New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Information Security Fundament

by: Adonis Nader

Information Security Fundament IT 223

Marketplace > George Mason University > Information technology > IT 223 > Information Security Fundament
Adonis Nader
GPA 3.61

Raymond Curts

Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Raymond Curts
Class Notes
25 ?




Popular in Course

Popular in Information technology

This 56 page Class Notes was uploaded by Adonis Nader on Monday September 28, 2015. The Class Notes belongs to IT 223 at George Mason University taught by Raymond Curts in Fall. Since its upload, it has received 32 views. For similar materials see /class/215220/it-223-george-mason-university in Information technology at George Mason University.

Popular in Information technology


Reviews for Information Security Fundament


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/28/15
INFORMATION SECURITY NOTES FINAL Michael R Overly Esq CISSP moverlyfoleylawcom Modified by Jane E Murley CISSP MCSE GSEC murle star owernet CBK 1 Operations Security A Types 1 Preventive Designed to lower amount and impact of unintentional errors entering the system and to prevent unauthorized intruders from internally or externally accessing the system actions to reduce risk Data validation prenumbered forms and review for duplications 2 Detective Identify and react to security violations Track unauthorized transactions and lessen errors by detecting quickly 3 Corrective React to an attack and take corrective action Data recovery 4 Recovery Restore the operating state to normal after an attack or system failure B Orange Book Trusted Computer Security Evaluation Criteria Two types of assurance 1 Operational Assurance 1 System architecture 2 system integrity 3 covert channel analysis 4 trusted facility management 5 trusted recovery a Trusted facility management assignment of specific individual to administer security of system Separation of duties don t have system administrator and security administrator as same person In highly secure systems have three administrative roles system administrator security administrator and enhanced operator function Twoman control means each reviews and approves the work ofthe other Dual control requires both operators to complete a task Rotation ofduties Mandatory one week vacations b Trusted recovery ensures security is not breached when system crashes or has other failures Required only for B3 and A1 levels in Orange Book XXXXXXXXXXA XXXXXXXXXXA c Common Criteria for recovery i Manual Recovery System administrator intervention to return system to secure state after failure ii Automated Recovery Recovery to secure state is automatic when resolving single failure intervention for other failures iii Automated Recovery without Undue Loss 2 Live cycle assurance Controls needed for building and maintaining system Con guration management monitors and protects changes to a system s resources Security testing 1 security testing 2 design specification and testing 3 con guration management 4 trusted distribution a Con guration change management covers entire lifecycle of systemsoftware Required only for BZ B3 and A1 Five procedures i Applying to introduce a change ii Cataloging the change iii Scheduling the change iv Implementing the change v Reporting the change to appropriate parties b Trusted distribution procedures to ensure that all ofthe TCB con guration items such as the TCB software rmware hardware and updates distributed to a customer site arrive exactly as intended by the vendor without any alterations Media security controls Logging access control and proper disposal Sanitization includes ovenNriting degaussing and destruction Media viability controls marking handling storage Problem management goals 1 Reduce failures to a manageable level 2 Prevent occurrence or reoccurrence ofa problem 3 Mitigate negative impact of problems lnitial Program Load lPL vulnerabilities Three general reboot categories after failure or crash 1 System reboot 2 System cold start 3 Emergency system restart Security Issues Fail Secure CC Software Piracy Media disposal 1 2 3 4 Dumpster diving 5 Data Remanence residual data remaining on media after erasure 6 Fraud countermeasures job rotation separation of duties mandatory vacation ll CBK 2 Security Architecture and Models A 0 quotquot XXXXXXXXXXA OS components process management IO memory management and system le management Multiprocessing means multiple processors IT Architecture logical functional and technical physical components Closed security environment i application developers have suf cient clearances and authorizations to provide acceptable presumption that they will not introduce malicious logic and ii con guration control provides protection from introduction of malicious logic prior to and during the operation of systems Open security environment does not have the foregoing protections Types of IO Block devices write blocks of data hard disk and character devices not addressable keyboard and printer CPU operating states ready state problem state supervisory state and wait state Programming languages Three types machine 1 GL assembly 2GL and high level 35GL Assembler translates from assembly language to machine language Disassembler translates machine language to assembly Compiler translates highlevel language to machine code Decompiler translates machine language into highlevel language PWN Interpreter translates highlevel language one command at time to machine code Staffing de ne position determine sensitivity of position lling position training hired person Delphi Technique Group does not meet as a whole Individual members submit anonymous comments EltCIltIgtU XXXXXXXXXXA Causes of economic loss 65 errors and omissions Total Quality Management TQM 1 pursuit of complete customer satisfaction 2 continuously improve products and services through 3 the full and active involvement ofthe entire workforce Quality Assurance typically focuses on the quality ofthe endproduct Under TQM QA focuses on assuring quality throughout production and service process Quality Circles are team ofvoluntary employees that get together to discuss quality issues Quality Council is management ISO 9000 addresses quality of system processes not product performance to speci cations Provides baseline for TQM Benchmarking 1 Internal 2 Competitive 3 Industry 4 BestinClass Dynamic RAM DRAM multiphase clock signals and SRAM singlephase clock refresh Programmable Logic Device PLD lC with connections or internal logic gates that can be programmed Memory Real or Primary RAM Secondary hard disk Sequential Memory information must be obtained sequentially searching from the beginning tape CPU States 1 Problem state executing an application 2 Wait state waiting for a speci c event to complete 3 Ready state an application is ready to resume processing 4 Supervisory state executing in privilege mode Pipelining overlaps steps of instructions Scalar processor executes one instruction at a time Multiprogramming multitasking multiprocessing lO memory mapped and isolated Collectively Programmed lO Protection Domain execution and memory space assigned to each process Trusted computer base TCB total combination of protection mechanisms within a system Security perimeter is boundary separating TCB from remainder of system TCB must be tamperproof and noncompromisable 4 AA BB XXXXXXXXXXA Security Kernel is hardware software rmware elements of TCB that implement the reference monitor concept must be isolated from reference monitor Reference monitor is a system component that enforces access controls on an object Reference monitor concept is an abstract machine that mediates all access of subject to objects Must be veri ed correct Security Modes of Operation 1 Dedicated Security Mode Each subject must have clearance for aH information on system and valid need to know for aH information System high Security Mode Each subject must have clearance for aH information on system and valid need to know some ofthe information All users may not have need to know Compartmented Security Mode Each subject must have clearance for most restricted information on system and valid need to know M information Multilevel Mode Some subjects do not have clearance fora information Each subject has a need to know aH information to which they will have access Recovery procedures system should restart in secure mode 1 5 Startup should occur in maintenance mode that permits access only by privileged users from privileged terminals Faulttolerant continues to function despite failure Fail safe system program execution is terminated and system protected from compromise when hardware or software failure occurs Fail soft or resilient system selected noncritical processing is terminated when failure occurs Failover switches to hot backup Assurance degree of confidence in satisfaction of security requirements 1 Evaluation criteria a Trusted Computer Security Evaluation Criteria TCSEC addresses con dentiality not integrity Focuses on security functionality and degree of assurance that functionality works as documented Functionality and assurance requirements are combined in TCSEC ratings Five aspects of security i System security policy ii Marking use of labels for AC iii Identification of individuals iv Accountability mechanisms on the system operational and lifecycle assurance of system s security v Documentation developed and maintained about system security Limited to the OS Orange book D Minimal Protection system tested and failed C Discretionary Protection C1 and C2 B Mandatory Protection B1 B2 and B3 B1 labels for AC B2 addresses covert channels and includes trusted facility management con guration management B3 TCB design directed to minimizing complexity use of security administrator and auditing con guration management A Verified protection A1 A1 con guration management b Trusted Network Interpretation TNI addresses con dentiality and integrity Red book 0 European Information Technology Security Evaluation Criteria ITSEC Addresses confidentiality integrity and availability Focuses on functionality and assurance Two levels for each system F for functionality F1 F10 and E for European Assurance E0 E6 E6 is highest F1 is comparable to C1 of Orange Book Target of Evaluation TOE is product or system to be evaluated Functionality and assurance are evaluated independently under ITSEC Compare TCSEC which combines functionality and assurances into a single set of classes d TCSEC ITSEC and the Canadian Trusted Computer Product Evaluation Criteria CTCPEC have evolved into one evaluation criteria Common Criteria CC Certification Establish extent in which a particular design and implementation meets the set of specified security requirements XXXXXXXXXXA XXXXXXXXXXA DD EE Accreditation Formal declaration by Designated Approving Authority that system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk 1 2 Defense Information Technology Security Certi cation and Accreditation Process DITSCAP Phase 1 de nition phase 2 verification phase 3 validation phase 4 post accreditation National Assurance Certification and Accreditation Process NIACAP Information Security Models Access control integrity and information ow 1 Access Control Model Four methods a Access Matrix Columns are ACLs and rows are capability lists Includes DAC Capability list used to implement capabilities which identi es the object and speci es the access rights to be allowed to the subject who possesses the capability b TakeGrant Model c BellLa Padula Model Only addresses con dentiality not integrity or availability A Trusted Subject can violate the property Does not address clientserver model Secure state can have three properties i