security policy

Download Report

Transcript security policy

Lecture 1: Introduction
CS 336/536: Computer Network Security
Fall 2014
Nitesh Saxena
Today’s informative/fun bit -Botnet
4/2/2017
Lecture 1 - Introduction
2
Outline
• Administrative Stuff
• Introductory Technical Stuff
4/2/2017
Lecture 1 - Introduction
3
Some Important Pointers
• Instructor: Nitesh Saxena
–
–
–
–
Office: CH 133
Email: [email protected] (best way to reach me!)
Phone No: 205-975-3432
Office Hours: Thursdays 2-3pm (or by appointment)
• Course Web Page (also accessible through my web-page)
http://www.cis.uab.edu/saxena/teaching/csx36-netsec-f14/
• TA
– Abhishek Anand - [email protected] (responsible for labs and
grading)
– Office hrs: Tuesdays and Thursdays 3:15-4:15pm
• Canvas: http://www.uab.edu/online/canvas
4/2/2017
Lecture 1 - Introduction
4
Labs
• Sessions
– 10:10am-12:00noon Fridays, or
– 2:30-4:20pm Fridays
• Both in CH 137A
• Please make sure to attend only the lab you
registered for
• We will not start the labs until the next 2-3 weeks.
• More instructions on labs will follow
4/2/2017
Lecture 1 - Introduction
5
About the Instructor
• Associate Professor, CIS
• PhD graduate from UC Irvine
• Previously an Assistant Professor at the
Polytechnic Institute of New York University
• Research in computer and network security,
and applied cryptography
• Web page: http://cis.uab.edu/saxena
4/2/2017
Lecture 1 - Introduction
6
Prerequisites
• The official prerequisites for the course is:
– Internetworking with TCP/IP (CS 334/534 or
equivalent)
– A minimum grade of C is required in the
prerequisite course
• At a higher level, the course requires the
students to have good mathematical
background, programming knowledge, and
familiarity with networking
4/2/2017
Lecture 1 - Introduction
7
What to expect
•
The course would be quite involved
– Good amount of math
– Some programming (Labs and hands-on exercises)
– Tight workload
•
The grading will be curved
– I would love to give A’s but I won’t mind giving F’s when deserved 
•
I might/will make mistakes
– Please point them out
– Talk to me if you have any complaints (or send me an anonymous email )
•
I guarantee that
–
–
–
–
–
•
I will encourage you to do your best
You’ll have fun
I’ll help you learn as much as I can – don’t hesitate to ask for help whenever needed
Although you won’t become experts, you will learn enough to move on!
You’ll hopefully get motivated to pursue research in this area, ultimately
This class is not
– Going to be an easy substitute for something
– About “hacking”
– For light-hearted
4/2/2017
Lecture 1 - Introduction
8
What I expect of you
•
•
•
•
•
•
•
Please do attend lectures and labs
Review lecture slides after each lecture
Solve text book exercises as you read through the chapters
Ask questions in the class
Ask questions over email
Attend office hours
Try to start early on labs and homework assignments
– Don’t wait until the very last minute!
• Follow the instructions and submit assignments on time
4/2/2017
Lecture 1 - Introduction
9
Course References
• No mandatory textbook
• Lecture slides are your primary reference
• Recommended text:
• Network Security Essentials, 5th edition, by Willam Stallings.
Available for purchase, for example, on Amazon
http://www.amazon.com/Network-Security-EssentialsApplications-Standards/dp/0133370437
• Handbook of Applied Cryptography – Alfred Menezes, Paul
van Oorschot, Scott Vanstone. Free online copy
http://www.cacr.math.uwaterloo.ca/hac/
• Wikipedia can be a good reference at times (but use
carefully)
• Other references to be provided as we proceed
4/2/2017
Lecture 1 - Introduction
10
Grading
• 50% - Homework Assignments
– Combination of conceptual problems and lab
exercises
• 25% - 1 Midterm Exam
• 25% - 1 Final Exam
4/2/2017
Lecture 1 - Introduction
11
Policies Against Cheating or Misconduct
• You are not allowed to collaborate with any other student, in
any form, while doing your homeworks, unless stated
otherwise; perpetrators will at least fail the course or
disciplinary action may be taken
• No collaboration of any form is allowed on exams
• You can definitely refer to online materials and other
textbooks; but whenever you do, you should cite so in your
homeworks. This is a rule of thumb.
