cs461/ece422 — computer security i — spring 2012
TRANSCRIPT
IntroductionCS461/ECE422 — Computer Security I — Spring 2012
Nikita Borisov — UIUC 2
What is Computer Security?
Computing in the presence of an adversary
Adversary (threat agent)An entity that attacks, or is a threat to, a system.
AttackAn assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.[source: RFC 2828]
2012-01-17
Nikita Borisov — UIUC 3
More definitions
Security Services Prevent “bad” things from happening Mechanism
Security Policies Define what is “bad” and what is “good” Policy
2012-01-17
Nikita Borisov — UIUC 4
New Perspective
Area Usual perspective Security perspective
Reliability Random failures Deliberate failures
Usability User confusion User deception
Programming languages (memory safety)
Crashes Entrance vector
Software engineering (bugs)
Software quality Attack vectors
2012-01-17
Nikita Borisov — UIUC 5
Holistic Perspective
Security only as good as weakest link
Must understand all parts of the system O/S Networking Devices Physical security People
We will cover some of these topics2012-01-17
Nikita Borisov — UIUC 6
Exercise
Task: log into online bank account to transfer funds
What are the vulnerabilities?
2012-01-17
Nikita Borisov — UIUC
Computer Security Concepts Confidentiality
Keeping data and resources hidden Privacy
Integrity Data integrity (integrity) Origin integrity (authentication)
Availability Enabling access to data and resources
2012-01-17Slide #1-7
Nikita Borisov — UIUC 8
A couple more security concepts• Authenticity• Property of being genuine. Can be
verified and trusted• Accountability • Actions of an entity can be traced
uniquely to that entity• Nonrepudiation or “you can’t escape
your past”.
2012-01-17
Nikita Borisov — UIUC
Threat Terms
Threat – Set of circumstances that has the potential to cause loss or harm. Or a potential violation of security.
Vulnerability – Weakness in the system that could be exploited to cause loss or harm
Attack – When an entity exploits a vulnerability on system
Control or Countermeasure – A means to prevent a vulnerability from being exploited
Slide #1-92012-01-17
Nikita Borisov — UIUC 10
Concept Diagram
Security entails: Identifying assets Identifying
vulnerabilities Designing
countermeasures Assessing risk
[Figure 1.2 from Stallings & Brown]2012-01-17
Nikita Borisov — UIUC
Example
Slide #1-112012-01-17
Nikita Borisov — UIUC
Classes of Threats
Disclosure – Unauthorized access to information
Deception – Acceptance of false data Disruption – Interruption or
prevention of correct operation Usurpation – Unauthorized control of
some part of a system
Slide #1-122012-01-17
Nikita Borisov — UIUC
Some common threats
Snooping or interception Unauthorized interception of information
Falsification Unauthorized change of information
Masquerading or spoofing An impersonation of one entity by
another Repudiation
A false denial that an entity received some information.
Slide #1-132012-01-17
Nikita Borisov — UIUC
Defining Security
Policy A statement of what is and what is not
allowed Divides the world into secure and non-
secure states A secure system starts in a secure state.
All transitions keep it in a secure state. Mechanism or Implementation
A method, tool, or procedure for enforcing a security policy
Prevent, detect, response, or recovery Slide #1-142012-01-17
Nikita Borisov — UIUC
Is this situation secure?
Web server accepts all connections No authentication required Self-registration Connected to the Internet
Slide #1-152012-01-17
Nikita Borisov — UIUC
Trust and Assumptions
Locks prevent unwanted physical access. What are the assumptions this
statement builds on?
Slide #1-162012-01-17
Nikita Borisov — UIUC
Policy Assumptions
Policy correctly divides world into secure and insecure states.
Mechanisms prevent transition from secure to insecure states.
Slide #1-172012-01-17
Nikita Borisov — UIUC
Another Policy Example
Bank officers may move money between accounts.
Any flawed assumptions here?
