![Page 1: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/1.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-1
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 2: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/2.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-2
Basic Components (Goals)
• Confidentiality– Keeping data and resources hidden
• Integrity– Data integrity (integrity)– Origin integrity (authentication)
• Availability– Enabling access to data and resources
![Page 3: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/3.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-3
Additional Goals
• Authentication– Correctly identifying the source
• Non-repudiation– Being able to prove the source of an utterance
to a third party
![Page 4: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/4.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-4
Terms• Exposure
– Possible form of loss• Vulnerability
– Possible mechanism by which loss can occur• Threat
– Circumstance or event that could cause loss• Attack
– Attempt to exploit vulnerability• Control
– Mechanism to mitigate exposures
![Page 5: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/5.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-5
Overall Process• Identify and Classify Assets
– What are we protecting? How are they important?• Identify Exposures and Threats
– What would be bad? How could it happen?• Identify Vulnerabilities and Threat Sources
– Who or what could cause loss, and how?• Determine Policies and Controls
– What should be allowed and what disallowed?– How will the policies be enforced
• Implement and Monitor– Deploy controls and use them, gain experience to update p.r.n.
![Page 6: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/6.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-6
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 7: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/7.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-7
Classes of Threats
• Disclosure– Snooping
• Deception– Modification, spoofing, repudiation of origin, denial of
receipt• Disruption
– Modification• Usurpation
– Modification, spoofing, delay, denial of service
![Page 8: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/8.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-8
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 9: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/9.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-9
Policies and Mechanisms
• Policy says what is, and is not, allowed– This defines “security” for the site/system/etc.
• Mechanisms enforce policies• Composition of policies
– If policies conflict, discrepancies may create security vulnerabilities
![Page 10: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/10.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-10
“Goals” of Security (Control Approaches)
• Prevention– Prevent attackers from violating security policy
• Detection– Detect attackers’ violation of security policy
• Recovery– Stop attack, assess and repair damage– Continue to function correctly even if attack
succeeds
![Page 11: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/11.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-11
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 12: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/12.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-12
Trust and Assumptions
• Underlie all aspects of security• Policies
– Unambiguously partition system states– Correctly capture security requirements
• Mechanisms– Assumed to enforce policy– Support mechanisms work correctly
![Page 13: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/13.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-13
Types of Mechanisms
secure precise broad
set of reachable states set of secure states
![Page 14: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/14.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-14
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 15: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/15.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-15
Assurance
• Confidence that system will perform in a predictable way
• Generally, intent is that it will perform correctly!
![Page 16: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/16.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-16
Achieving Assurance
• Specification– Requirements analysis– Statement of desired functionality
• Design– How system will meet specification
• Implementation– Programs/systems that carry out design
![Page 17: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/17.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-17
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 18: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/18.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-18
Operational Issues
• Cost-Benefit Analysis– Is it cheaper to prevent or recover?
• Risk Analysis– Should we protect something?– How much should we protect this thing?
• Laws and Customs– Are desired security measures illegal?– Will people do them?
![Page 19: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/19.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-19
Chapter 1: Introduction
• Components of computer security• Threats• Policies and mechanisms• The role of trust• Assurance• Operational Issues• Human Issues
![Page 20: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/20.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-20
Human Issues
• Organizational Problems– Power and responsibility– Financial benefits
• People problems– Outsiders and insiders– Social engineering
![Page 21: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/21.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-21
Tying Together
Threats
PolicySpecification
Design
Implementation
Operation
![Page 22: July 1, 2004Computer Security: Art and Science 2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies](https://reader036.vdocuments.us/reader036/viewer/2022062600/5a4d1bc07f8b9ab0599d2c77/html5/thumbnails/22.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-22
Key Points
• Policy defines security, and mechanisms enforce security– Confidentiality– Integrity– Availability
• Trust and knowing assumptions• Importance of assurance• The human factor