• Also check: https://www.uab.edu/students/academics/honorcode
4/2/2017
Lecture 1 - Introduction
12
Late Homework Policy
• None – no late homeworks are allowed
• Either you submit on time and your
homework will be graded OR you submit late
and the homework is NOT graded
• You should stick to deadlines
• Exception will be made ONLY under genuine
circumstances
4/2/2017
Lecture 1 - Introduction
13
Tentative Course Schedule
• Cryptography (Ch 2, 3 4; Stallings)
– Application to Email Security
•
•
•
•
•
•
Network Attacks
Transport Layer Security – SSL/TLS (Ch 6)
Network Layer Security – IPSec (Ch 9)
Wireless Security (Ch 7)
Anonymity
Miscellaneous Topics
4/2/2017
Lecture 1 - Introduction
14
Travel
• Usually conference and invited talks travel
• Usually no class the week of travel
• However, this will not affect our overall course schedule and
topic coverage (perhaps a guest lecturer will cover on my
behalf)
• Information about any travel will be provided as it becomes
available
4/2/2017
Lecture 1 - Introduction
15
Instructions
• HW submissions
– Name your files “Lastname_Firstname_HW#”
– Submit it via Canvas
• Please make sure that you have correctly submitted/uploaded the files
(simply “saving” them may not be sufficient)
– PDF format only
• Check the course web-site regularly
– I am posting lecture slides and homeworks there
• Check your UAB email regularly
– I am sending out announcements there
• e.g., when I post homeworks
• Only use your UAB email to communicate with me and the
TA/grader
• NO EXCUSES for not following instructions
4/2/2017
Lecture 1 Introduction
16
Bird’s eye view
Network CRYPTO
Security
This CourseTHIS
COURSE
17
Computer
Security
Computer and Network Security: Why is it
important?
• The numbers speak for themselves.
Primary motivation
– CERT Statistics
for the course!
• Our computer systems are quite vulnerable
– Poor design or after the fact design
– Lack of awareness and education
– Weak threat model and under-estimation of
attacker capabilities
– Buggy software
4/2/2017
Lecture 1 - Introduction
18
Threats, Vulnerabilities and Attacks
• A threat to a system is any potential occurrence,
malicious or otherwise, that can have an adverse
effect on the assets and resources associated
with the system
• A vulnerability of a system is some characteristic
that makes it possible for a threat to occur
• An attack on a system is some action that
involves exploitation of some vulnerability in
order to cause an existing threat to occur
4/2/2017
Lecture 1 - Introduction
19
Types of Threats
• Can be classified into four broad categories
– Disclosure - unauthorized access to information
– Deception - acceptance of false data
– Disruption - interruption or prevention of correct
operation
– Usurpation - unauthorized control of some part
of a system
• Examples include – snooping, sniffing,
spoofing, delaying, denial of service,
malware, theft of computational resources…
4/2/2017
Lecture 1 - Introduction
20
Network Stack
Phishing attacks, password issues
people
email, Web, telnet
application
RPC
session
TCP
transport
network
data link
physical
IP
Spoofing email addresses,
eavesdropping application layer data
RPC worms, portmapper exploits
SYN flooding, sequence number prediction
IP smurfing and other
address spoofing attacks
Ethernet, 802.11
WEP attacks
RF
Jamming
21
Primary Issues
• Confidentiality: prevention of unauthorized
disclosure of information
• Integrity: prevention of unauthorized
modification of information
• Availability: ability to withstand unauthorized
withholding of information or resources
4/2/2017
Lecture 1 - Introduction
22
Network Attacks
passive attacks:
Reveals what Bob is saying to Alice
An MIT Technology Report in 1979 used “Alice” and “Bob.”
It became a tradition.
23
Reveals the fact that Bob is talking to Alice
Passive attacks very difficult to detect – focus on prevention
24
Active attacks:
25
26
27
Active attacks are more powerful
28
How does Darth execute ome of
these active attacks?
29
IP source address spoofing –easy to do
30
Simple replay will not work with TCP
31
Relatively hard to do in TCP
32
TCP connection hijacking
33
“SYN FLOODING” – easy to do in TCP
SYN Flooding – easy to do in TCP
34
Computer Security – Evolving
Definitions
• Security – freedom from risk and danger
• In early days of computers security meant
physical security and confidentiality
• Integrity and access control then became
important with multi-tasking computers
• In recent years availability is a big issue
• Now security is hard to define!!