Simple Security Property ss Property reading info by a subject at a lower sensitivity level from an object at a higher sensitivity level is not permitted no read up ii The star Security Property writing info by subject at higher level of sensitivity to an object at lower sensitivity is not permitted no write down iii Discretionary Security Property Uses an access matrix to specify DAC Integrity Model a Biba Integrity Model similarto BellLa Padula b CIarkV lson Integrity Model Two elements well formed transaction and separation of duties Information Flow Model each object and subject is assigned security class and value info is constrained to ow in directions that are permitted by the security policy III CBK 3 Business A Continuity Planning and Disaster Recovery Planning Business Continuity Planning BCP Plans and framework to ensure business can continue in an emergency Minimize cost associated with disruptive event and mitigate risk Foreign Corrupt Practices Act of 1977 imposes civil and criminal penalties if publicly held companies fail to maintain adequate controls over their info syste ms Four elements of BCP process 1 Scope and Plan Initiation a Creating a detailed account of the work required b Listing the resources to be used 0 Defining the management practices to be employed d Defining goals established to keep everyone on track and ensure that the efforts pay off in the end 2 Business Impact Assessment BIA a Identify what impact a disruptive event would have on the business Impact may be nancial quantitative or operational qualitative b BIA has three goals criticality prioritization maximum tolerable downtime estimation resource requirements 0 Must identify which business units are critical to continuing acceptable level of operations d Steps include i Gather the needed assessment materials ii Performing the vulnerability assessment involves conducting a loss impact analysis Two elements financial assessment quantitative and operational assessment qualitative Identify critical support areas that are required to sustain continuity of business iii Analyzing the information compiled iv Documenting the results and presenting recommendations 3 Business Continuity Plan Development a Document all costs with alternatives XXXXXXXXXXA XXXXXXXXXXA b Address ve categories business recovery facility and supply user technicaloperational and data 4 Plan Approval and Implementation a Senior management must approve plan b Test plan 0 Regularly review plan and update Disaster Recovery Planning DRP 1 Quickly recovering from an emergency with minimum of impact on business 2 Plan of action for before during and after a disruptive event 3 Primary objective capability to move critical processes to an alternate site and return to the primary site and normal processing within a time frame that minimizing loss to the organization Number one priority is people 4 Plan from top down 5 Two steps in DRP planning process a Data processing continuity planning i Mutual aid agreements An arrangement with another company that may have similar computing needs similar hardware or software con gurations and may require the same network data communications ii Subscription services a Hot site a fully con gured computer facility with electrical power heating ventilation and air conditioning HVAC and functioning fileprint servers and workstations b Warm site computer facility available with electrical power heating ventilation and air conditioning HVAC limited leprint servers and workstations 0 Cold site computer facility available with electrical power heating ventilation and air conditioning HVAC no computer hardware iii Multiple centers Processing is spread over several operations centers creating a distributed approach to redundancy and sharing of available resources iv Service bureaus Use service bureau to fully provide all alternate backup processing services XXXXXXXXXXA v Other data center alternatives For example transaction redundancy implementations d Electronic Vaulting transfer of backup data to an offsite location Done batch over telecom lines to alternate location e Remote Journaling parallel processing of transactions to an alternate site Telecom line transmits live data as it occurs f Database Shadowing uses the live processing of remote journaling but creates even more redundancy by duplicating the database sets to multiple servers b Data recovery plan maintenance Keeping plan up to date Disaster Recovery Plan Testing ve types of testing don t disrupt normal business functions Testing is used to nd weaknesses in plan 1 2 3 Checklist copies of plan are distributed for management to review Structure walk through business unit management meets to review plan Simulation Support personnel meet in a practice execution session no actual recovery process performed Parallel critical systems run at an alternate site results compared with actual production results FullInterruption normal production shut down with real disaster recovery processes Recovery process 1 3 4 Recovery team Get prede ned critical business functions operating at the alternate backup processing site Salvage Team Return the primary site to normal processing environmental conditions Normal operations resume least critical work done rst Other recovery issues Contingency Planning Provides alternatives for those chance events that could impact normal operations Two essentials for contingency planning information backup and management commitment lncludes three parts emergency response recovery and resumption Hierarchical Storage Management HSM Software that dynamically manages storage and retrieval ofelectronic information from storage media that varies in speed and cost G Six resource categories that support critical business functions human resources processing capability computerbased services automated applications and data physical infrastructure and documents IV CBK 4 Security Management Practices A Primam Concepts CIA opposite is DAD destruction alteration and disclosure 1 Confidentiality information classi cation 2 Integrity Three principles to establish integrity controls i granting access on needtoknow basis ii separation ofduties and iii rotation of duties Firewalls IDS Types of integrity a Modi cations made by unauthorized personnel or processes b Unauthorized modi cations by authorized personnel or processes c Internal and external consistency 3 Availability fault tolerance backups B Secondam Concepts 1 Identification means by which users identify themselves to the system 2 Authentication testing or reconciliation of evidence of user s identity 3 Accountability System ability to determine actions of user within the system and to identify the user Audit trails must be protected and log files 4 Authorization rights and permissions granted to a user or process ACL 5 Privacy Level of con dentiality and privacy protection of a user C Audit trails user accountability reconstruction of events intrusion detection and problem analysis Audit records keystroke monitoringlogging and eventoriented logs Protect integrity by requiring digital signatures to access set up as write once Use software for rapid analysis D Security Awareness Training Awareness Light what recognition information training deeper how skill knowledge and education deepest why understanding insight E Most important question to ask in evaluating access control security is to ask how much it is going to cost to not protect the valuable information F Risk Management RM Prime objective of security controls is to reduce effects of threats and vulnerabilities to a level that is tolerable ie mitigate risk Risk Analysis RA A risk is a potential harm or loss to a system the probability that a threat will materialize 1 Identifying risks a Actual threat XXXXXXXXXXA b c d Possible consequences ifthreat is realized Probable frequency of occurrence of threat Con dence threat will happen 2 Key Terms a XXXXXXXXXXA Asset resource process product system etc Value is composed of cost of creation development license support replacement public credibility considered costs lost lP if disclosed and ownership values Threat Any event that causes undesirable impact on organization Data classi cation info warfare personnel criminal application operational Vulnerability Absence of safeguard constitutes vulnerability Risk Management tn39ple Asset threat and vulnerability Safeguard control or countermeasure to reduce risk associated with a threat i Absence of safeguard creates a vulnerability ii Look at costbenefit analysis of deploying safeguard iii lnclude impact on organization ofimplementing safeguard iv Safeguard must include ability to audit v Value to organization of safeguard ALE before implementation ALE after implementation Annualized safeguard cost vi During or after activation or reset no asset destruction no covert channel access to or through control no security loss or increase in exposure and defaults to state that does not enable any operator access or rights until controls fully operational Exposure Factor EF Percentage loss a realized threat would have on an asset Hardware failure on critical system may result in 100 loss Single Loss Expectancy SLE Loss from a single threat SLE Asset Value x EF G XXXXXXXXXXA g Annualized Rate of Occurrence ARO estimated frequency in which a threat is expected to occur Range from 0 never to a large number minor threats such as misspellings h Annualized Loss Expectancy ALE ALE SLE x ARO Elements of RA a Quantitative RA Assigns objective dollar cost b Qualitative RA intangible values of data loss and other issues that are not pure hard costs results are usually expressed in terms ofordinal ranking c Asset Valuation Process d Safeguard Selection RA Steps a Identify Assets Estimate potential losses to assets by determining their values b Identify Threats Analyze potential threats to assets if asset has no vulnerabilities there are no threats and no loss c Calculate risk Define ALE Remedies Risk reduction risk transference transferring cost of loss to another party ie insurance company and Risk acceptance Information Classi cation 1 Prevent unauthorized disclosure and failure of con dentiality Demonstrates due diligence identifies most sensitive info regulatory compliance etc SBU Sensitive but unclassi ed Lattice model Every resource and user is associated with one ofan ordered set of classes Resources of a particular class may only be accessed by those whose associated class is as high or higher than that ofthe resource BellLa Padula Model Orange Book most common model a De nes relationships between objects and subjects b Relationships are described in terms of subject s assigned level of access or privilege security clearance and the object s level of sensitivity security classi cation c Enforces lattice principle which speci es that subjects are allowed write access to objects at the same or higher level as the subject read 13 access to objects at the same or lower level and readwrite access to only those objects at the same level as the subject d Example of MAC 4 DOD unclassified confidential secret top secret 5 Classi cation Criteria Value Age Useful Life and Personally Identifiable 6 Procedures a ldentify administratorcustodian b Specify classi cation criteria c Classify by owner d Specify exceptions to classi cation policy e Specify controls for each classification level f Specify procedures for declassifying or transferring custody to another entity g Enterprise awareness program re classification controls 7 Roles Owner of cer or manager Custodian daytoday responsibility for data protection IT person and end user uses info as part ofjob Policies senior management regulatory advisory informative Standards use of specific technologies in uniform way