Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416.

Published byNelson Roberts Modified over 7 years ago

Similar presentations

Presentation on theme: "Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416."— Presentation transcript:

1 Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416

2 Information Flow Model Example: Bell-LaPadula – Prevent flow from high to low security

3 Covert Channels 1=FileA is locked 0=FileA is not locked Countermeasures – Common Criteria EAL6 has formally verified the absence of covert channels.

4 Noninterference Model If a lower-level entity is aware of activity at a higher level Inference attack = Information leaking attack – Observe executives from Staples and Home Depot meeting? Merger affecting stock prices!

5 Lattice Models Table 4-1 on page 381

6 Brewer and Nash Model Chinese Wall Figure 4-25 on page 384

7 Graham-Denning Model Details for 8 primitive rights on page 384

8 Dedicated Security Mode All users have clearance for and need-to-know for all data processed in the system Many military systems can handle only one level of security

9 System High-Security Mode All users have high security mode but may not have need-to-know for all data

10 Compartmented Security Mode All user have security clearance May not have need-to-know May not have formal access approval

11 Multilevel Security Mode System has various security levels – Example: Bell-LaPadula User also must have need-to-know and formal approval

12 Guards Software and hardware protections for flow of information between low-assurance and high- assurance systems

13 Trust and Assurance Trust level – how much protection to expect out of a system Assurance – the system will act correctly and predictably in each and every situation, more in depth Orange book – different levels of evaluation of assurance

14 Orange Book U.S. Department of Defense Division D: Minimal protection Division C: Discretionary Protection C1: Discretionary Security Protection – Same security level C2: Controlled Access Protection – Authentication and Authorization – Auditing – Memory erased after use

15 Orange Book Division B: Mandatory Protection B1: Labeled Security – Objects- Classification Labels – Subject – Clearance Labels

16 Orange Book B2: Structured Protection – Security policy defined and documented – Design and implementation reviewed and tested – No covert channels – Trusted path for authentication and authorization – Higher level of assurance

17 Orange Book B3 – Security Domains – Design and implementation of security code must not be too complex so can be tested – For highly secure environment that processes sensitive information – Highly resistant to penetration

18 Orange Book Division A – Verified Protection A1 – Verified Design – More assurance than B3 because formally (mathematically) designed and verified

19 Red Book Framework for network security Encryption and protocols Communication integrity – Authentication, message integrity, non- repudiation Denial of Service protection Data Flow protection – Confidentiality, Traffic-flow confidentiality

20 ITSEC European Functionality: F1 to F10 – Evaluation of the functionality of security protection mechanisms Assurance: E0 to E6 – Correctness and effectiveness

21 Common Criteria ISO global standard EAL – Evaluation Assurance Level Page 402 EAL1 – Functionally tested EAL2 – Structurally tested EAL3 – Methodically tested and checked

22 Common Criteria EAL4 – Methodically designed, tested, and reviewed EAL5 – Semiformally designed and tested EAL6 – Semiformally verified design and tested EAL7 – Formally verified design and tested

23 Common Criteria Allows consumers to compare products

24 Certification vs Accreditation Certification – Technical evaluation of a security component Accreditation – Formal acceptance of system and risk

25 Open vs Closed System Open – built upon standards, protocols, specifications that are published. – Windows, Linux, Mac – More security tools – More attacks Closed – Proprietary, communicates only with like systems – Security through obscurity

26 Bugs “Carnegie Mellon University estimates that there are 5 to15 bugs in every 1,000 lines of code. Windows 2008 has 40-60 million lines of code.” The rich functionality demanded by users brings about deep complexity, which usually opens the doors to vulnerabilities.

27 Maintenance Hook Backdoor for developers Countermeasures – Host intrusion detection system to watch for hackers using a backdoor – File system encryption

28 TOC/TOU Time –of-check/Time-of-use OS validates access to file/ User changes file to point to Password file/ User accesses the file Race Condition

Download ppt "Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416."

Similar presentations

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
Effective Design of Trusted Information Systems Luděk Novák,

Effective Design of Trusted Information Systems Luděk Novák,
Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.

Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.
Access Control Methodologies

Access Control Methodologies
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
Security Models and Architecture

Security Models and Architecture
Secure Operating Systems Lesson 0x11h: Systems Assurance.

Secure Operating Systems Lesson 0x11h: Systems Assurance.
Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.

Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.
1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.

1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.
Security Controls – What Works

Security Controls – What Works
COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.

1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Similar presentations

Ads by Google