Académique Documents
Professionnel Documents
Culture Documents
Hall Chapter 16
Contains key information about user (user ID, pw, user group
and privileges)
Information here are used to approve all actions the user
attempts during a session
o Access control list
Assigned to each resource
Controls access to system resources
Contains information that defines the access privileges for all
valid users of the resources
User attempts access system compares his ID and privileges
contained in the access token against the access control list
match grant access
o Discretionary access privilege
Central system administrator (centralized system) - det. who is
granted access to specific resources and maintains the access
control list --- in distributed system, end users may control
resources
Allows end users (owner of resource) to grant access privileges
to other users
Must be closely supervised to prevent security breaches of its
liberal use
Threats to OS integrity
o Hindrance in achieving control objectives
o Accidental Threats system failure
o Intentional Threats attempt to illegally access data or violate
o Destructive programs w/ no apparent gain --- gaining threat
Exposure from 3 sources
Privileged personnel who abuse their authority system
administrators and systems programmers need unlimited
access to the OS
Individuals ( internal & external) who browse the OS to
identify and exploit security flaws
Individuals who intentionally or accidentally insert computer
viruses or other forms of destructive programs into the OS
Operating System Controls and Tests of Controls the design and
assessment of these controls are SOX compliance issues
o Access privileges (controlling access privileges) user access
privileges are assigned to individuals and to entire workgroups
authorized to use the system; privileges determine who has access
also what types of action can be taken
Management should be concerned that individuals arent
granted privileges that are incompatible w/ their assigned
duties
The way access privileges are assigned influences system
security
Hall Chapter 16
Audit objective verify that all access privileges are granted in
a manner that is consistent w/ the need to separate
incompatible functions and is in accordance w/ the
organizations policy
Audit procedure
Review policies for separating incompatible functions and
ensure they promote reasonable security
Review privileges of a selection of user groups and
individuals to determine if their access rights are appropriate
for their job description and positions
Review personnel records to det. whether privileged
employees undergo an adequately intensive security
clearance check in compliance w/ company policy
Review employee records to det. whether users have
formally acknowledged their responsibility to maintain
confidentiality of company data
Review users permitted log-on times should be reasonable
w/ task assigned
Password control
Password secret code the user enters to gain access to
systems, applications, data files or a network server
Password procedures can result in end-user behavior that
circumvents security when imposed on nonsecurity-minded
users
Forgetting password
Failing to change password on a frequent basis
Post-it syndrome --- written down for others to see
Simplistic passwords
Reusable password
Most common
The user defines the password to the system once and then
reuses it to gain future access
Quality of security depends on the quality of password
Passwords that are more difficult to crack are harder to
remember
Management should require passwords to be changed
frequently and to disallow weak passwords theres a
software for this task
One-time password
Users password changes continuously
Employs a credit card-sized smart card that contain s a
microprocessor programmed with an algorithm that
generates and electronically displays a new and unique
password every 60 seconds; the card works in conjunction
Hall Chapter 16
Virus
Hall Chapter 16
Hall Chapter 16
Audit procedures
Verify if audit trail was activated according to company policy
Audit log viewer allows auditor to scan log for unusual
activities
Select sample of security violation causes and evaluate their
dispositions to assess effectiveness of security group
Hall Chapter 16
a. Database backup make periodic backup of entire database;
automatic; at least once a day; backup is stored in a secure remote
area
b. Transaction log (journal) provides audit trail for all processed
transactions; only list of transactions; changes to it are on a
separate database change log
c. Checkpoint feature suspends all data processing while the system
reconciles the transaction log and the database change log against
the database; system is at a quiet state here; checkpoints occur
automatically several times an hour; failure checkpoint
minimum processes to be repeated
d. Recovery module uses the logs and backup files to restart system
after a failure
e. Audit objective- verify that backup controls are adequate to
facilitate lost, destroyed or corrupted data
f. Audit procedure
i. Verify from system documentation that production databases
are copied at regular intervals (several times an hour)
ii. Verify through documentation and observation that backup
copied of the database are stored off-site to support disaster
recovery procedures
Controlling Networks
-
Hall Chapter 16
Can be used to insulate portions of the organizations
intranet to from internal access
Network-level firewalls
Efficient but low security access control
Consists of a screening router - examines the source and
destination addresses that are attached to incoming
message packet
Accepts or denies access requests based on filtering rules
programmed
Directs incoming calls to the correct internal receiving
node
Insecure designed to facilitate free flow of info and not
restrict it
Does no explicitly authenticate outside users
Application-level firewalls
A higher level of customizable network security
Add overhead to connectivity
Configured to run proxies (security applications) that
permit routine services (like email)
Can perform sophisticated functions such as
authentication of tasks