Guidelines recommend actions but are not compulsory Procedures steps to perform a speci c task in compliance with a mandatory standard V CBK 5 Access Control Systems A XXXXXXXXXXA Definition Set of procedures performed by hardware software and administrators to monitor access identify users requesting access record access attempts and grant or deny access based on preestablished rules ACL register of1 users who have been given permission to use an object and 2 the types of access they have been permitted Controls Can be used to mitigate risks Controls can relate to subjects entities or individuals active entity or objects files systems or other resources passive entities Controls can be preventive detective or corrective These can be implemented by XXXXXXXXXXA Administrative controls policies and procedures disaster recovery plans awareness training security reviews and audits background checks review of vacation history separation ofduties and job rotation Logical or technical controls Restrict access to systems and the protection of information Encryption smart cards antivirus software audit trails log les ACLs biometrics and transmission protocols Kerberos lPSec Physical controls guards and building security biometric access restrictions protection of cables le backups Constrained User Interface menus and shells database views and physically constrained user interfaces limited number of buttons ATM machine Three types of access rules 1 Mandatom access control MAC Authorization of subject s access to an object depends on labels sensitivity levels which indicate subject s clearance and the classi cation or sensitivity ofthe object a Every Object is assigned a sensitivity levellabel and only users authorized up to that particular level can access the object b Access depends on rules and not by the identity ofthe subjects or objects alone c Only administrator not owners may change category of a resource Orange book Blevel d Output is labeled as to sensitivity level e Unlike permission bits or ACLs labels cannot ordinarily be changed f Can t copy a labeled file into another le with a different label g Rule based AC Discretionary Access Control DAC Subject has authority within certain limits to specify what objects can be accessible eg use ofACL a Userdirected means a user has discretion b Identitybased means discretionary access control is based on the subjects identity c Very common in commercial context because of exibility d Orange book C level e Relies on object owner to control access f Identity Based AC H XXXXXXXXXXA 3 NonDiscretionarv Access Control Central authority determines what subjects can have access to certain objects based on organization s security policy a May be based on individual s role in the organization RoleBased or the subject s responsibilities or duties taskbased Checksum Have checksum of program files to see ifthey have been altered Only should change when updates are installed Use to nd changes made by Superzap Intrusion Detection Systems IDS 1 Monitors network traf c or to monitor host audit logs to detect violations of security policy Detects attacks by two major mechanisms signature based ID knowledgebased or a statistical anomalybased ID Behavior based Two general types a NetworkBased IDS Doesn t consume network or host resources Reviews packets and headers Monitors network traf c in real time Won t detect attacks against a host by a user logged in at the host s terminal only the network is monitored b HostBased IDS Reviews system and event logs to detect attack on host Ef cacy is limited by lack of completeness of most host audit log capabilities Resident on centralized hosts Clipping Level setting thresholds on a reported activity Clipping level of three can be set for reporting failed workstation logon attempts Three or fewer won t result in a reported security violation Authentication 1 Identification and authentication are keystones in access control Establishes an identity but does not guarantee authorization Compare authorization which determines whether a user is permitted to perform some action or access a resource Authorization and accountability are two separate processes Three possible factors for authentication a Something you have token key to lock b Something you know username and password c Something you are biometrics Methods ofauthentication user name and password X509 certificate biometrics smart cards anonymous Problems with passwords can repudiate insecure and easily broken Password Management composition length lifetime source ownership distribution storage entry transmission and authentication period 16 XXXXXXXXXXA a Con gure system to use string passwords b Set password time and length limits c Limit unsuccessful logins d Limit concurrent connections e Enable auditing f Use last login dates in banners Cognitive Passwords Factbased cognitive data for user authentication Favorite color movie vegetable Biometrics No common APl Factors enrollment time lt2 min throughput rate 610 subjects per minute and acceptability privacy invasiveness can be used to detect health problems transmission of disease Biometric le sizes range from 910000 bytes Three main performance measurements a False Rejection Rate FRR or Type Error valid subjects rejected Too sensitive too high ofa FRR b False Acceptance Rate FAR or Type II Error of invalid subjects falsely accepted Not sensitive enough too high of a FAR c Crossover Error Rate CER at which FRRFAR System with CER of 2 is more accurate than CER of 5 Twofactor authentication refers to the use oftwo ofthe three factors listed above Static passwords dynamic passwords changes with each login onetime passwords Pass Phrase converted by system into a virtual password Tokens Memory no processing or smart cards May be used to generate static and dynamic passwords Four kinds of smart cards a Static Password Tokens Owner authenticates himselfto the token and token authenticates owner to the system b Synchronous dynamic password token Token generates a new unique password at xed time intervals users enters unique password and username into system system con rms password and username are correct and entered during allowed time interval c Asvnchronous Dvnamic PASSWORD Token same as synchronous except no time dependency XXXXXXXXXXA d ChallengeResponse Token system or workstation generates random number challenge owner enters string into token along with proper PIN token generates a response that is entered into the system Single SignOn SSO Kerberos SESAME KryptoKnight and NetSP can provide 880 Kerberos gt Dog in Greek mythology guarding gates of hell gt Software used in a network to establish user s identity V Uses symmetric key encryption V Userssystems are given tickets that can be used to identify themselves to other systems and secret crypto keys are provisioned for secure communications V Three components Key Distribution Center KDC Authentication Service AS exchange and Ticket granting Service TGS exchange V Single point of potential failure susceptible to replay attacks during allotted time window Four basic steps a KDC knows secret keys ofall clients and servers on network b KDC initially exchanges information with the client and server by using the secret keys c Kerberos authenticates a client to a requested service on a server through the TGS and by issuing temporary symmetric session keys for communications between the client and KDC the server and the KDC and the client and server and d Communication then takes place between client and server using those temporary session keys SESAME Secure European System for Applications in a Multivendor Environment Addresses weaknesses in Kerberos by using public key cryptography for distribution of secret keys KryptoKnight IBM developed provides authentication 880 and key distribution services Rule of Least Privilege Any object user administrator program system should have only the least privileges the object needs to perform its assigned task and no more a AC system grants user only those rights necessary for them to perform their work Example valet key v amp overall key to car b Authorization creep occurs when someone continues to retain access privileges associated with a former position c Users should be reauthorized after each position change 15 Accountability is also important to access control Ability to use log les and other accounting mechanisms to track users and their activities 16 Methods of compensating for access control violations a Backups b RAID c Fault Tolerance d Business Continuity Planning e Insurance 17 Access Control Methodologies Access control can be divided into two categories a Centralized Access Control For dialup users the Remote Authentication Dialin User Service RADIUS is used i Callback can be used in RADIUS beware hackers using call fonNarding ii Challenge Handshake Authentication Protocol CHAP is also used iii For networked applications the Terminal Access Controller Access Control System TACACS employees a user ID and a static password for network access TACACS is unencrypted TACACS uses twofactor authentication b DecentralizedDistributed Access Control Use of databases to control access to information in a decentralized environment VI CBK 6 Telecommunications and Network Security A IDS Not a preventive function 1 Network base usually consist of network appliance with NIC operating in promiscuous mode to intercept packets in real time XXXXXXXXXXA 2 Host Based small programs agents reside on host and monitor OS Write log les and trigger alarms only detects activity on host not the network 3 KnowledgeBased Signature most common system Low false alarms resource intensive continually update knowledge base new or original attacks go unnoticed 4 Behavior Based Statistical anomaly Dynamically adapts to new vulnerabilities high incidence of false alarms B CIRT Computer Incidence Response Team analysis of event noti cation response to incident escalation path resolution and postincident followup Link user support and incident handlinq C RAID Can be implemented in hardware or software Three classi cations of RAID only Failure Resistant Disk Systems FRDS has been implemented Ten levels of RAID RAID level 5 is most popular implementation stripes the data and parity information RAD1 mirroring and RAIDO striping D Port Protection Device Protects port from unauthorized use Uses DES onetime PASSWORD challenge E Redundant servers mirroring versus Server Clustering servers are managed as single system all are online and working F Cabling exceeding effective length is problem 1 Coaxial 50 ohm and 75 ohm Baseband carries only one channel Broadband carries several channels BNC 2 Twisted pair Wires can be shielded STP or unshielded UTP Categories the higher the category the more tightly wound the wire giving greater protection from interference RJ 45 Category 5 is for fast Ethernet of100 Mbps STP used in Token Rings 3 Fiber Optic most resistant to interference SC G LAN Transmission Methods Unicast multicast broadcast H LAN Topologies Bus Ring Star Tree and Mesh I Ethernet 10BaseT is 10Mbps 100BaseT is 100Mbps YPe J Network topologies 20 XXXXXXXXXXA XXXXXXXXXXA 1 Ethernet 2 Token Ring 3 Fiber Distributed Data Interface FDDI token ring passing media with dual rings Trivial File Transfer Protocol tftp use for saving setups and configuring les on routers and other devices no security use only with direct console connection Trusted Network Interpretation TNI Red Book WAN 1 Private Circuit Technologies dedicated line leased line PPP SLIP ISDN DSL 2 Packet Switched technologies X25 Frame Relay fastest WAN protocol no error correction Asynchronous Transfer Mode ATM data travels in fixed sizes called cells Synchronous Data Link Control SDLC mainframe High Level