1. Dr. Bhavani Thuraisingham Introduction to Information Systems Security Lecture #1 May 27, 2011

2. 5/16/2015 21:13 Outline 0 What is Cyber Security? 0 What is C. I. A.? 0 Ten Major Modules of Cyber Security 0 Some Topics in Cyber Security

3. 5/16/2015 21:13 Cyber Security 0 Security traditionally has been about CIA (Confidentiality, Integrity, Availability) 0 Security now also includes areas like Trustworthiness, Quality, Privacy 0 Dependability includes Security, Reliability and Fault Tolerance 0 Initially the term used was Computer Security (Compusec); it then evolved into Infosec – Information security – to include data and networks – now with web its called Cyber Security

4. 5/16/2015 21:13 C. I.A. 0 Confidentiality: Preventing from unauthorized disclosure 0 Integrity: Preventing from unauthorized modification 0 Availability: Preventing denial of service

5. 5/16/2015 21:13 Ten Major Modules of Cyber Security 0 Information Security and Risk Management 0 Access Control 0 Security Architecture and Design 0 Physical and Environmental Security 0 Telecommunications Security 0 Cryptography 0 Business Continuity Planning 0 Legal Regulations, Compliance and Investigations 0 Applications Security 0 Operations Security

6. 5/16/2015 21:13 Information Security and Risk Management 0 Security Management 0 Security Administration 0 Organizational Security Model 0 Information Risk Management 0 Risk Analysis 0 Policies, Standards, Guidelines, Procedures 0 Information Classification 0 Layers of Responsibility 0 Security Awareness Training

7. 5/16/2015 21:13 Access Control 0 Security Principles 0 Identification, Authentication, Authorization, Accountability 0 Access Control Models 0 Access Control techniques 0 Access Control Administration 0 Access Control Methods 0 Access Control Types 0 Accountability 0 Access Control practices 0 Access Control Monitoring 0 Threats to Access Control

8. 5/16/2015 21:13 Security Architecture and Design 0 Computer Architecture 0 Systems Architecture 0 Security Models 0 Security Modes of Operation 0 Systems Evaluation Methods 0 Open vs. Closed Systems 0 Enterprise Architecture 0 Security Threats

9. 5/16/2015 21:13 Physical and Environmental Security 0 What is Physical Security 0 Planning Process 0 Protecting assets 0 Internal Support Systems 0 Perimeter Security 0 Other aspects

10. 5/16/2015 21:13 Telecommunications and Network Security 0 Open Systems Interconnection Reference Model 0 TCP/IP 0 Types of Transmission 0 LAN Networking 0 Routing Protocols 0 Networking Devices 0 Networking services and protocols 0 Intranets and Extranets 0 Metropolitan Area networks 0 Remote access 0 Wireless technologies 0 Rootkits

11. 5/16/2015 21:13 Cryptography 0 History, Definitions and Concepts 0 Types of Ciphers 0 Methods of Encryption 0 Type of Asymmetric Systems 0 Message Integrity 0 PKI 0 Key Management 0 Link / End-to-end Encryption 0 Email standards 0 Internet security 0 Attacks

12. 5/16/2015 21:13 Legal Regulation and Compliance Investigation 0 Cyber law and Cyber crime 0 Intellectual property law 0 Privacy 0 Liability and Ramifications 0 Digital Forensics and Investigations 0 Ethics

13. 5/16/2015 21:13 Applications Security 0 Software and applications security issues 0 Database Security 0 Secu4e systems development 0 Application development and security 0 Object-oriented systems and security 0 Distributed computing and security 0 Expert systems and security 0 Web security 0 Mobile code 0 Patch management

14. 5/16/2015 21:13 Operations Security 0 Role of the Operations Department 0 Administrative Management 0 Assurance Levels 0 Configuration management 0 Media Controls 0 Data Leakage 0 Network and Resource Availability 0 Mainframes 0 Email Security 0 Vulnerability testing

15. 5/16/2015 21:13 Introduction to Cyber Security 0 Operating Systems Security 0 Network Security 0 Designing and Evaluating Systems 0 Web Security 0 Data Mining for Malware Detection 0 Other Security Technologies

