We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16
Computer
Security
Dr.-Ing. Morice Daudi
13/11/2024 RESEARCH GROUP: INTELLIGENT SYSTEMS 1 Key Security Concepts Vulnerabilities and Attacks System resource vulnerabilities may Be corrupted (loss of integrity) Become leaky (loss of confidentiality) Become unavailable (loss of availability) Attacks are threats carried out and may be Passive Active Insider Outsider Countermeasures Means used to deal with security attacks Detect Prevent Recover May result in new vulnerabilities Goal is to minimize risk given constraints Threat Consequences Unauthorized disclosure Exposure: Sensitive data is directly released to an unauthorized entity. Interception: An unauthorized entity directly accesses sensitive data in transit. Inference: an unauthorized entity indirectly accesses sensitive data by reasoning from characteristics or byproducts of communications. Intrusion: An unauthorized entity circumvents system's security protections. Deception Masquerade: An unauthorized entity poses as an authorized entity. Falsification: False data deceives an authorized entity. Repudiation: An entity deceives another by falsely denying responsibility for an act. Threat Consequences Disruption Incapacitation: Prevent/interrupt system operation by disabling a system component Corruption: adversely modifying system functions or data Obstruction: interrupts delivery of system services by hindering system operation. Usurpation Misappropriation: unauthorized logical or physical control of a system resource. Misuse: Causes system to perform a function or service detrimental to security. Network Security Attacks Classify as passive or active Passive attacks are eavesdropping Release of message contents Traffic analysis Note: Are hard to detect, therefore, one must aim to prevent Active attacks modify/fake data Masquerade Replay Modification Denial of service Note: Are hard to prevent, one must aim to detect Security Functional Requirements Technical measures: Access control; identification & authentication System & communication protection; system & information integrity Management controls and procedures Awareness & training; audit & accountability; certification, accreditation, & security assessments; Contingency planning; physical & environmental protection; planning; personnel security; risk assessment; systems & services acquisition User Authentication User Authentication Fundamental security building block Basis of access control & user accountability Is the process of verifying an identity claimed by or for a system entity Has two steps: Identification - specify identifier Verification - bind entity (person) and identifier Means of User Authentication Four means of authenticating user's identity
Bases on something the individual
Knows - e.g. password, PIN
Possesses - e.g. key, token, smartcard
Is (static biometrics) - e.g. fingerprint, retina
Does (dynamic biometrics) - e.g. voice, sign
Can be used alone or combined
Password Authentication Something Individual Knows Widely used user authentication method User provides name/login and password System compares password with that saved for specified login Authenticates ID of user logging and That the user is authorized to access system Determines the user’s privileges Used in discretionary access control Password Vulnerabilities Offline dictionary attack Specific account attack Popular password attack Password guessing against single user Workstation hijacking Exploiting user mistakes Exploiting multiple password use Electronic monitoring Token Authentication Something an individual Possesses Object user possesses to authenticate, e.g. Embossed Card Magnetic Stripe Card Memory Card Smartcard Memory Card Store but do not process data Magnetic stripe card, e.G. Bank card Electronic memory card Used alone for physical access With password/PIN for computer use Drawbacks of memory cards include: Need special reader Loss of token issues User dissatisfaction Is (Biometric Authentication) Something an individual Is Authenticate user based on one of their physical characteristics
Lightweight Cryptography for Security and Privacy Third International Workshop LightSec 2014 Istanbul Turkey September 1 2 2014 Revised Selected Papers 1st Edition Thomas Eisenbarth instant download