Data Link Control HDLC serial link High Speed Serial Interface HSSI More cost effective than dedicated circuits because they can create virtual circuits where are used as needed 3 Protocols a Highlevel Data Link Control HDLC Layer 2 Uses frames b High Speed Serial Interface HSSI Short distance 50 feet Remote Node Security Protocols 1 Password Authentication Protocol PAP standard auth method password and username sent in the clear and CHAP 2 TACACS TACACS two factor ID and RADIUS provide central db which maintains user lists passwords user profiles that can be accessed by remote access equipment on the network cannot provide twoway authentication 3 Systems are standardsbased meaning they are interoperable with other systems of the same type Data encapsulation is process in which information from one packet is wrapped around or attached to the data ofanother packet In OSI model each layer encapsulates the layer immediately above it Open Systems Interconnect OSI Model from International Standards Organization ISO Layer 7 Application Con dentiality authentication data integrity non repudiation gateways FTP SNMP SMTP DNS TFTP NFS SHTTP Layer 6 Presentation Confidentiality authentication encryption gateways Layer 5 Session NO SECURITY gateways RPC and SQL 21 Layer 4 Transport Con dentiality authentication integrity TCP and UDP SSL SSH2 TLS Layer 3 Network Confidentiality authentication data integrity virtual circuits routers IP and lPSec ARP RARP ICMP Layer 2 Data Link Con dentiality bridges switch HDLC PPTP L2F and L2TP Token ring and Ethernet PPP and SLIP Layer 1 Physical Confidentiality lSDN repeaters hubs Sends and receives bits IEEE 802 and 8022 X21 and HSSl Q DOD or TCPlP Model 1 Application Layer 2 HosttoHost TCP and UDP 3 Internet lP ARP RARP IGMP and ICMP 4 Network Access Link R TCP versus UDP TCP UDP Acknowledged Unacknowledged Sequenced Subsequence Connectionoriented Connectionless Reliable Unreliable High overhead Low overhead faster TCP UDP Application Layer Stream Message HosttoHost Layer Segment Packet Internet Layer Datagram Datagram Network Access Layer Frame Frame S Security Protocols 1 Transport Layer Security Protocol TLS a Can use with Kerberos and with PPP for authentication 2 Secure Shell SSH a Host and user authentication data compression data confidentiality and integrity 22 XXXXXXXXXXA XXXXXXXXXXA 3 Secure Sockets Layer SSL a Clientserver applications communicate securely b Uses session keys for encryption Firewalls Types Basic default should be to deny all traffic unless expressly permitted 1 Packet Filtering screening router Examines source and destination address of packet Can deny access to speci c applications or services based on AOL First generation rewall Operates at network or transport layer Application Level Firewall proxy server application layer gateway Second generation Reduces network performance Circuit level firewall is a variation creates virtual circuit between client and server SOCKS Stateful Inspection Firewall Third generation Packets are captured by an inspection engine Can be used to track connectionless protocols like UDP Dynamic Packet Filtering Firewalls Mostly used for UDP Fourth generation Firewall Architectures Packet ltering routers Screened host systems Uses packet ltering router and a bastion host Provides both network layer packet ltering and application layer proxy services Dual Homed Host Firewalls Single computer with two Nle one connected to trusted network and other connected to Internet or untrusted network Screened Subnet Firewalls Two packet filtering routers and a bastion host Provides DMZ VPN Creates secure communications link using a secret encapsulation method Link is called a secure encrypted channel more accurately an encapsulated tunnel because encryption may or may not be used Protocols 1 Point to point tunneling protocol PPTP Based on PPP Dial in Data link layer Layer 2 transmits over IP networks connection oriented an encryption protocol Layer 2 Tunneling Protocol L2TP Based on PPP and Layer 2 FonNarding L2F Dial in lETF wants L2TP to be standard Data link layer Layer 2 can tunnel through networks that use nonlP protocols has no encryption but can combine with lPSEC for security supports TACACS and RADIUS lPSec Used LAN to LAN Network Layer Layer 3 Limited to IP handles multiple connections at the same time has functionality to authenticate and encrypt needs lnternet Key Exchange IKE to exchange 23 keys cannot use with NAT because needs IP address lPSec devices have two modes a Tunnel mode entire data packet is encrypted and encased in an lPSec packet b Transport mode only the datagram is encrypted not the header W Network requirements NlC transmission medium copper ber wireless N08 and a LAN device to physically connect the computers hub bridge router switch X Repeater Hub concentrator Bridge fonNards data to all other network segments Switch sends data to speci c port where destination MAC address is located Router Y CAN Campus Area Network Z Network Abuse Classes 1 Class A Unauthorized access of restricted resources by circumvention of access controls by legitimate 2 Class B Unauthorized use for nonbusiness purposes 3 Class C Eavesdropping 4 Class D Denial of service or other service interruptions 5 Class E Network Intrusion 6 Class F Probing AA LAN 1 Address Resolution Protocol ARP Resolves 32bit IP address to 48bit Ethernet address 2 Reverse Address Resolution Protocol RARP Ethernet to IP address BB Backup Concepts must physically secure 1 Full backups all files modified or not and removes the archive attribute 2 Incremental backs up only those les that have been modi ed since the previous backup and removes the archive attribute 3 Differential backs up les that have been modi ed since last full backup and does not touch the archive attribute Tape Formats CC Properties DigitalAudio Quarterlnch 8mm Tape Digital Tape DAT Cartridge Linear Tape QIC drives DLT Capacity 4GB12GB 13 GB 20GB 2035GB 24 XXXXXXXXXXA Max transfer 1MBps 15MBps 3MBps 5MBps rate Cost Medium Low Medium High VII CBK 7 Cryptography A Cryptology is cryptography and cryptanalysis 1 Cryptography science ofcodes 2 Cryptanalysis is science of breaking codes B History 1 Hieroglyphs in Egypt gt 4000 years ago 2 Scytale in Sparta 400 BC paper wrapped around rod 3 Caesar cipher 49 BC 4 Alberti s cipher disk Italy in 1459 AD 5 Trithemius in 1518 AD rst book on cryptology amp polyalphabetic ciphers 6 Grieppenstierna Cyphering Machine Sweden in 1786 enter plaintext and get out ciphertext 7 Thomas Jefferson 1790 ciphering device with 26 disks 8 Enigma machine used by Germany during WWII 19331945 9 Japanese Purple Machine 1937 10 IBM led by Dr Feistel 1970 develops Lucifer DES 11 Dif eHellman public key cryptography 1976 12 RSA in 1977 13 IDEA in 1990 to replace DES 14 PGP in 1991 freeware 15 Rijndael announced winner of NIST AES in 2000 C XOR 00 0 01 1 101110 D One time pad is usually implemented as a stream cipher using XOR function E Work function factor estimate oftime needed to break a protective measure F Link encryption individual application of encryption to data on each link of a network G Endtoend encryption encryption of data from source system to end system H Security of cryptosystem should only depend on security of keys not the algorithm XXXXXXXXXXA 25 XXXXXXXXXXA Block code cipher message broken into blocks and each block encrypted separately Blocks of identical plaintext have identical ciphertext Replay and substitution attacks easier DES is block cipher Block chaining parts of previous block are inserted into current block Makes replay and substitution attacks harder Stream cipher message broken into characters or bits and enciphered with a key stream random and independent of message stream XOR generally used XOR key stream and message XOR encrypted output with key stream a second time to decode usually implemented in hardware 1 Strong if1 long period with no repeating 2 functionally complex 3 statistically unpredictable 4 statistically unbiased and 5 key stream not linearly related to key Process of establishing a session key is called key exchange negotiation or distribution Symmetric Key Cryptography private keysecret key Single key shared by sender and receiver Rijindael DES Triple DES Blow sh IDEA RC4 SAFER Strengths 1000 or more times faster than asymmetric PWN Weaknesses key management is a weakness requires secure key distribution not scalable to large numbers of users does not provide authentication and nonrepudiation services Asymmetric Key Cryptography public key 1 Message encrypted with one of keys can be decrypted with other two key pairs private key kept secret and public key made available 2 Based on difficult to solve problems factoring the product of two large primes or discrete logarithm problem 3 RSA Dif eHellman El Gamal Elliptic Curve ECC Digital Signature Standard D88 4 Requires larger keys than symmetric 512 64 1792 112 5 Strengths ef cient key distribution scalable provides con dentiality access control authentication integrity and nonrepudiation services 6 Weaknesses very intense computations slower than symmetric Hybrid Systems 1 Symmetric key for bulk data encryption 2 Asymmetric key for key distribution Terms 26 XXXXXXXXXXA Substitution ciphers shift alphabet or scramble alphabet and substituting characters Transposition cipher position of letters is permuted Polyalphabetic cipher use multiple substitution ciphers with different alphabets to defeat frequency analysis Running key cipher uses text from a source such as a book to encrypt the plaintext key is known to sender and receiver page line and character number One time pad key is a random set of nonrepeating characters and each key bit is used only once each key bit is XORed with message bit to produce ciphertext each key bit is XORed with ciphertext to decrypt Concealment cipher message is hidden in another message every so many words for example Steganography data hidden in picture les least signi cant bits of bitmap image sound les slack space on disks Codes list of codes or phrases and their corresponding code group Machines Hagelin machine combines plaintext with key stream to produce ciphertext rotor machine uses rotors to produce cipher alphabet Japan s Purple and Germany s Enigma DES block cipher symmetric key 56 bit key plus 8 parity bits 16 rounds oftranspositions and substitutions Four Modes a Electronic Code Book ECB 64bit data blocks processed at one time same message and key produce same ciphertext b Cipher Block Chaining CBC first 64bit plaintext block XORed with an initializing vector and processed with key to produce ciphertext which is then XORed with second 64bit plaintext block to produce second ciphertext block etc 0 Cipher Feedback CFB rst 64bit plaintext block is XORed with the keyciphered initialization vectorto produce the ciphertext this ciphertext is encrypted with key and XORed with second 64bit plaintext block to product second ciphertext block etc d Output Feedback OFB similar to CFB except the XORed bits are not a function of either the plaintext ofthe ciphertext initialization vector is used to seed the process IV is DES encrypted and XORed with rst data block to produce rst ciphertext the DES encrypted IV is DES encrypted again for the second block etc 27 XXXXXXXXXXA Double DES block cipher symmetric key 112 bit key no more secure than DES Triple DES block cipher symmetric key 168 bit key different modes a 3 DES encryptions with 3 different keys b Encrypt decrypt encrypt with three different keys 0 Encrypt encrypt encrypt with two different keys rst and third operation use same key d Encrypt decrypt encrypt with two different keys rst and third operation use same key International Data Encryption Algorithm IDEA block