Intro to Security
Terms in this set (65)
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information.
Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information.
Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system.
The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator.
The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
Adversary (threat agent)
An entity that attacks, or is a threat to, a system.
An assault on system security that derives from an intelligent threat; a deliberate attempt to evade security services and violate security policy of a system.
An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering andreporting it so that corrective action can be taken.
An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.
A set of rules and practices that specify how a system or org provides security services to protect sensitive and critical system resources.
System Resource (Asset)
Data; a service provided by a system; a system capability; an item of system equipment; a facility that houses system operations and equipment.
A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.
Flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.
so that it does the wrong thing or gives wrong answers. e.g. data stored may be different from what it should be because it has been improperly modified.
e.g. someone who should not have access to some or all of the information available through the network obtains such access.
or very slow. e.g. using the system / network impossible.
are capable of exploiting those vulnerabilities, which represent a potential security harm to an asset.
is a threat that is carried out. We can distinguish two type of attacks.
attempts to alter system resources or affect their operation
attempts to learn or make use of information from the system but does not affect system resources
Initiated by an entity inside the security perimeter (an "insider)
Initiated from outside the perimeter, by an unauthorized or illegitimate user of the system (an "outsider").
is a threat to confidentiality.
Sensitive data is directly released to an unauthorized entity.
An unauthorized entity directly accesses sensitive data in transit.
an unauthorized entity indirectly accesses sensitive data by reasoning from characteristics or byproducts of communications.
An unauthorized entity circumvents system's security protections.
is a threat to either system integrity or data integrity:
An unauthorized entity poses as an authorized entity.
False data deceives an authorized entity.
An entity deceives another by falsely denying responsibility for an act.
is a threat to availability or system integrity.
Prevent/interrupt system operation by disabling a system component
adversely modifying system functions or data
interrupts delivery of system services by hindering system operation.
is a threat to system integrity.
unauthorized logical or physical control of a system resource.
Causes system to perform a function or service detrimental to security.
are eavesdropping on, or monitoring of, transmissions to obtain information that is being transmitted. Two types of passive attacks are:
release of message contents
opponent learns contents of sensitive transmissions
can occur even when contents of messages are masked, e.g using encryption, but an opponent can still observe the pattern of messages and determine location and identity of communicating hosts, frequency and length of messages being exchanged, and hence guess nature of communications.
are very difficult to detect because they do not involve any alteration of the data. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, emphasis is on prevention rather than detection.
involve modification of data stream or creation of false data:
when one entity pretends to be another.
passive capture of data and subsequent retransmission.
modification of messages
a legitimate message is altered, delayed or reordered.
denial of service
prevents or inhibits the normal use or management of communications facilities, or the disruption of an entire network
Any action that compromises the security of information owned by an organization. cf. network security attacks slide earlier
A mechanism that is designed to detect, prevent, or recover from a security attack. cf. functional requirements from previous slide or Table 1.6 in text.
A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. cf CIA security concepts earlier, or Table 1.5 in text.
A step taken by a user or process in order to achieve a result
A computer or network logical entity or physical entity
An action directed at a target that is intended to result in a change of state, or status, of the target
A means of exploiting a computer or network vulnerability
A weakness in a system allowing unauthorized action
An unauthorized consequence of an event
A series of steps taken by an attacker to achieve an unauthorized result
An individual who attempts one or more attacks in order to achieve an objective
The purpose or end goal of an incident
a group of attacks that can be distinguished from other attacks because of the distinctiveness of the attackers, attacks, objectives, sites, and timing
What is the security scheme supposed to do? A security policy is an informal description of desired system behavior. In developing a security policy, a security manager needs to consider the context, in terms of: value of the assets being protected; vulnerabilities of the system; potential threats and the likelihood of attacks. Further, the manager must consider the following tradeoffs between "Ease of use versus security" and "Cost of security versus cost of failure and recovery".
How does it do it? Security implementation involves four complementary courses of action: prevention (ideal security scheme is when no attack is successful. Not practical in all cases, is a reasonable goal), detection (when practical to detect security attacks), response (to halt the attack and prevent further damage), recovery (from attack consequences, such as using a backup system).
Does it really work? Have the concepts of assurance and evaluation.
as the degree of confidence one has that the security measures, both technical and operational, work as intended to protect the system and the information it processes.
is the process of examining a computer product or system with respect to certain criteria. Evaluation involves testing, and may also involve formal analytic or mathematical techniques.