16. 5/16/2015 21:13 Operating System Security 0 Access Control -Subjects are Processes and Objects are Files -Subjects have Read/Write Access to Objects -E.g., Process P1 has read acces to File F1 and write access to File F2 0 Capabilities -Processes must presses certain Capabilities / Certificates to access certain files to execute certain programs -E.g., Process P1 must have capability C to read file F

17. 5/16/2015 21:13 Mandatory Security 0 Bell and La Padula Security Policy -Subjects have clearance levels, Objects have sensitivity levels; clearance and sensitivity levels are also called security levels -Unclassified < Confidential < Secret < TopSecret -Compartments are also possible -Compartments and Security levels form a partially ordered lattice 0 Security Properties -Simple Security Property: Subject has READ access to an object of the subject’s security level dominates that of the objects -Star (*) Property: Subject has WRITE access to an object if the subject’s security level is dominated by that of the objects\

18. 5/16/2015 21:13 Covert Channel Example 0 Trojan horse at a higher level covertly passes data to a Trojan horse at a lower level 0 Example: -File Lock/Unlock problem -Processes at Secret and Unclassified levels collude with one another -When the Secret process lock a file and the Unclassified process finds the file locked, a 1 bit is passed covertly -When the Secret process unlocks the file and the Unclassified process finds it unlocked, a 1 bit is passed covertly -Over time the bits could contain sensitive data

19. 5/16/2015 21:13 Steps to Designing a Secure System 0 Requirements, Informal Policy and model 0 Formal security policy and model 0 Security architecture -Identify security critical components; these components must be trusted 0 Design of the system 0 Verification and Validation 0 End to End Security? 0 Building a Secure System with Untrusted Components

20. 5/16/2015 21:13 Product Evaluation 0 Orange Book -Trusted Computer Systems Evaluation Criteria 0 Classes C1, C2, B1, B2, B3, A1 and beyond -C1 is the lowest level and A1 the highest level of assurance -Formal methods are needed for A1 systems 0 Interpretations of the Orange book for Networks (Trusted Network Interpretation) and Databases (Trusted Database Interpretation) 0 Several companion documents -Auditing, Inference and Aggregation, etc. 0 Many products are now evaluated using the federal Criteria

21. 5/16/2015 21:13 Network Security 0 Security across all network layers -E.g., Data Link, Transport, Session, Presentation, Application 0 Network protocol security -Ver5ification and validation of network protocols 0 Intrusion detection and prevention -Applying data mining techniques 0 Encryption and Cryptography 0 Access control and trust policies 0 Other Measures -Prevention from denial of service, Secure routing, - - -

22. 5/16/2015 21:13 Data Security: Access Control 0 Access Control policies were developed initially for file systems -E.g., Read/write policies for files 0 Access control in databases started with the work in System R and Ingres Projects -Access Control rules were defined for databases, relations, tuples, attributes and elements -SQL and QUEL languages were extended =GRANT and REVOKE Statements =Read access on EMP to User group A Where EMP.Salary Security -Query Modification: =Modify the query according to the access control rules =Retrieve all employee information where salary < 30K and Dept is not Security

23. 5/16/2015 21:13 Multilevel Secure Data Management What is MLS/DBMS ? Users are cleared at different security levels Data in the database is assigned different sensitivity levels-- multilevel database Users share the multilevel database MLS/DBMS is the software that ensures that users only obtain information at or below their level In general, a user reads at or below his level and writes at his level Need for MLS/DBMS Operating systems control access to files; coarser grain of granularity Database stores relationships between data Content, Context, and Dynamic access control Traditional operating systems access control to files is not sufficient Need multilevel access control for DBMSs

24. 5/16/2015 21:13 Inference Problem Inference is the process of forming conclusions from premises If the conclusions are unauthorized, it becomes a problem Inference problem in a multilevel environment Aggregation problem is a special case of the inference problem - collections of data elements is Secret but the individual elements are Unclassified Association problem: attributes A and B taken together is Secret - individually they are Unclassified

25. 5/16/2015 21:13 Security Threats to Web/E-commerce

26. 5/16/2015 21:13 Intrusion Detection / Malware Detection 0 An intrusion can be defined as “any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource”. 0 Attacks are: Host-based attacks; Network-based attacks 0 Intrusion detection systems are split into two groups: - Anomaly detection systems; Misuse detection systems 0 Use audit logs: Capture all activities in network and hosts. 0 Mine the Audit Logs 0 Malware: Virus, Worms, Trojan Horses, - - - 0 Malware changes patterns; need data mining techniques to detect novel classes