cipher symmetric 128bit key 8 rounds of transpositions and substitutions three mathematical functions XOR Addition mod 65536 and Multiplication mod 65537 Rivest Cipher 5 RC5 variable block size symmetric variable key size data dependent rotations variable number of rounds primarily software implementation Advanced Encryption Standard AES Rijndael Block Cipher symmetric variable block and key length 128 192 256 Public Key Cryptography a Uses oneway hash function for message integrity time date stamp b Uses mathematical function that is easier to compute in one direction than in the opposite direction 0 Trap Door OneWay Function i FonNard direction takes seconds while inverse direction can take months to compute ii Inverse is easy if have piece of information trap door iii Public key gives info about the function while the private key gives info about the trap door Secure Message wasymmetric crypto sender encodes message with receiver s public key and receiver decodes with private key confidentiality Open Message wasymmetric crypto sender encodes message with sender s private key and receiver decodes with sender s public key authentication and nonrepudiation 28 50 XXXXXXXXXXA 19 Secure and Signed Message wasymmetric crypto sender encodes message with own private key sender reencodes message with receiver s public key and receiver decodes with own private key and decodes again with sender s public key authentication nonrepudiation and con dentiality 20 RSA Rivest Shamir and Adleman asymmetric factoring large prime integers services encryption key distribution of symmetric keys and digital signatures 512bit and 768bit keys are weak but 1024bit key is moderately secure 21 Elliptical Curve Cryptosystem ECC asymmetric based on mathematical problem of factors that are coordinate pairs that fall on an elliptical curve services encryption key distribution of symmetric keys and digital signatures highest strength per bit of public key systems 22 DiffieHellman rst public key algorithm patent expired in 1997 key exchange algorithm 23 El Gamal asymmetric based on difficulty in calculating discrete logarithms in a nite eld services encryption and digital signatures 24 MerkleHellman Knapsack asymmetric based on subset of sum problem in combinatorics has been broken Time stamps can be used to prevent replay attacks Elliptic curve best bandwidth computation and storage V reless Key escrow Clipper chip with Skipjack algorithm 80 bit key 64 bit block Key split in two and held by to escrows Digital Signature used to detect unauthorized modi cations and authenticate sender provides nonrepudiation private key signs and public key veri es used to authenticate software data images users machines Steps 1 Compute message digest 2 Digest is fed into digital signature algorithm with sender s private key to generate digital signature 3 Message and attached digital signature sent to recipient Digital Signature Algorithm DSA Digital Signature Standard DSS uses secure hash algorithm SHA1 and condenses message to 160 bits Key size 512 to 1024 Hash Function 1 Condenses arbitrary length messages to xed length usually for subsequent signing by a digital signature algorithm 2 Output is message digest Two les cannot have same hash Can t create le from hash 29 AA BB 3 MD5 128 bit digest of input message uses blocks of512 4 rounds of transformation 4 SHA1 by NIST SHA256 SHA384 SHA512 supports AES HAVAL 5 HMAC hashed MAC more secure and more rapid message digest Message Authentication Code MAC used when sender only wants one person to be able to view the hash value the value is encrypted with a symmetric key similar to a CRC weak form of authentication Clustering plaintext message generates identical ciphertext using the same transformation algorithm but with different keys cryptovariables Certificate Authority CA binds public key to person Certi cate revocation list X509 provides format for digital certi cates Privacy Enhanced Email PEM Proposed by IETF to comply with Public Key Cryptography Standards PKCS developed by Microsoft Novell and Sun Uses MD2MD5 for message digest DESCBC or triple DESEDE for text encryption and RSA for digital signature and key distribution certificates based on X509 1 Privacy message integrity authentication and nonrepudiation Pretty Good Privacy PGP message privacy for stored les email le attachments random prime numbers passphrase Privacy integrity identi cation authentication and policy enforcement Symmetric encryption 3DES DES IDEA RSA DSS and Dif eHellman for the symmetric key exchange SHA1 and MD5 for hashing Web of trust instead of CA Attacks on Symmetric Block Ciphers mP FDN 1 Differential Cryptanalysis private key cryptography looks at ciphertext pairs with speci c differences and analyzes the effects of these differences 2 Linear Cryptanalysis uses known plaintext and corresponding ciphertext to generate a linear approximation ofa portion of the key 3 Differential Linear Cryptanalysis combination of both 4 Algebraic Attacks relies on block ciphers displaying high degree of mathematical structure Vlll CBK 8 Applications and Systems Development A XXXXXXXXXXA Software development models 1 Simplistic 2 Waterfall limited to one stage of rework Modified Waterfall phases end on milestones 30 XXXXXXXXXXA 3 Spiral four quadrants requirements objective planning risk analysis a Angular dimension is progress made in completing project b Radial dimension is cumulative cost of project c Using live data is not appropriate Live data may not exercise all functions including out of range and other invalid types Testing should not be done by the programmers Maintenance phase request control change control and release control Con guration Management British Standards Institute 7799 tracking and issue of new versions 1 A con guration item is a component whose state is to be recorded and against which changes are to be progressed 2 Con guration control controls changes to the configuration items and issues versions ofthe items from the software library 3 Two goals 1 ensuring changes to system do not unintentionally or unknowingly effect security and 2 ensuring changes to system are re ected in documentation Software cycle 1 Veri cation evaluate product in development against the speci cation 2 Validation Evaluate against realworld requirements and concepts Software Capability Maturity Model CMM Quality software is a function of the quality of its associated software development and maintenance process level 3 requires ISO 9001 Software Development Life Cycle 1 Project Initiation and Planning Activities Parallel Security Activities Identify user needs Identify security needs Evaluate alternatives Initial risk analysis Selectapprove approach Identify security framework 2 Function Requirements De nition Activities Parallel Security Activities Prepare project plan Insert security areas into project plan Develop functional requirements De ne security requirements Risk analysis amp Contingency Plan 31 9 0 F XXXXXXXXXXA Preliminary test plans Preliminary security test plans Select acquisition strategy Include security requirements in RFPs and contracts Establish formal functional baseline Functional baseline includes security requirements System Design Speci cations Activities Parallel Security Activities Develop detailed design De ne security specifications Update testing goals and plans Update security test plans Establish formal baseline Formal baseline must include security areas Develop and Document Activities Parallel Security Activities Construct from detailed design speci cation Writeprocure and install security related code Perform and evaluate unit tests Perform unit tests Evaluate security code Implement detailed design Include approved security components in formal baseline Acceptance Testing Activities Parallel Security Activities Test system components Test security components Validate system performance Test security in integrated system Perform acceptance test on implemented system Conduct acceptance test Accept system Verify project security Implementation Activities Parallel Security Activities Install system Install security code 32 XXXXXXXXXXA Prepare project manuals Document security controls 7 Operations and Maintenance Support Database manage information from many different sources Database Management System DBMS manages large structured sets of data provides multiple users access security and controls enforces the integrity of the data provides for fault tolerance 1 Models a Hierarchical b Network c Relational database models 0 ii iii W V Vi vii viii W X Xi Three parts 1 data structures called tables or relations 2 Integrity rules on allowable values and value combinations in the tables and 3 operators on the data in the tables Fundamental entity is the relation table or set of columns in table With attributes columns having permissible values specific attribute is key with unique values occurring in instances or tuples rows Cardinality is of rows Degree is columns Primary key is unique identifier in table that points to tuples subset of candidate keys Candidate key is an attribute that is a unique identi er within a given table If attribute in one relation has values that match primary key in another relation this attribute is called a foreign key Security is provided through views Description of the database is called a schema which is defined by the Data Description Language DDL Primary key is chosen from set of candidate keys 33 XXXXXXXXXXA xii A domain ofa relation is the set ofallowable values that an attribute can take on xiii Relational is used for information in text form 2 Graphics video and multimedia are more suited to an ObjectOriented Data Base OODB 3 There is also the hybrid called the objectrelational DB 4 Integrity a Entity integrity primary key is unique and no null keys b Referential integrity foreign key is a primary key in another table and no null foreign keys Object Oriented Systems more reliable and capable of reducing propagation of change errors Dynamic objects are created during program execution 1 Objects are encapsulated only access through messages sent to them to request performance of their desired operations 2 Substitution property objects with compatible operations can be substituted for each other 3 Message is a communication to an object 4 Behavior is the results exhibited by an object on receipt ofa message 5 Class is collection of common objects 6 Method is the code that de nes the actions an object performs in response to a message 7 Inheritance methods from a class are inherited by members of its subclasses 8 Delegation is fonNarding a request from one object to another 9 Polymorphism is objects of many different classes that are related by some common superclass thus any object denoted by this name is able to respond to some common set ofoperations in a different way 10 Polyinstantiation is development ofa new version ofan object from another object replacing variables with other values a For example relational database the name ofa military unit may be classified in the database and may have an ID as the primary key If another user at a lower classi cation level attempts to create a con dential entry for another unit using the same id as a primary key a rejection ofthe attempt would inferto the lower level userthe same ID exists at a higher classi cation b To avoid inference systems will allow same id for lower class and the DBMS would manage to permit same primary key fortwo different units 34 XXXXXXXXXXA c Prevents inference violations Jargon 1 Open Database Connectivity ODBC 2 Object Link and Embedding DB OLE DB 3 ActiveX Data Objects ADO 4 Java Database Connectivity JDBC 5 Distributed Component Object Model DCOM Objects can be made available to