be prepositioned at all locations before secure communications can occur.

• How to do this?– Secure physical transport– Secure electronic transport

• The search for a way to accomplish this led to the development of public key cryptography, which we will study next class


EE579U/1 #83

Asymmetric Ciphers

• Also known as public key cryptography

• Until Diffie-Hellman in 1976, this concept was heretical. It is still counterintuitive.

• Key has two parts– Public: everybody knows or can know– Private: only holder knows

• Based on large prime numbers


EE579U/1 #84

Asymmetric CryptographyAlice

Bob’s public key

Bob

Bob’s private key

Alice’s message


EE579U/1 #85

The Original Goal

• Diffie and Hellman did not set out to invent a new kind of cryptography

• The goal was to find a way to establish symmetrical session keys without prior placement of the keys by some other means– i.e. to solve the key distribution problem

• This is still the primary use of the D-H exchange


EE579U/1 #86

But then...

• Diffie-Hellman key exchanges proved immensely useful

• Others found that there other uses for this general crypto principle and algorithms were developed for encrypting data– RSA– El Gamal– etc.


EE579U/1 #87

Something Different

• Clearly, asymmetric crypto differs in a basic way from symmetric crypto– The keys are mathematically related, and

cannot be purely random numbers– The algorithms are quite different from the

universe of Feistel ciphers and S-boxes

• Is this a replacement for symmetric crypto, or a complement to it?


EE579U/1 #88

Asymmetric Crypto Properties

• The encryption function is one-way• The encryption process is fungible

– Can encrypt with public key and decrypt with private key, and vice versa

• So what?– Could this approach be used to sign documents?

– Can a signed document be used for authentication?


EE579U/1 #89

Modulus Arithmetic• In modulus arithmetic, the “value” of a number is

the remainder when the number is divided by the modulus– e.g. 11 mod 5 = 1

• Clearly, there are many numbers that have the same modular representation– e.g. 21 mod 5 = 1 , 41 mod 5 = 1, etc.

• For a modulus of n, the maximum value is n-1


EE579U/1 #90

So What?

• Asymmetric cryptography is based on modulus arithmetic

• Modulus arithmetic makes it computation-ally infeasible to recover the number whose modulus is stated, provided certain conditions are met

• You can cheat: the Windows calculator has a modulus arithmetic mode


EE579U/1 #91

Diffie-Hellman Key Exchange-1

• Alice and Bob agree on a large prime, n and g, where g is primitive mod n. These need not be kept secret

• Alice chooses a large random integer x and sends to Bob: X=gx mod n

• Bob chooses a large random integer y and sends to Alice: Y=gy mod n

• NB: x and y are never transmitted


EE579U/1 #92

Diffie-Hellman Key Exchange-2• Alice computes k=Yx mod n• Bob computes k’=Xy mod n• But k = k’ = gxy mod n • Therefore, Bob and Alice now have a secret

key, k, that they can share for communications

• Eavesdroppers know only n, g, X, and Y, not x or y, which are required to compute k


EE579U/1 #93

Diffie-Hellman Security

• D-H security depends on the difficulty of factoring large numbers (size of n)

• It is computationally infeasible to recover x and y from the data known to an eavesdropper by any means other than exhaustive key search

• Caveats– n must be large– ((n-1)/2) should also be prime– g can be small -- even one digit


EE579U/1 #94

Diffie-Hellman Drawbacks• Slow!

– Computationally intensive– Requires several communications exchanges

• Example:– Using D-H to set up a session key in a cellular

telephone could take nearly one minute!

• So, other key exchange protocols have been established that are more efficient


EE579U/1 #95

Asymmetric Crypto Uses?

• Only good for key exchange?

• As it turns out, NO– Other algorithms useful for providing data

secrecy, like symmetric cryptography– Can be used to provide

• confidentiality

• integrity

• authenticity


EE579U/1 #96

RSA Encryption Algorithm

• Ron Rivest, Adi Shamir, Len Adelman– First published 1978, from MIT– Block cipher, asymmetric key– Plain and cipher texts are integers between 0

and n-1, for some n that is part of the keys

• Like all asymmetric key systems, RSA depends for security on the difficulty of factoring large numbers


EE579U/1 #97

RSA Mechanics

• C = ciphertext– C = Me mod n

• M = plaintext– M = Cd mod n = (Me)d mod n = Med mod n

• Both parties know n, e

• Only the receiving party knows d


EE579U/1 #98

RSA Importance

• Together with Diffie-Hellman, RSA is the most widely used asymmetric key algorithm

• RSA was patented by its inventors, but the patents expired in 2000

• RSA is now freely usable by anyone, and is widely incorporated into common products, such as web browsers, VPN devices, etc.


