Security Principles.

Slides:

Advertisements

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Advertisements

Operating System Security

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

Database Administration and Security Transparencies 1.

VM: Chapter 5 Guiding Principles for Software Security.

Secure Design Principles  secure the weakest link  reduce the attack surface  practice defense in depth  minimize privilege  compartmentalize  fail.

Appendix B: Designing Policies for Managing Networks.

Module 4: Implementing User, Group, and Computer Accounts

Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

Introduction To Windows NT ® Server And Internet Information Server.

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

G Robert Grimm New York University Protection and the Control of Information Sharing in Multics.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Protection and Security An overview of basic principles CS5204 – Operating Systems1.

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Designing Active Directory for Security

The Protection of Information in Computer Systems Part I. Basic Principles of Information Protection Jerome Saltzer & Michael Schroeder Presented by Bert.

Software Security and Security Engineering (Part 2)

Chapter 5 Network Security

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Introduction to Information Security

Software Security II Karl Lieberherr. What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit.

Security fundamentals Topic 2 Establishing and maintaining baseline security.

Security March 9, Security What is security?  Techniques that control access to use a shared resource  Uses of shared resource must be authorized.

Creating and Managing Digital Certificates Chapter Eleven.

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

Trusted Operating Systems

Audit COM380 University of Sunderland Harry R. Erwin, PhD.

Design Principles and Common Security Related Programming Problems

Fall 2008CS 334: Computer SecuritySlide #1 Design Principles Thanks to Matt Bishop.

Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University

June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.

Module 7: Designing Security for Accounts and Services.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.

1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,

June 1, 2004© Matt Bishop [Changed by Hamid R. Shahriari] Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.

Slide #13-1 Design Principles CS461/ECE422 Computer Security I Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and.

Software Security II Karl Lieberherr. What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit.

1 Saltzer [1974] and later Saltzer and Schroeder [1975] list the following principles of the design of secure protection systems, which are still valid:

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

Chap5: Designing Trusted Operating Systems.  What makes an operating system “secure”? Or “trustworthy”?  How are trusted systems designed, and which.

1 Design Principles CS461 / ECE422 Spring Overview Simplicity  Less to go wrong  Fewer possible inconsistencies  Easy to understand Restriction.

Information Systems Security

Security+ All-In-One Edition Chapter 1 – General Security Concepts

Software Security II Karl Lieberherr.

NAAS 2.0 Features and Enhancements

How to Mitigate the Consequences What are the Countermeasures?

Protection and Security

Design Principles Thanks to Matt Bishop 2006 CS 395: Computer Security.

Presentation transcript:

Security Principles

Simplicity Keep it simple. Simplicity is desirable for all aspects of system design and development, for operation and maintenance as well as for security mechanisms. Simpler systems are less likely to contain flaws than complex ones. Moreover, simpler systems are easier to analyze and review, and it is thus easier to establish their trustworthiness. a small and simple design is essential

Open Design The security of a system should not depend on the secrecy of its protection mechanisms. Example 1.1. We do not design doors that only authorized persons know how to open and close. Instead, we design standardized doors with standardized locks (both with different protection levels) and rely on the protection of the associated key.

Compartmentalization Organize resources into isolated groups of similar needs. Compartmentalization means organizing resources into groups (also called compartments or zones), each of which is isolated from the others, except perhaps for some limited and controlled means of exchanging information. The principle of compartmentalization is applied in different areas in computer science, for example, in programming, where functions and variables are grouped and put into separate modules or classes.

Minimum Exposure Minimize the attack surface a system presents to the adversary. 1. Reduce external interfaces to a minimum. 2. Limit the amount of information given away. 3. Minimize the window of opportunity for an adversary, for example, by limiting the time available for an attack.

Least Privilege Any component (and user) of a system should operate using the least set of privileges necessary to complete its job. The principle states that privileges should be reduced to the absolute minimum. As a consequence subjects should not be allowed to access objects other than those really needed to complete their jobs.

Minimum Trust and Maximum Trustworthiness Minimize trust and maximize trustworthiness.

Secure, Fail-Safe Defaults The system should start in and return to a secure state in the event of a failure.

Complete Mediation Access to any object must be monitored and controlled.

No Single Point of Failure Build redundant security mechanisms whenever feasible.

Traceability Log security-relevant system events. Example 1.16. Many hard-copy forms in companies have an audit trail. Invoices in particular may require signatures, stamps and other information as they flow through the administrative processes. They are archived afterwards so that it is later possible to determine who checked an invoice or who cleared it.

Generating Secrets Maximize the entropy of secrets.

Usability Design usable security mechanisms. Example 1.19. Most end users do not understand cryptographic mechanisms. They do not understand what a certificate is, its intended use and how to verify the authenticity of a server certificate. As a consequence, it is possible to impersonate a web server even in settings where server certificates are used.

Discussion