users through Object Request Brokers ORBs ORBs are middleware because they reside between two other entities establishes clientserver relationship between objects Common Object Request Broker Architecture CORBA defines standard that enables programs written in different languages and using different platforms and operating systems to interface and communicate Arti cial Intelligence AI 1 Expert Systems acts like a human expert Builds knowledge base in the form of IfThen statements ofthe domain to be addressed in the form of rules and an inference mechanism to determine if the rules have been satisfied by system input Inference engine knowledge base expert system Fuzzy logic used to address uncertainty Neural Networks Neurons signals are exchanged among neurons through electrical pulses traveling along an axon Electrical pulse arrives at a neuron at points called synapses Output Input1Weight1 Input2Weight2 Summation of inputs with dynamic weights assigned to them One summing node is called a singlelayer network Multiple summing nodes is a multi layer network Training develops the weights Database security issues 1 Granularity ofthe access to objects in DB refers to neness with which access can be controlled or limited Aggregation is act ofobtaining info ofa higher sensitivity and combining it with lower levels of sensitivity Inference is ability of users to infer or deduce info about data at sensitivity levels for which they do not have access A link that enables an inference to occur is called an inference channel DBMS Controls 1 2 Atomicity either all changes take effect or none Consistency a transaction is allowed only if it follows owner or system de ned integrity constraints 35 XXXXXXXXXXA Isolation the results ofa transaction are not visible until the transaction is complete Durability the results of a complete transaction are permanent Concurrency controls ensure that two users cannot simultaneously change the same data Knowledge Discovery in Databases KDD a method of identifying valid and useful patterns in data a Probabilistic approach based on probability and data interdependencies b Statistical approach based on data relationships c Classification approach based on grouping data according to similarities d Deviation and Trend Analysis uses ltering techniques to detect patterns e Neural Networks organizes data into nodes that are arranged in layers links between nodes have speci c weighting classi cations f Expert system approach uses knowledge base and algorithms andor rules that infer new facts from knowledge and incoming data g Hybrid approach combines two or more approaches Data Warehouse and mining 1 2 Data warehouse is a repository of info from heterogeneous databases Objective is to nd relationships that were unknown up until now among data in warehouse called data mining Correlations or data about data is called metadata Metadata not stored in data warehouse instead stored in a highly protected data mart Data warehouse and mining can be applied to audit logs and other info to find system anomalies Data Dictionary database for developers records all the data structures used in an application Accreditation Formal acceptance of security adequacy authorization for operation and acceptance of existing risk Certification Formal testing of security safeguards Operational assurance veri cation system is operating to its security requirements Look at policies audits and system monitoring 36 U Distributed environments permit agents Agents are surrogate programs or process performing services in one environment on behalf ofa principal in another environment Not a proxy which hides identity V Distributed systems should include 1 Interoperability 2 Portability Software at source code level can be moved from system to system with different vendors 3 Transparency Ability to keep application and its processes invisible to the end user 4 Extensibility System must be able to adapt to various management policies and allow introduction of new resources to manage W Single state machines can only process one security level at a time MultiState Machines can process two or more security levels at the same time X Interpreted language executes each instruction in realtime called runtime binding Compiled language binding occurs at compile time Compiled code poses greater security risk since it may contain destructive code that can t easily be detected Y Applets in Web browsers called mobile code Java runs in constrained memory space sandbox for security Z Security measures con gure firewalls to screen applets con gure browsers to restrict or prevent downloading applets permit applets only from trusted parties provide training to users re mobile code IX Application control type Accuracy Secu rity Consistency Preventive Data checks forms Firewalls sensitivity Data dictionary custom screens labels encryption programming validity checks passwords test standards environments Detective Hash controls lDS and audit trails Comparison cyclic redundancy controls checks relationship tests Corrective Backups Emergency Program comments checkpoint restarts response and reference monitor and database controls CBK 9 Physical Security XXXXXXXXXXA 37 A Five threats interruptions in computing services physical damage unauthorized disclosure of information loss of control of system integrity and physical theft B Administrative Controls proper emergency procedures policy implementation facility security management audit trails and emergency procedures pre employment screening ongoing employee checks postemployment procedures Audit trails and access logs are detective not preventative 1 Facility Requirements Planning a Choosing a facility that is secure i Visibility ii Local considerations near hazards dump high crime rate iii Transportation iv Natural disasters oods earthquakes wind snow v Joint tenancy vi External services hospital re station police b Designing a secure site i Follow local building codes and other regulations ii Ceilings oors sprinkler systems liquid or gas lines air conditioning electrical iii Doors solid core vs hollow core hinges contact devices doorframe vulnerabilities location numbers iv V ndows types ofglass location v Walls interior walls should be oor to ceiling 2 Facility Security Management a Audit or access logs i Data and time access attempted ii Whether successful or not iii Location of access attempt iv Who attempted entry v Who modi ed access privileges to allow entry 38 XXXXXXXXXXA b Emergency procedures i Emergency system shutdown procedures ii Evacuation procedures iii Employee training awareness programs and periodic drills iv Periodic equipment and systems tests 3 Administrative Personnel Controls usually administered by HR a Preemployment screening employment references and educational history checks background investigations credit rating checks b Ongoing employee checks security clearances ongoing ratings and reviews by supervisor c Postemployment procedures exit interview removal of network access and change of passwords return of computer inventory and laptops C Environmental and Life Safety Controls 1 Electrical Power a Noise EMI RFI use power line conditioning proper grounding cable shielding limiting exposure to magnets fluorescent lights electric motors and heaters b Humidity range should be 4060 lt40 increases likelihood of static electricity gt60 increases condensation i Hygrometerto measure humidity c Static electricity controls antistatic sprays antistatic flooring proper grounding antistatic table or floor mats HVAC to control humidity d Power vulnerabilities XXXXXXXXXXA i Blackout is prolonged power loss ii Fault is momentary power loss iii Brownout is prolonged period of low voltage iv SagDip is momentary period of low voltage v Surge is prolonged high voltage 39 XXXXXXXXXXA vi vii viii ix X Spike is momentary high voltage lnrush current is initial surge of power at the beginning Noise is steady interfering disturbance Transients are line noise disturbances of short duration Electrostatic discharge is another type of electrical surge EPO Emergency Power Off Air conditioning should have separate EPO Methods to protect power UPS power line conditioning backup power sources surge suppressors alternate power source dedicated feeders and circuits 2 Fire detection and suppression a Three elements oxygen heat and fuel 0 ii iii iv Water suppresses temperature Soda acid reduces fuel supply 002 lethal if removes all 02 reduces oxygen Halon suppresses combustion through a chemical reaction that kills the fire Fire Detectors i ii iii iV Heat sensing temperature reaches a certain temperature or sudden rise in temperature g Fixed or rateofrise temperature sensors Flame actuated expensive sense either the infrared energy or pulsation of the flame Smoke actuated primarily in ventilation systems h Ionization detects charged particles in smoke i Photoelectric variation in light blockage caused by smoke Automatic dialup dials up local re andor police station and plays a recorded message used in conjunction with other detectors 4o 0 Fire extinguishing systems i ii iii W V Wet pipe water in pipes at all the time Dry pipe water in pipes only when activated Deluge type of dry pipe but amount ofwater discharged is much greater Preaction dry until heat then loads water releases water flow when link in nozzle melts most recommended for computers Gas discharge systems J Employ pressurized inert gas usually from under raised oor 002 and Halon i Halon now listed as danger to ozone and is being phased out ii Halon not safe above 10 concentration Use in gt 900 degrees creates toxic gas iii Halon 1211 portable extinguishers and Halon 1301 ooding systems iv FM2OO is good replacement Fire contaminants smoke heat water suppression medium contamination 002 or Halon d Sprinklers do not cause water damage re does Sprinklers protect lives reduce fire damage limit re to building e Fire distinguishers should be 50 feet from equipment and toward the door 0lass I Description Suppression Medium A Common combustibles Water or soda acid B Liquid 002 soda acid Halon C Electrical 002 or Halon D Combustible metals Dry powder 3 Heating Ventilation and Air Conditioning HVAC a Turn off in event of fire XXXXXXXXXXA 41 D XXXXXXXXXXA Physical and Technical Controls 1 Facility Control Requirements a Guards expensive can make value decisionsdiscriminating judgment Dogs expensive loyal keen sense of smell Landscape can provide barrier as long as provide bridge over a fence Fences primary means of perimeter or boundary protection fences gates turnstiles bollards i Mantrap physical access control routed though a set of double doors that may be monitored by a guard 3 to 4 1 meter Deters casual trespasser 6 to 7 2 meters Too hard to climb easily 8 with 3 strands of barbed wire 24 meters Deters intruders Lighting NIST STD 8 feet high with 2 foot candle continuous lighting glare lighting trip lighting standby lighting emergency lighting Locks most accepted and used physical security device can be picked i Combination locks deadbolt locks keyless locks smart locks Closed Circuit TV CCTV television transmission system that uses cameras to transmit pictures i CCTV Levels detection recognition identi cation ii Camera monitor transmission media iii Lighting is important Guard Stations posted at visitor and employee entrances deterrence Facility Access Control Devices a Security Access Cards i Photoimage cards ID card with picture 42 XXXXXXXXXXA ii Digital coded cards magnetic strip requires reader smart entry card with magnetic stripe or integrated circuit chip may require PIN smart card with authentication token to generate onetime or challenge response password or PIN iii Wireless proximity readers k User activated transmits