Cmpe 471Computer Crime: Techniques
and Countermeasures
Preventing Computer Crime
• Proper employee relations– careful supervision of employees’ state of mind– take note of unusual personal problems– beware if the employee radiates negative energy
about the systems, peers and the company in general– try to solve the problem before it becomes a physical
attack– take measures to prevent unauthorised access to
information assets
• Take physical measures for piggybacking– Guard– physical gates– outsourced external security company– proper guard back-up procedures– prevent more than one person to enter: man-
trap: Kuzey Kampus, GarantiB headquarters
Preventing Computer Crime
• Preventing logical piggybacking– Unattended terminals or PCs are the portals for logical
piggybacking
– configurable time-out function
– automatic branching to a security screen
– user-configurable screen lay-out for re-authentication
– integration with a security database
– automatic return to the previous (interrupted) state
– apply biometrics
Preventing Computer Crime
• Controls Against Program Threats– Software development
• the design• writing• testing
– Programming Controls– Description of the programming task
• individual task that requires independent thought• programs are very individualistic• programmers are solitary people who enjoy working alone• programming is an art only understood by programmers
Preventing Computer Crime
• Controls Against Program Threats
– None of these arguments hold true!!!
– The basic principles of software engineering are• division of labour
• reuse of code
• use of standard pre-constructed software tools
• organised activity
– Peer reviews: code and design
– modularity, encapsulation and information hiding
Preventing Computer Crime
• Controls Against Program Threats– Writing code in small self-contained units:
modules• advantages for program development and security• a module can be isolated from the negative effects
of other models with which it interacts: encapsulation
– Information hiding:• other modules know that a module performs a
certain task, but not know how it performs that task
Preventing Computer Crime
• Controls Against Program Threats– Modularity:
• Unity: performs one purpose• Smallness: consists of an amount of information of which a person can readily
grasp both structure and content• Simplicity: low degree of complexity so that a person can readily understand
the purpose and structure of the module• Independence: performs a task isolated from other modules• maintenance: a module can be replaced with a revised one• understandability: small modules are easier to understand • reuse• correctness: an error can be found and corrected easily• testing: a single module with well-defined inputs, output, function can be tested
without effecting other modules
Preventing Computer Crime
• Controls Against Program Threats– From a standpoint of security, programmers
and analysts must be able to understand each module as an independent unit and be assured of its limited effect on other modules
– Proper modularity leads to modules that have minimal interaction with other modules
Preventing Computer Crime
Encapsulation
Tight coupling Independent, loosely coupledmodules
Information hiding
Access to all parts of module
Method, data hidden
Configuration Management• A person or system controls and records all changes
to a program or documentation• change control board
– judges the desirability and correctness of all proposed changes
• to guard against loss of a version of a program• to manage the parallel development of several
similar versions of one program• to provide facilities for controlled sharing of
modules that combine to form one system
Configuration Management
• Security advantages:– protects against unintentional threats– guard against malicious ones– protects integrity of programs and
documentation
Proofs of Program Correctness
• A security specialist wants to make sure that a given program computes a particular result and computes it correctly.
• Program correctness proofs are hindered by several factors:– depends on the programmer to translate
program’s statements into logical implications- translation is prone to errors
Proofs of Program Correctness
– Deriving the correctness proof from the initial assertions and the implications of statements is difficult; less appropriate for large programs
– the current state of program verification is well-developed than code production; consistent and successful application to large production systems is a challenge.
Process Improvement• Development stages:
– system requirements design
– software requirements analysis
– preliminary design
– detailed design
– coding and unit testing
– component integration and testing
– subsystem integration and testing
– system integration and testing
Process Improvement• Each of these phases has the following
requirements:– software development management: planning,
organisation, reviews
– software engineering: development, decomposition, adherence to standards for coding and language
– formal qualification testing
– software product evaluation
– configuration management
Capability Maturity Model
• Software Engineering Institute (SEI) grants CMM levels from 1 to 5, 5 being the highest standard– Initial– Repeatable– Defined– Managed– Optimising
Administrative Controls
• Standards of program development
• Enforcing program development standards– security audits– segregation of duties