Slide #1-182012-01-17
Nikita Borisov — UIUC
Assurance
Evidence of how much to trust a system
Evidence can include System specifications Design Implementation
Slide #1-192012-01-17
Nikita Borisov — UIUC
Aspirin Assurance Example
Why do you trust Aspirin from a major manufacturer? FDA certifies the aspirin recipe Factory follows manufacturing standards Safety seals on bottles
Analogy to software assurance
Slide #1-202012-01-17
Nikita Borisov — UIUC
Key Points
Must look at the big picture when securing a system
Main components of security Confidentiality Integrity Availability
Differentiating Threats, Vulnerabilities, Attacks and Controls
Policy vs mechanism Assurance
Slide #1-212012-01-17
Nikita Borisov — UIUC
Administrivia
Staff Nikita Borisov, instructor Qiyan Wang, TA
Communications Class web page
http://www.cs.illinois.edu/class/sp12/cs461
Newsgroupclass.sp12.cs461
More to come next classSlide
#1-222012-01-17
Nikita Borisov — UIUC 23
Two lectures / week Each lecture:
Starts 8am sharp i-Clicker review questions 5-minute break halfway through
Active learning exercises ~1 per week Help keep you awake! Bring pen, paper
Class Format
2012-01-17
Nikita Borisov — UIUC
Grading
Midterm: 20% Final: 40% Homework: 15%
Every 1-2 weeks Security analysis: 15%
See next slide Participation: 10% Extra project worth 20% for grad
students taking for 4 credits
Slide #1-242012-01-17
Nikita Borisov — UIUC 25
Security is all around
Last few days of Slashdot
2012-01-17
Nikita Borisov — UIUC 26
Your tasks
Analyze a current event Report what happened Describe threats, vulnerabilities, assets,
and risks involved Identify lessons
Analyze an existing system Perhaps one you encounter in daily life▪ Pictures are great
Describe threats, vulnerabilities, assets, and risks involved
2012-01-17
Nikita Borisov — UIUC 27
Analysis Requirements
Total requirements: 3 in a semester At least one current event and one
existing system Due Feb 14, Mar 13, Apr 17
May be done in groups 1-3 students per group
Posted in forum TBA
2012-01-17
Nikita Borisov — UIUC 28
Participation Requirements
i-Clicker participation Comments / questions in class, on
newsgroup Discussion of security analyses
100% participation not required for 100% of grade
2012-01-17
Nikita Borisov — UIUC
A Few Words on Class Integrity Review department and university
cheating and honor codes: https://agora.cs.illinois.edu/display/under
gradProg/Honor+Code http://admin.illinois.edu/policy/code/artic
le1_part4_1-402.html This has been an issue in the past Expectations for exams, homeworks,
projects, and papers
Slide #1-292012-01-17
Nikita Borisov — UIUC
Class Readings
Main text: Computer Security: Principles and
Practice by William Stallings and Lawrie Brown
Additional readings provided via compass or public links
Books on reserve at the library
Slide #1-302012-01-17
Nikita Borisov — UIUC
Security Classes at UIUC
Three introductory courses Computer Security I (CS461/ECE422)▪ Covers NSA 4011 security professional requirements▪ Taught every semester (mostly)
Computer Security II (CS463/ECE424)▪ Continues in greater depth on more advanced security
topics▪ Taught every 1-2 semesters
Applied Computer Security Lab (CS460/ECE419)▪ With CS461 covers NSA 4013 system administrator
requirements Two of the three courses will satisfy the
Security Specialization in the CS track for Computer Science majors.
Slide #1-312012-01-17
Nikita Borisov — UIUC
More Security Classes at UIUC Cryptography
Theoretical foundations (Prabhakaran) Applied cryptography (Prabahkaran &
Borisov) Number theory (Blahut)
Security Reading Group CS591RHC Advanced Computer Security CS563 Local talks
http://www.iti.illinois.edu/content/seminars-and-events
ITI Security Roadmap http://www.iti.illinois.edu/content/security
Slide #1-322012-01-17