a sequence of keystrokes to wireless keypad I Systemsensing proximity i Passive senses electromagnetic eld of reader ii Fieldpowered contains active electronics RF transmitter and power supply iii Transponder reader interrogates card which transmits an access code b Biometric devices see access control Intrusion Detection and Alarms a Should be installed on doors windows ceilings walls roofs ventilation openings etc b Alarms must be audible for at least 400 feet c Perimeter photoelectric sensors dry control switches d Motion Detectors wave pattern capacitance electrical eld surrounding an object audio detectors e Alarm systems local alarm system central station systems proprietary system auxiliary station system Computer Inventory Control a PC Physical Control cable locks port controls switch controls peripheral switch controls electronic security boards b Laptop Control Media Storage Requirements a Object reuse reusing data storage media after initial use b Data Remanence residual info remaining on media after erasure which may be restored Orange Book requires magnetic media be 43 formatted seven times before discard or reuse Common problems with media erasure i Deleting does not actually remove data le allocation table ii Damaged sectors may not be ovenNritten by format utility Need degaussing iii lmproper use or equipment failure of degaussers c Clearing ovenNriting data on media for reuse within same secured environment ie not used in a lesser security environment d Purging degaussing or ovenNriting media to be removed from monitored environment such as resale use in unsecured environment or donation e Destruction completely destroying media Good practice to purge media before submitting for destruction X CBK 10 Law Investigation and Ethics A XXXXXXXXXXA Liability senior executives can be held liable for losses 1 1997 Federal Sentencing Guidelines a Extended to cover computer crimes and specified that senior corporate of cers could be personally subjected to up to 290 million in nes if their organizations did not comply with the law Must exercise due care or reasonable care to carry out their responsibilities to their organization must meet certain requirements to ensure corporate security Exercises due diligence company kept up with these practices in a disciplined way rather than doing them once and letting them fall out of date and become useless Criteria for evaluating legal requirements for implementing safeguards is to evaluate cost C of instituting protection versus estimated loss L resulting from exploitation of vulnerability lf CltL then liability Major Legal Systems in the World 1 Common Law developed in England based on tradition past practices and legal precedents set by courts through interpretation innocent until proven guilty United States United Kingdom Australia and Canada Civil Law or Code Law fractured into separate national systems around the time of French Revolution guilty until proven innocent France Germany Quebec 44 XXXXXXXXXXA Socialist Legal Systems based on concepts of economic political and social policies of the state communist and socialist countries Islamic and other Religious Law law ofthe clergy of belief systems religions and secret societies special rights to clergy over common people Major Legal Systems in North America 1 Criminal Law Laws about individual conduct that violates government laws enacted for the protection ofthe public punishment can include imprisonment nancial penalties loss of right to work with computers Civil tort Law Laws about a wrong inflicted upon an individual or organization that results in damage or loss punishment can include financial penalties or compensatory damages NO imprisonment AdministrativeRegulatory Law Standards of performance and conduct expected by government agencies from industries organizations officials and of cers punishment can include imprisonment andor nancial penalties Intellectual Property typically includes at least four types of laws 1 Patent Provides the owner ofthe patent with a legally enforceable right to exclude others from practicing the invention covered by the patent for a speci es period of time 17 years in US Trademark Establishes a word name symbol color sound product shape device or combination of these that will be used to identify goods and to distinguish them from those made or sold by others Copyright Protects original works ofauthorship Protects the expression of ideas rather that the ideas themselves Trade Secrets Secures and maintains the con dentiality of proprietary technical or businessrelated information that is adequately protected from disclosure by the owner Privacy Laws Protection of information on private individuals from intentional and unintentional disclosure or misuse PWN Includes information privacy medical records communications privacy Globalization distribution of information worldwide Transborder Data Flow how different countries provide privacy protection Convergent Technologies technical means of gathering analyzing and distributing information Data Retrieval Advances data warehouses and other types of repositories for personal information European Union EU has more restrictive privacy laws than the United States Prohibits transfer of personal information to locations when equivalent personal protections are not in place data collected fairly and legally accurate and kept current cannot be disclosed without individual s permission 45 XXXXXXXXXXA 7 Organization for Economic Cooperation and Development OECD Guidelines of 1980 provides for data collection limitations the quality of the data speci cations ofthe purpose for data collection limitations on data use information security safeguards openness participation by the individual on whom the data is collected and accountability of the data controller 8 US Electronic Communications Privacy Act of 1986 prohibits eavesdropping or interception of message contents without distinguishing between private or public systems 9 Health Insurance and Portability Accountability Act HIPAA of 1996 KennedyKassenbaum Act addresses the issues of personal health care information privacy and health plan portability in the United States 10 Gramm Leach BIiIey GLB Act of 1999 requires financial institutions to develop privacy notices and give their customers the option to prohibit the banks from sharing their information with nonaf liated third parties 11 Privacy Act of 1974 Federal agencies must protect information of private individuals in their databases 12 Monitoring can infringe on privacy employee electronic monitoring email monitoring document monitoring Internet activity monitoring a Ensure proper policies are in place and employees are aware of the monitoring b Monitor only workrelated activities 0 Consistent monitoring usage applied to all employees no targeting a few 13 Protect personally identi able information Differences in International Computer Crime Laws 1 Different views on seriousness of computer crime not seen as a threat in some countries law enforcement technical skills vary different interpretations on technology issues Investigation 1 Terms a Incident adverse event or series of events that impact an organizations security or ability to do business b Event an observable occurrence 2 Modus Operandi examine to determine if suspect could have committed crime criminal pro ling 3 Because development oftechnology may outpace law crimes of embezzlement fraud and wiretapping are frequently used 46 H XXXXXXXXXXA Eviden Companies should have an incident response policy and procedures to handle this type of event before it actually takes place Steps in Incidence Handling a Report of cybercrime should be investigated to determine if an actual crime has been committed b Senior management should be informed immediately ofa cybercrime c Contain the incident d Analyze logs audit trails and gather information i Start documenting events along with the company employees and resources involved ii Decide whether to conduct own forensics or call in experts iii Determine when to call in law enforcement e Track down the source ofthe incident f Repairthe damage and recoverthe environment 9 Prevent similar incidents Computer forensics investigating computer crime Collecting information from and about computer systems that is admissible in a court of law a Chain of custody A history that shows how the evidence was collected analyzed transported and preserved in order to be presented as evidence in court accountability ce a Sources of evidence oral written computer generated visualaudio Legal evidence a Best evidence original or primary evidence rather than a copy of duplicate of the evidence b Secondary evidence a copy of evidence or oral description of its contents not as reliable as best evidence c Direct evidence proves or disproves a specific act through oral testimony based on information gathered through the witness s five senses 47 XXXXXXXXXXA Conclusive evidence incontrovertible overrides all other evidence Opinions two types EXpert may offer an opinion based on personal expertise and facts Nonexpert may testify only as to facts Circumstantial evidence inference of information from other immediate relevant facts Corroborative evidence supporting evidence used to help prove an idea or point used as a supplementary tool to help prove a primary piece of evidence Hearsay evidence 3mparty oral or written evidence that is presented in court that is second hand and has no rsthand proof of accuracy or reliability i Usually not admissible in court ii Computer generated records and other business records are in hearsay category iii Certain exceptions to hearsay rule 1 Made during the regular conduct of business and authenticated by witnesses familiar with their use 2 Relied upon in the regular course of business 3 Made by a person with knowledge of records 4 Made by a person with information transmitted by a person with knowledge 5 Made at or near the time of occurrence ofthe act being investigated 6 In the custody ofthe witness on a regular basis Standards for evidence a b f Relevant must be related to the crime Legally Permissible evidence was obtained in a lawful manner Reliability evidence has not been tampered with or modi ed Sufficient must be persuasive enough to convince a reasonable person ofthe validity ofthe ndings Identi cation evidence is properly identi ed without changing or damaging the evidence Preservation evidence is not subject to damage or destruction Evidence life cycle collection and identi cation analysis storage protection transportation presentation in court and return to victimowner 48 zgrzs XXXXXXXXXXA The extension of property to include electronic information has been key to the development of computer crime laws in some countries FBI and Secret Service are responsible for computer crimes Computer Incident Response Team CIRT Enticement intruder lured to certain system or selected les honeypot Entrapment encourages a person to commit a crime Federal Computer Security Act of 1987 rst to require government agencies to do security training and adopt security plan MOM Motive opportunity and means Typical computer felon holds a position oftrust with the company Ethics The analysis ofthe nature and social impact of computer technology and the corresponding formulation and justi cation of policies for the ethical use ofsuch technology 1 Ethics code does not include control as a behavior 2 ISO2 Code of Ethics contains four cannons and some additional guidance underthe Objectives for Guidance a Conduct in highest standards of moral ethical and legal conduct b Not commit unlawful or unethical act that would negatively impact professional reputation or reputation of profession 0 Report unlawful activity and