EE579U/1 #99

Why Do We Want to Do This?• Symmetric cryptography is fast• Asymmetric cryptography is slow

– As much as 1000X slower than symmetric

• Therefore, we want to use the slow asymmetric crypto -- which does not require prepositioning of keys -- to create and/or exchange symmetric session keys so that data can be exchanged quickly


EE579U/1 #100

Asymmetric Cryptography Enables Public Key Certificates

• Encryption seeks to obscure plaintext with a key, so that the plaintext can be recovered

• Hash functions produce fixed-length output given variable-length input, such that the hash output will change substantially if even a single bit of the input is changed– Similar to checksum or CRC for data integrity– Depends on hash function being one-way


EE579U/1 #101

Common Hash Functions

Algorithm MD2 MD4 MD5 SHA-1

Output length 128 bits 128 bits 128 bits 160 bits

Block size 128 bits 512 bits 512 bits 512 bits

Specification RFC 1319 RFC 1320 RFC 1321 FIPS 180-1


EE579U/1 #102

Types of Hash

• “Standard”– Message is input to the hash function– Hash calculated according to the standard– Same message always produces same hash

• Keyed, or secure, hash– Message is one input to the hash function– Secret key is another input (cf. Slide 21)– Output depends on both key and message


EE579U/1 #103

Digital Signatures in General

Message

MD

Digital SignatureCreation

Decrypt w/sender’s

public key

Message

EncryptedMD

ComputeMD

=? No

Yes

Bogus

Authentic

Digital SignatureVerification

Encrypted w/sender’s

private key


EE579U/1 #104

X.509 Certificate Contents• Version• Serial number• Signature algorithm identity• Name of issuing CA• Period of validity (not before - not after)• Subject name to whom certificate refers• Subject’s public key• Subject distinguished name (X.500)• Extensions (added in X.509 v3)• Digital signature over the entire certificate


EE579U/1 #105

Crypto is Widely Used to Provide Network Security

• Authentication– Kerberos– RADIUS

• Confidentiality– IPSec– SSL– PGP


EE579U/1 #106

BLP Basic Security Theorem

• A state transition is secure if both the initial and the final states are secure, so

• If all state transitions are secure and the initial system state is secure, then every subsequent state will also be secure, regardless of which inputs occur.

• Significance?


EE579U/1 #107

Security Kernel

• Can implement security policy according to the selected model(s)

• Is best implemented at the lowest possible level

• Depends on processor design features for implementation

• Requires a distributed implementation for network security, which is difficult at best


EE579U/1 #108

Operating System Security

Hardware

OS Kernel

Operating System

Services

Applications

Network security depends to a great degree on the security provided by the operating system.


EE579U/1 #109

Malicious Code

• Is a monumental problem in today’s systems

• Is facilitated, more often than not, by failure to follow simple programming guidelines

• Isn’t going away

• Must be considered in any security plan

• Is getting easier for non-skilled to create


EE579U/1 #110

TOCTTOU

• A tropical bird?

• Time Of Check To Time Of Use

• Critical security parameter in many instances, to avoid replay attacks, etc.

• Important in most security systems

• A particularly vexing problem in networks


EE579U/1 #111

Database Security:Data vs. Information

• Data represents information

• Information is the interpretation of data

This is not as obvious as it appears on the surface!

What are we trying to protect?


EE579U/1 #112

Databases

• Collection of data

• Provides information to users– DBMS manages database– Think of information, vs. data in OS

• Consistency demanded– Internal--data follow prescribed rules– External--entries are correct


EE579U/1 #113

Database Vulnerabilities

• Inference (example)

• Aggregation– Inference (e.g. linking tables)– Cardinal (e.g. phone book in toto)

• Data integrity

• Trojan HorsesOn a network, the database(s) are often distributed.

This makes protecting the information even more challenging.


EE579U/1 #114

Statistical Database Security

• Aggregation and inference– Tracker attacks– Countermeasures

• suppress obviously sensitive info

• disguise data--randomly swap entries

• add small random perturbations

• static analysis

• All have disadvantages for legitimate users


EE579U/1 #115

Where is the Intruder?

• Historically, more intrusions came from within the firewall than from outside

• The two categories are now about even in terms of number of attacks– But internal users still cost more per incident

• Networks must provide defenses against both categories of users


EE579U/1 #116

Network Defenses

• Encrypted communications wherever feasible

• Firewalls• Intrusion Detection Systems• Rigid application of policy to provide

secure configurations of everything in the network– Very difficult to do and to enforce


EE579U/1 #117

Summary• Information security is a real need in real

systems• There are multitudes of examples of

systems that failed due to poor security, and which cost their owners dearly– In some cases, security failures have led to

business failures

• Absolute security does not exist


EE579U/1 #118

Homework

• Identify an information system security failure that has been reported in the media within the past 24 months. Describe what happened, and – based on what you know right now – describe how you would have attempted to prevent the problem and to mitigate its effects once it occurred. Target: 1000-1500 words.

ee579u/1 #1 spring 2004 © 2000-2004, richard a. stanley ee579u information systems security and...

Documents

stanley slide

class slide

stanley administrivia

stanley policies

information security

prearrangement slide

information security

physical security