Académique Documents
Professionnel Documents
Culture Documents
Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues
Introduction to Computer Security 2004 Matt Bishop Slide #1-1
November 1, 2004
Basic Components
Condentiality
Keeping data and resources hidden
Integrity
Data integrity (integrity) Origin integrity (authentication)
Availability
Enabling access to data and resources
November 1, 2004 Introduction to Computer Security 2004 Matt Bishop Slide #1-2
Classes of Threats
Disclosure
Snooping
Deception
Modication, spoong, repudiation of origin, denial of receipt
Disruption
Modication
Usurpation
Modication, spoong, delay, denial of service
November 1, 2004 Introduction to Computer Security 2004 Matt Bishop Slide #1-3
November 1, 2004
Slide #1-4
Goals of Security
Prevention
Prevent attackers from violating security policy
Detection
Detect attackers violation of security policy
Recovery
Stop attack, assess and repair damage Continue to function correctly even if attack succeeds
November 1, 2004 Introduction to Computer Security 2004 Matt Bishop Slide #1-5
Mechanisms
Assumed to enforce policy Support mechanisms work correctly
November 1, 2004 Introduction to Computer Security 2004 Matt Bishop Slide #1-6
Types of Mechanisms
secure
precise
broad
Assurance
Specication
Requirements analysis Statement of desired functionality
Design
How system will meet specication
Implementation
Programs/systems that carry out design
November 1, 2004 Introduction to Computer Security 2004 Matt Bishop Slide #1-8
Operational Issues
Cost-Benet Analysis
Is it cheaper to prevent or recover?
Risk Analysis
Should we protect something? How much should we protect this thing?
Human Issues
Organizational Problems
Power and responsibility Financial benets
People problems
Outsiders and insiders Social engineering
November 1, 2004
Slide #1-10
Tying Together
Threats Policy Specication Design Implementation Operation
November 1, 2004 Introduction to Computer Security 2004 Matt Bishop Slide #1-11
Key Points
Policy denes security, and mechanisms enforce security
Condentiality Integrity Availability