Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:"— Presentation transcript:

1 Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users: Authentication, Authorization, Privacy  Security in stand-alone, networked, and internetworked environments

2 Chapter 1  Introduction 2 Secure Computer System  A security policy specifies exactly what types of actions are and are not permitted on the system  Example security policy o Only authorized users able to use the system o Authorization/Access control o Resources sharing among users  A secure system obeys its security policy

3 Chapter 1  Introduction 3 Security Breaches  A violation of a system’s security policy is called a security breach  Security breaches can occur o Accidentally – faulty program o Intentionally – virus  Creating a system where security breaches cannot occur can be easy or impossible depending on o What the security policy requires o How the system implements the policy

4 Chapter 1  Introduction 4 Secure Systems Design  Policy Simplicity Principle o Policy as simple as possible (but no simpler) o Should state what is allowed and forbidden  System Functionality Principle o Include necessary functionality (and no more) o Perform job it was designed to do (and no more)

5 Chapter 1  Introduction 5 Policy Simplicity  Simpler security policies are easier to get right, reason about and implement  Security breaches caused by policy shortcomings are most often due to o Incomplete or inconsistent policy o Misunderstanding the policy’s requirements o Error in implementation

6 Chapter 1  Introduction 6 System Functionality  Limiting functionality limits attacks  Security breaches caused by system functionality can be caused by o Software bugs o Unforeseen interactions between components

7 Chapter 1  Introduction 7 Relative Security  Few useful systems will be absolutely secure  We view security in a relative sense  This does not mean that good security design and implementation is unimportant  Example: safes

8 Chapter 1  Introduction 8 Cost vs Security  Proper security level depends on value of the items that system is protecting (other concerns?)  Trade-off between cost and security  Select security level appropriate for user needs

9 Chapter 1  Introduction 9 Cost vs Security (continued)  Example: user authentication o System A - authenticates the user by retinal scan o System B - authenticates users once with password  System A is probably more secure than system B, but more costly and inconvenient  Is added security and expense called for? o Maybe for NSA o Not for an individual

10 Chapter 1  Introduction 10 Secure System Concerns  Data o Privacy o Integrity o Availability  Users o Authentication o Privacy

11 Chapter 1  Introduction 11 Data Privacy  Data privacy: access to information is limited to authorized entities  Examples o Certain files only accessible to certain users o Communications between two users cannot be read by some third party  Cryptography for privacy of data

12 Chapter 1  Introduction 12 Data Integrity  Data has integrity if it can only be modified by authorized principals  Examples o Bank must ensure that only authorized personnel can change account balances o Company must make sure that its freeware program has not been modified  Message-digests used to protect integrity

13 Chapter 1  Introduction 13 Data Availability  Data availability means that data is accessible in a timely manner as needed  Examples o Non-working laptop brought to open-note test o Student’s laptop notes poorly organized so time wasted finding relevant information  Replication and fault tolerance can be used to ensure the availability of data

14 Chapter 1  Introduction 14 User Authentication  User authentication means that system accurately determines user’s identity  Examples o Files readable only by their owner o Only certain users should be able to add or delete system accounts  Authenticate by: something you know, something you have, something you are

15 Chapter 1  Introduction 15 User Privacy  privacy means that users have control over info collected and made available to others  Examples: o User may not want others to know programs they run, who they communicate with, etc. o User may not want to receive spam  Anonymity can protect privacy

16 Chapter 1  Introduction 16 Network and Internet  Additional challenges o Privacy  Stand-alone system - the operating system is likely to control all communication channels  Networked systems - no host controls the communication medium; eavesdropping usually easy o User authentication  Stand-alone system – user is physically present  Internetworked systems – user may access system over an insecure communication channel

17 Chapter 1  Introduction 17 Summary  A secure computer system follows security policy  Security concerns involve protecting o Data privacy o Data integrity o Data availability o User authentication o User privacy o Network and internetwork  additional risks

Download ppt "Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Operating System Security

Operating System Security
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Introduction to Databases

Introduction to Databases
Appendix B: Designing Policies for Managing Networks.

Appendix B: Designing Policies for Managing Networks.
Chapter 1 – Introduction

Chapter 1 – Introduction
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.

1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Principles of Information Security, 2nd Edition1 Introduction.

Principles of Information Security, 2nd Edition1 Introduction.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Similar presentations

Ads by Google