27. 5/16/2015 21:13 Some Security Technologies 0 Digital Identity Management 0 Digital Forensics 0 Digital Watermarking 0 Risk/Cost Analysis 0 Biometrics 0 Other Applications

28. 5/16/2015 21:13 Digital Identity Management 0 Digital identity is the identity that a user has to access an electronic resource 0 A person could have multiple identities -A physician could have an identity to access medical resources and another to access his bank accounts 0 Digital identity management is about managing the multiple identities -Manage databases that store and retrieve identities -Resolve conflicts and heterogeneity -Make associations -Provide security 0 Ontology management for identity management is an emerging research area

29. 5/16/2015 21:13 Digital Identity Management - II 0 Federated Identity Management -Corporations work with each other across organizational boundaries with the concept of federated identity -Each corporation has its own identity and may belong to multiple federations -Individual identity management within an organization and federated identity management across organizations 0 Technologies for identity management -Database management, data mining, ontology management, federated computing

30. 5/16/2015 21:13 Digital Forensics 0 “Digital forensics, also known as computer forensics, involved the preservation, identification, extraction, and documentation of computer evidence stored as data or magnetically encoded information”, by John Vacca 0 Digital evidence may be used to analyze cyber crime (e.g. Worms and virus), physical crime (e.g., homicide) or crime committed through the use of computers (e.g., child pornography) 0 Objective of Computer Forensics: To recover, analyze and present computer based material in such a way that it is usable as evidence in a court of law

31. 5/16/2015 21:13 Steganography and Digital Watermarking 0 Steganography is about hiding information within other information -E.g., hidden information is the message that terrorist may be sending to their pees in different parts of the worlds -Information may be hidden in valid texts, images, films etc. -Difficult to be detected by the unsuspecting human 0 Steganalysis is about developing techniques that can analyze text, images, video and detect hidden messages -May use data mining techniques to detect hidden patters 0 Steganograophy makes the task of the Cyber crime expert difficult as he/she ahs to analyze for hidden information -Communication protocols are being developed

32. 5/16/2015 21:13 Steganography and Digital Watermarking - II 0 Digital water marking is about inserting information without being detected for valid purposes -It has applications in copyright protection -A manufacturer may use digital watermarking to copyright a particular music or video without being noticed -When music is copies and copyright is violated, one can detect two the real owner is by examining the copyright embedded in the music or video

33. 5/16/2015 21:13 Risk/Cost Analysis 0 Analyzing risks -Before installing a secure system or a network one needs to conduct a risk analysis study -What are the threats? What are the risks? -Quantitative approach: Events are ranked in the order of risks and decisions are made based on then risks Qualitative approach: estimates are used for risks 0 Security vs Cost -If risks are high and damage is significant then it may be worth the cost of incorporating security; If risks and damage are not high, then security may be an additional cost burden -Develop cost models -Cost vs. Risk/Threat study

34. 5/16/2015 21:13 Biometrics: Overview 0 Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristic 0 Features measured: Face, Fingerprints, Hand geometry, handwriting, Iris, Retinal, Vein and Voice 0 Identification and personal certification solutions for highly secure applications 0 Biometrics replaces Traditional Authentication Methods -Provides better security; More convenient; Better accountability 0 Applications : Fraud detection and Fraud deterrence 0 Dual purpose: Cyber Security and National Security 0 Numerous applications: medical, financial, child care, computer access etc.

35. 5/16/2015 21:13 Biometrics: Process 0 Three-steps: Capture-Process-Verification 0 Capture: A raw biometric is captured by a sensing device such as fingerprint scanner or video camera 0 Process: The distinguishing characteristics are extracted from the raw biometrics sample and converted into a processed biometric identifier record -Called biometric sample or template 0 Verification and Identification -Matching the enrolled biometric sample against a single record; is the person really what he claims to be? -Matching a biometric sample against a database of identifiers 0 Study the attacks of biometrics systems -Modifying fingerprints; Modifying facial features