What are the three fundamental questions in cybersecurity?
- What assets do we need to protect?
- How are those assets threatened?
- What can we do to counter those threats?
Threat Model
Structured way of identifying potential threats, vulnerabilities and risks to a system
Privacy
Individuals control what infromation rtelated to them may be collected, stored and who can access it.
What is the NIST definition of computer security?
The protection afforded to an automated information system to preserve confidentiality, integrity and availability of its resources.
What is the CIA Triad in cybersecurity?
Confidentiality: Ensuring information is not disclosed to unauthorized individuals; Ensure privacy
Integrity: Ensuring data/system isn’t modified or destroyed by unauthorized individuals
Availability: Ensuring timely access to data and services
What are the two additional security concepts beyond the CIA Triad?
Authenticity: Ensuring genuinity and trustworthiness, ability to verify
Accountability: Tracing actions back to responsible entity
Authenticitity: Confidence in validity of message or message originator
Define vulnerability, threat and attack
Vulnerability: Weakness in a system (Flaw in design, implementation or management that can be exploited)
Threat: A potential for security violation, causing harm
Attack: Deliberate action to breach security by exploiting vulnerability
Define Risk
Probability of a threat exploiting a vulnerability (Rare - almost certain)
AND
Impact it would have on system (insig. - catostrophic)
Helps determine what to fix first.
Expectation of loss
6 Computer Security Challenges
Computers n’ security, I miss u
- Procedures often counterintuitive
- Not as simple as appears (multiple algorithms or protocols)
- Attackers only need to find a single weaknesses (developers must find all!)
- Good Security is Invisible
- Requires constant monitoring
- Impediment to efficient and user-friendly operation
What are the two types of attacks?
Passive: Eavesdropping system without altering resources
Active: Attempt to modify or disrupt the system
What is a countermeasure?
Action or device that reduces vulnerability, threat or attack by eliminating it, preventing it or minimizng the harm it can cause
** Prevent Detect Recover**
May introduce new vulnerabilties or residuals remain
Security Policy
Set of rules and practices that speicfy how a system or org. provides security services
Ex: Strong passwords and their expiration
What are the 4 major threat consequences? (UDDU)
- Unauthorized Disclosure: Breaching confidentiality (interception)
- Deception: Tampering with integrity (masquerade, falsification)
- Disruption: Affecting availability or integrity (incapacitation)
- Usurpation: Gaining unauthorized control (misappropriation, misuse)
Unauthorized Disclosures (4)
Threat Consequances
The IEEE discloses stuff! Well switch that around to EIII
- Exposure (deliberate or error)
- Interception (unauthorized access to data)
- Inference (traffic analysis to get detailed information)
- Intrusion (unauthorized access to sensitive data)
CONFIDENTIALITY
Deceptions (3)
Threat Consequances
“Make false reasons!”
- Masquerade (trojan horse)
- Falsification (alter or replace valid data, introduce false data)
- Repudiation (I didn’t do it)
INTEGRITY
Disruptions (3)
Threat Consequances
“I can’t operate!”
- Incapacitation (destroy or damage system hardware) availability
- Corruption (unauthorized modification) Integrity
- Obstruction (overload system to interfere with communications) availability
AVAILABILITY, INTEGRITY, AVAILABILITY
Usurpations (2)
Threat Consequances
mm
- Misappropriation (enity takes control of system resource)
- Misuse (Make system component perform damaging function or service)
Integrity
Attack Surface
Set of all reachable and exploitable vulnerabilities in a system
Open ports, firewall, APIs, SQL queries, web forms
4 main types of Active Attacks
- Masquerade
- Replay
- Modification of messages
- Denial of Service
Passive attack example and category of countermeasure we should emphasize
eavesdropping/monitoring of transmissions
prevention, because it is difficult to detect
3 Main Attack Surface Categories
Network
Software
Human
Attack Tree
A hierarchical diagram representing possible attack methods, used for analyzing vulnerabilities and improving defenses.
used for attack surface analysis
13 Security Design Principles
Eric, focus closely on security, like lions in prairies, even more like leopards
- Economy of mechanism
- Fail-safe default
- Complete mediation
- Open design
- Separation of privileges
- Least privilege
- Least common mechanism
- Isolation
- Psychological accapetability
- Encapsulation
- Modularity
- Layering
- Least Astonishment
Economy of mechanism
Security Design Principles
Security mechanisms should be as simple as possible to reduce errors and vulnerabilities.