4/2/2017
Lecture 1 - Introduction
35
Computer Security Definitions
• Security is the ability of a system to protect
information and system resources with respect to
confidentiality, integrity, and availability
• Computer Security deals with the prevention and
detection of unauthorized actions by users of a
computer system
• Computer security is preventing attackers from
achieving objectives through unauthorized access
or unauthorized use of computers and networks
4/2/2017
Lecture 1 - Introduction
36
Computer Security – Informal
Definitions
• Cheswik and Bellovin – “keeping anyone from
doing things you do not want them to do,
with, on, or from your computers or any
peripheral devices”
• Garfinkel and Spafford - “A computer is secure
if you can depend on it and its software to
behave as you expect … This concept is often
called trust; you trust the system to preserve
and protect your data”
4/2/2017
Lecture 1 - Introduction
37
Computer Security – other issues
• There are other issues that arise in the
design of secure systems besides
confidentiality, availability and integrity:
– Accountability
– Reliability
– Access Control
– Authentication
– Non-repudiation
– Privacy and anonymity
4/2/2017
Lecture 1 - Introduction
38
Policy and Mechanism
• A security policy is a statement of what is, and
is not, allowed
– Expressed mathematically
– List of allowed and disallowed actions
• A security mechanism is a procedure, tool, or
method of enforcing security policy
4/2/2017
Lecture 1 - Introduction
39
Security Policy
• A security policy is a set of rules stating which actions are
permitted and and which are not
• Can be informal or highly mathematical
• If we consider a computer system to be a finite state
automaton with state transitions then
– A security policy is a statement that partitions the states of a system
into a set of authorized or secure states and a set of unauthorized or
non-secure states
– A secure system is a system that starts in an authorized state and
cannot enter an unauthorized state
– A breach of security occurs when a system enters an unauthorized
state
• We expect a trusted system to enforce the required security
policies
4/2/2017
Lecture 1 - Introduction
40
Elements of a Security Policy
• A security policy considers all relevant aspects
of confidentiality, integrity and availability
– Confidentiality policy: Identifies information
leakage and controls information flow
– Integrity Policy: Identifies authorized ways in
which information may be altered. Enforces
separation of duties
– Availability policy: Describes what services must
be provided: example – a browser may download
pages but no Java applets
4/2/2017
Lecture 1 - Introduction
41
UAB Data Protection and
Security Policy
• http://www.uab.edu/handbook/f-policiesprocedures/f-data-protection
4/2/2017
Lecture 1 - Introduction
42
Security Mechanism
• A security mechanism is a procedure that
enforces some part of a security policy
• We will learn many network security
mechanisms
4/2/2017
Lecture 1 - Introduction
43
Goals of Security Mechanism
• Given a policy that specifies what is “secure” and
what is “non-secure” goal of security is to put in
place mechanisms that provide:
– Prevention
• Involves implementing mechanisms that users cannot
override and are trusted to be implemented in correct and
unalterable ways
– Detection
• Goal is to determine that an attack is underway, or has
occurred and report it
– Recovery
• Resuming correct operation either after an attack or even
while an attack is underway
4/2/2017
Lecture 1 - Introduction
44
Principles of Computer Security
At which layer(s) of the computer system
should a security mechanism be placed?
Applications
Services
OS
OS Kernel
Hardware
Principles of Network Security
At which layer(s) of the network protocol stack
should a security mechanism be placed?
Application
Session
Transport
Network
Data Link
Physical
Trust
• Security policies and mechanisms are based on
assumptions and one trusts that these
assumptions hold.
• Aspirin from drugstore is considered trustworthy.
The basis of this trust is:
– Testing and certification by FDA.
– Manufacturing standard of company and regulatory
mechanisms that ensure it.
– Safety seal on the bottle.
• Similarly, for a secure system to achieve trust,
specific steps need to be taken.
4/2/2017
Lecture 1 - Introduction
47
Trust
• Trusting the mechanism requires us to
assume:
– Each mechanism designed to implement part of
policy
– Union of mechanisms implement all aspects of
policy
– Implemented correctly
– Installed and administered correctly
4/2/2017
Lecture 1 - Introduction
48
Operational Issues in Security
•
•
•
•
Risk Analysis or Assessment
Cost-Benefit Analysis
Laws and Regulations
Human Issues: usability
4/2/2017
Lecture 1 - Introduction
49
Security Life Cycle
Threats
Policy
Specification
Design
Implementation
Operation and Maintenance
4/2/2017
Lecture 1 - Introduction
50
Some Questions
- I access internet via your wireless access
point: this is an example of ------?
- If voting is performed over the Internet, what
might be violated?
- I use an open smtp server to send an email
using your email address: I -----ed you?
- My photos are residing on Facebook’s server:
what do I trust?
- Is skype conversation secure?
4/2/2017
Lecture 1 - Introduction
51
Some Questions
• University policy disallows cheating – copying another students homework
assignment. Student A has her homework file world readable. Student B
copies it. Has B violated the policy?
• You do not make your age public on Facebook. An attacker can however
infer your age from the ages of your friends. What has been violated?
• Eve jams the wireless signal in the CS: what does she achieve?
• INS officials identify immigrants using their fingerprints: what is the
primary assumption in play?
• US law allows sharing copyright movies using for example BitTorrent: true
or false?
• Alice is dead. Could Alice’s mother get access to her late daughter’s
emails residing on yahoo’s server? See:
http://www.cnn.com/2009/TECH/05/18/death.online/index.html
4/2/2017
Lecture 1 - Introduction
52
Further Reading
• Must read “What is There to Worry About? An
Introduction to the Computer Security
Problem” by Brinkley and Schell
• Optional read “Concepts and Terminology for
Computer Security” by Brinkley and Schell
4/2/2017
53