Provide comprehensive transmission logging and auditing
tools for reporting unauthorized activity
Dual-homed system
Has two firewall interfaces 1 screens incoming requests
from the internet; the other provides access to the
organizations intranet
Direct communication to the internet is disabled
The two networks are fully isolated
Proxy applications that impose separate log-on procedures
perform all access
Convenience vs. security trade-off --- acceptable risk
Controlling Denial of Service Attacks
Forms of DOS clogs internet ports w/ fraudulently generated
messages
SYN flood attacks
o Use IP spoofing to disguise the source
o Attack may be coming from a single disguised site host
computer views this as coming from all over the internet
o Two actions to defeat:
Program firewalls to block outbound message packets
that contain invalid internal IP addresses will prevent
attackers from hiding their locations from the targeted
site and would assure management of potential
intermediary hosts that no undetected attacks could
Hall Chapter 16
be launched from their sites wont prevent attacks
from internet sites that refuse to screen outgoing
transmissions
Security software scans for half-open connections
looks for SYN packets that has not been followed by
ACK packet
Smurf attacks
o Target organization can program their firewall to ignore all
communication from the attacking site, once attackers IP
address is determined
Distributed denial of service attacks (DDos)
o Most difficult to counter
o Messages from thousands of zombie sites that are
distributed across the internet cant block transmissions
from so many different locations
o Intrusion prevention systems (IPS) that employ deep
packet inspection (DPI) det. when an attack is in
progress
o IPS
Works inline with firewall at the perimeter of the
network to act as a filter that removes malicious
packets from the flow before they can affect servers
and networks
May be used behind firewall to protect specific network
segments and servers
Can be employed to protect an organization from
becoming part of a botnet by inspecting outbound
packets and blocking malicious traffic before it reaches
the internet
o DPI
uses a variety of analytical and statistical techniques
to evaluate contents of message packets
searches the individual packets for protocol
noncompliance and employs predefined criteria to
decide if a packet can proceed to its destination
can identify and classify malicious packets based on a
database of known attack signatures malicious
blocked and redirected to security team
in contrast to normal packet inspection checks
header portion of packet to det. destination
Encryption
conversion of data into a secret code for storage in
databases and transmission over networks
sender uses encryption algorithm to convert cleartext into
ciphertext; process is reversed by receiver
Hall Chapter 16
Hall Chapter 16
Hall Chapter 16
o Audit tools
o Probe for weakness
Verify IPS w/ DPI is in place for organizations that are
vulnerable to DDos (like financial institutions)
Review security procedures governing administration of data
encryption
Verify encryption process by transmitting a test message and
examining the contents at various points along the channel
b/w sending and receiving locations
Review the message transaction logs to verify that all
messages were received in their proper sequence
Test the operation of the call-back feature by placing
unauthorized call from outside the installation
Controlling Risks from Equipment Failure
o Line errors
Most common cause of data loss in data communication
Messages bit structure can be corrupted through nose on
communication lines
Noise made up of random signals that can interfere w/ the
message signal when they reach a certain level
Random signal may be caused by electric motors,
atmospheric conditions, faulty wiring, defective components,
noise spilling over an adjacent communication channel
Echo check receiver returns message to sender sender
compares returned message w/ a stored copy of the original
presence of discrepancy transmission error retransmit
message
Usage of it is reduced by one-half throughput over
communications channels
Using full-duplex channels (allow both parties to transmit and
receive simultaneously) can increase throughput
Parity check incorporates the parity bit (extra bit) into the
structure of a bit string when its created or transmitted; can be
vertical and/or horizontal
Vertical parity adds parity bit to each character in the
message when the characters are originally coded and stored
in magnetic form
o Audit objective verify integrity of the e-commerce transactions by
determining that controls are in place to detect and correct message
loss due to equipment failure
o Audit procedure
See if messages have garbled contents that line nose causes
sampling
Verify that corrupted messaged were successfully retransmitted
Hall Chapter 16
Electronic Data Interchange (EDI) Controls
-
Hall Chapter 16
Appendix
Malicious and Destructive program
1. Virus
a. a program that attaches itself to a legit program to penetrate the OS
and destroy application program, data files and the OS
b. can spread first before perpetrating its destructive acts
c. can be modified to replicate itself first before it destroys
d. personal computers are major source of virus penetration; virus usually
attach themselves to the ff. type:
i. .EXE or .COM
ii. .OVL (overlay)
iii. Boot sector of a disk
iv. Device driver program
2. Worm virtually burrows into the computers memory and replicates itself
into areas of idle memory; systematically occupies idle memory until
memory is exhausted and system fails
3. Logic bomb triggered by a predetermined event like date or events
4. Back door (trap door) allows unauthorized access to system w/o going
through the normal log-on procedure (front door) programmers who
developed the system and wants unauthorized access can program it in a
way that their own password or the users can be used to access
5. Trojan horse captures IDs and passwords from users (mimic log-on
procedure) stored on a secret file author uses it to masquerade as
Hall Chapter 16
you
Hall Chapter 16