EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering.

Slides:



Advertisements
Similar presentations
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Advertisements

Is There a Security Problem in Computing? Network Security / G. Steffen1.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
Term Paper OLOMOLA,Afolabi( ). Dependability Modellling.
Software Testing and Quality Attributes Software Testing Module ( ) Dr. Samer Hanna.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
The Architecture Design Process
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Aims and Motivation The goal of this project is to produce a secure and dependable way of distributing and storing data securely over a distributed system.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 12 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 3 Slide 1 Critical Systems.
Introduction to Dependability slides made with the collaboration of: Laprie, Kanoon, Romano.
EEC 688/788 Secure and Dependable Computing Lecture 11 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
CPSC 6126 Computer Security Information Assurance.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
A Taxonomy of Network and Computer Attacks Simon Hansman & Ray Hunt Computers & Security (2005) Present by Mike Hsiao, S. Hansman and R. Hunt,
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 1.
What does “secure” mean? Protecting Valuables
1 Chapter 3 Critical Systems. 2 Objectives To explain what is meant by a critical system where system failure can have severe human or economic consequence.
@Yuan Xue CS 285 Network Security Fall 2008.
Introduction to Dependability. Overview Dependability: "the trustworthiness of a computing system which allows reliance to be justifiably placed on the.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 3 Slide 1 Critical Systems 1.
John Carpenter & lecture & Information Security 2008 Lecture 1: Subject Introduction and Security Fundamentals.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.
Building Dependable Distributed Systems Chapter 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Software Testing Definition Software Testing Module ( ) Dr. Samer Odeh Hanna.
CS 505: Thu D. Nguyen Rutgers University, Spring CS 505: Computer Structures Fault Tolerance Thu D. Nguyen Spring 2005 Computer Science Rutgers.
Fault Tolerance Benchmarking. 2 Owerview What is Benchmarking? What is Dependability? What is Dependability Benchmarking? What is the relation between.
PRESENTER PRIYANKA GUPTA.  Testing the complete system with respect to requirements.  In System testing, the functionalities of the system are tested.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Basic Concepts of Dependability Jean-Claude Laprie DeSIRE and DeFINE Workshop — Pisa, November 2002.
MAFTIA’s Interpretation of the IFIP 10.4 Terminology Yves Deswarte LAAS-CNRS Toulouse, France David Powell.
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Introduction to Computer Security
Attributes Availability Reliability Safety Confidentiality Integrity Maintainability Dependability Means Fault Prevention Fault Tolerance Fault Removal.
Basic Security Concepts University of Sunderland CIT304 Harry R Erwin, PhD.
©Ian Sommerville 2000Dependability Slide 1 Chapter 16 Dependability.
1 Software Engineering, 8th edition. Chapter 3 Courtesy: ©Ian Sommerville 2006 Sep 16, 2008 Lecture # 3 Critical Systems.
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
EEC 688/788 Secure and Dependable Computing Lecture 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CS 395: Topics in Computer Security
Software Dependability
CS 450/650 Fundamentals of Integrated Computer Security
Security Engineering.
Chapter 19: Building Systems with Assurance
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
IoTSec Taxonomy Proposal
Dependable Computing: Concepts, Challenges, Directions
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
Overview Dependability: "[..] the trustworthiness of a computing system which allows reliance to be justifiably placed on the service it delivers [..]"
Information system analysis and design
Presentation transcript:

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

2 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Outline Dependability concepts Security in computing systems –Security in Computing, Third Edition By Charles P. Pfleeger, Shari Lawrence Pfleeger –Security in Computing, 4th Edition is also available

3 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao What Do We Mean by Dependability* Dependability: –Def1: Ability to deliver service that can justifiably be trusted –Def2: Ability to avoid service failures that are more frequent or more severe than is acceptable When service failures are more frequent or more severe than acceptable, we say there is a dependability failure *This and the rest of the slides are based on: A. Avizienis, J.C. Laprie, B. Randell, C. Landwehr: ‘Basic Concepts and Taxonomy of Dependable and Secure Computing’, IEEE Trans. on Dependable and Secure Computing, vol. 1, no. 1, Jan-March 2004, pp.11-33; and based on Dr. Laprie’s keynote speak slides on COMSAC 2004

4 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability Related Terminology A system is an entity that interacts with other entities, i.e., other systems, including hardware, software, humans, and the physical world with its natural phenomena These other systems are the environment of the given system The system boundary is the common frontier between the system and its environment

5 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability Related Terminology Service delivered by a system: its behavior as it is perceived by its user or users User: another system that interacts with the former Function of a system: what the system is intended to do (Functional) Specification: description of the system function Correct service: when the delivered service implements the system function

6 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability Related Terminology Service failure: event that occurs when the delivered service deviates from correct service, either –because the system does not comply with the specification, –or because the specification did not adequately describe its function Part of system state that may cause a subsequent service failure: error Adjudged or hypothesized cause of an error: fault Failure modes: the ways in which a system can fail, ranked according to failure severities

7 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao It is not included in some def for dependability

8 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao The Threats to Dependability and Security: Failures, Errors, Faults

9 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability and its Attributes Original definitions of dependability: ability to deliver service that can justifiably be trusted –Aimed at generalizing availability, reliability, safety, confidentiality, integrity, maintainability, that are then attributes of dependability –Focus on trust, i.e. accepted dependence –=> Dependence of system A on system B is the extent to which system A’s dependability is (or would be) affected by that of system B

10 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability and its Attributes Alternate definition of dependability: ability to avoid service failures that are more frequent or more severe than is acceptable –A system can, and usually does, fail. Is it however still dependable? When does it become undependable? –This def defines the criterion for deciding whether or not, in spite of service failures, a system is still to be regarded as dependable –Dependability failure <= fault(s)

11 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability and Security Tree

12 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Dependability vs. High Confidence vs. Survivability vs. Trustworthiness

13 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao

14 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao

15 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao

16 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao

17 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Non-Malicious Faults

18 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Malicious Faults: Statistics from SEI/CERT

19 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Global Information Security Survey 2003 — Ernst & Young

20 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Global Information Security Survey 2004 — Ernst & Young Non-malicious fault: 370 (76%) Malicious fault: 115 (24%) Note: what’s shown here is the number of occurrence, not the damage done

21 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao

22 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao

23 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Security in Computing Systems Security in computing systems = protecting valuable computer-related asset Computer-related asset (valuable components): –Hardware, software, and data Means to achieve security –Protecting programs –Protecting operating systems –Protecting networks

24 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Principle of Easiest Penetration An intruder may use any available means of penetration –The penetration may not necessarily be by the most obvious means –Nor is it the one against which the most solid defense has been installed

25 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Principle of Easiest Penetration This principle implies that –Computer security specialists must consider all possible means of penetration –The penetration analysis must be done repeatedly, and especially whenever the system and its security changes –Strengthening one aspect of a system may simply make another means of penetration more appealing to intruders

26 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Threats, Vulnerabilities, and Controls A threat to a computing system is a set of circumstances that has the potential to cause loss or harm A vulnerability is a weakness in the security system –For instance, a particular system may be vulnerable to unauthorized data manipulation because the system does not verify a user's identity before allowing data access How do we address these problems? We use a control as a protective measure –A control is an action, device, procedure, or technique that removes or reduces a vulnerability –A threat is blocked by control of a vulnerability

27 Spring 2007EEC693: Secure & Dependable ComputingWenbing Zhao Threats, Vulnerabilities, and Controls

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.