cooperate in investigation d Support efforts to promote prudent info security measures e Provide competent service avoid con icts of interest f Execute responsibilities to highest standards of profession g Not misuse information they come in contact with maintain con dentiality 3 Internet Activities Board IAB Unethical to a Seek unauthorized access to Internet resource b Destroy integrity of information 0 Disrupt Internet use d Waste resources e Compromise privacy of users 49 f Negligence in Internet experiments XI Types of AttacksThreats A XXXXXXXXXXA Birthday applied to the probability of two different messages having the same hash function that produces a common message digest Brute Force trying every possible combination of key patterns Buffer over ow process receives more data than expected and acts in an unexpected way Chosen Ciphertext portions of ciphertext are selected for trial decryption while having access to the corresponding decrypted plaintext Chosen Plaintext chosen plaintext is encrypted and output ciphertext is obtained Ciphertext Only only ciphertext is available Corruptionmodi cation altering information or software Covert Channel Unapproved communications link between one application and another Covert storage channel Covert timing channel asynchronous Data diddling changing data either before or after it enters the system Data Remanence residual info remaining on media after erasure which may be restored Demon war dialing dialers automatically test every phone line in an exchange looking for modems that are attached to the network Denial of Service DoS person process or other system consumes the resources memory storage communications of a system Destruction destroying information or hardwaresoftware Disclosure release of information to unauthorized persons Distributed Denial of Service DDoS extension of DoS which gets more computers in the act attacker creates master controllers that control slave or zombie machines Dumpster diving obtaining sensitive data by sorting through garbage in dumpsters or at recycling locations Emanation eavesdropping receipt ofinformation by intercepting RFI signals Embezzlement illegally acquiring funds usually through manipulation and falsi cation of nancial statements Espionage Executable CodeMobile Code code that is downloaded to a user s machine and executed and could give the program access to unexpected resources on the machine Garbage collection a process that deallocates storage during program execution 50 39ltgtltE lt N AA BB CC DD EE FF LL MM NN 00 PP QQ XXXXXXXXXXA Interruption causing information software hardware andor telecommunications to become unavailable IP spoo ng impersonation ofa computer from a trusted network Known Plaintext have sample of ciphertext and corresponding plaintext Malicious code programs such as Trojan Horses worms and viruses that cause DoS or destruction of information on computers ManintheMiddle takes advantage of storeandfonNard nature of most networks by intercepting messages and fonNarding modi ed versions ofthe original message MeetintheMiddle applied to double encryption schemes by encrypting known plaintext from one end with every possible key and comparing the results in the middle with the decryption of the corresponding ciphertext and each possible key Network intrusions unauthorized penetration into network computer resources Network Packed Sniffers software that uses a NIC in promiscuous mode to review packets sent across the network Object reuse reusing data storage media after initial use Password theft through eavesdropping sniffing social engineering maninthe middle attacks Piggybacking an attacker gains unauthorized access by a system by using a legitimate user s connection Ping of Death DoS large PING packet attack Port Scanning scans to see what ports are open nmap Social engineering using social skills to get information Software piracy illegal copying and use of software Smurf DoS IP spoo ng forged return address oftarget with ICMP PING to saturate target network with traffic Sniffing protocol analyzer con gured to capture data packets that are later decoded to collect information such as passwords and infrastructure con gurations Spoo ng Masquerading used to convince a system that it is communicating with a know entity IP spoo ng fake login screen SYN DoS exploits the TCP session initialization handshake by sending SYNs which fill up the systems small inprocess queue Teardrop DoS hacker modi es the length and fragmentation offset fields in sequential IP packets Theftremoval loss of information or equipment Time of CheckTime of Use TOCTOU exploits the difference in time that security controls were applied and the time the authorized service was used 51 RR Trap doorback door hidden mechanism that bypasses user authentication and other security measures that could enable unauthorized access SS Trojan Horses contained in useful programs and performs unauthorized functions when triggered TT Viruses 1 Program virus attacks files that contain computer code 2 Boot virus attacks boot sector on hard or oppy disk 3 System virus attacks BIOS command and other system les 4 Polymorphic virus changes as it replicates 5 Multipartite virus infects in more than one place 6 Macro virus contained in data files word documents Xll PKI A Can be open third party trusted CA for many organizations and individuals or closed CA and members are part of single organization B CA Certi cate Authority RA Registration Authority CRL Certificate Revocation List Certi cation Practice Statement CPS dictates legal responsibilities roles policies and procedures for the CA C Services con dentiality access control integrity authentication and nonrepudiation D Manages generation and distribution of key pairs publishes public keys provides high degree of con dence E Certification is process of binding a public key to a specific person entity or system F Key recovery key escrow G Public Key Cryptography Standards PKCS PKCS1 is RSA standard PKCS13 is elliptic curve crypto Xlll SecurityAssessment A Two parts Physical and Logical B Areas of Review XXXXXXXXXXA 1 Physical access Access zones server room access backups media computers laptops network access Network Software Messaging Acceptable Use P F lPF N Application Security 52 7 8 9 10 11 12 13 Data securityclassi cation according to sensitivity or worth Encryption Change Control Systems Disaster Recovery storage of media time to restore test restores encrypt Incident response policyteam User Training CustomerPartner Training XIV Security Tools A Microsoft Passport Internet directory service for authentication Target consumer market B iChain by Novell Uses Novell Directory Services NDS for storage of authentication data Target business market C Firewall Hardware or software that controls access to applications on a network Three main types 1 Packet Filtering or screening routers Filters IP addresses by either allowing access to known IP addresses or denying access to IP addresses and ports For example deny access to Port 80 HTTP for outsiders a Router looks at 1 the packet source IP address and source TCPUDP port and 2 the destination IP address and destination TCPU DP port Proxy Server or application gateway Examines where the is being routed and the type of information in the packet a Difference between proxy and packet filtering is that proxy delivers the packet b Modi es source identi cation of client packets sent from within organization This disguises the internal client from the rest of the Internet and acts as a proxy agent for the client on the Internet Reduces potential for hackers to gain info about internal network May include logging and authentication features 0 Slower than packet ltering Circuit level gateway or generic application proxy Similar to proxy server but does not need to understand type of info that is being transmitted Perform Stateful inspection or dynamic packet filtering to make ltering decisions XV Orange Book XXXXXXXXXXA 53 DOD Trusted Computer System Evaluation Criteria Systems classi ed from A most trusted to D least trusted Relates only to standalone systems NO NETWORKS Takes a long time to certify 1 2 years Based on the BellLa Padula model Not adapted to clientserver model Levels A Veri ed Protection A1 2 B MAC B1 B2 and B3 3 C DAC C1 and C2 4 D Minimal security Systems evaluated but failed XVI Red Book A Extends Orange Book to networks XVII TCPIP A IP is protocol to transport packets between computers 1 TCP ports data to applications 2 TCP packet uses the IP packet to find which computer it is addressed to 3 Both sending and receiving applications are assigned ports to identify them Port 80 Web access SMTP is port 25 FTP is port 21 4 TCP port numbers are divided into three ranges wellknown ports 01023 registered ports 102449151 and dynamic private ports 4915265535 B IP address is 32 bits 4 Octets Address range for each octet is 0255 Classes A B C D and E XVIII VPN A Internet Protocol Security IPSec is accepted standard for VPNs between networks PPTP Point to point tunneling protocol L2F Layer 2 FonNarding and L2TP Layer 2 Tunneling Protocol are used mostly for remote access like dialup Encryption and authentication Do not neglect access control B Two approaches DoV Data over voice using dialup or DoD Data over Data using Internet access XIX Glossary A ACL types of access read write create execute modify delete rename B CERT Computer Emergency Response Team C DNS Domain Name System Distributed database of nametoIP address mappings D DNSSEC secure DNS XXXXXXXXXXA 54 XXXXXXXXXXA Domain collection of computers and user accounts managed by a central authority Footprinting Process by which a hacker gains information about a target computer system FQDN Fully Quali ed Domain Name IBMcom Gap Appliance Provides air gap between trusted and untrusted systems External CPU switch and internal CPU Internal system never directly connected to the outside Gateway translators between networks using incompatible transport protocols Generic Security Services API GSSAPI provides generic authentication key exchange and encryption interface for different systems and authentication methods IETF When submitted to the IETF draft docs are valid for six months They go through a screening process lfdraft is accepted it will be issued as a Request for Comments RFC document If a specification is adopted as an Internet standard it is given the additional label of STD but keeps the RFC number IEEE 80211 Wireless Standard wireless LAN standard Default is transmission in the clear IKE Internet Key Exchange protocol IKMP Internet Key Management protocol lPSec IP security Two main protocols are Authentication Header AH and Encapsulating Security Payload ESP AH provides integrity authentication and nonrepudiation ESP provides encryption LDAP Lightweight Directory Application Protocol Can be used to store X509 certi cates for authentication Subset of X500 Simple mechanism for directory clients to query and manage a database of hierarchical entries LDAP is based on clientserver model LDAP server will offer directory data via TCPIP port 389 and SSL encrypted port 636 Primary security concerns are availability and integrity Logic Bomb A logic bomb is a set of instructions in a computer program periodically executed in a computer system that determines conditions or states of the computer facilitating the perpetration ofan unauthorized malicious act Message Security Protocol MSP offers con dentiality authentication non repudiation return receipt signature NIC Network Interface Card Open View Leaving confidential documents in public place on desk Public Key Cryptography Standards PKCS provides agreed upon format for Public Key Cryptography extension to PEM RADIUS Remote Authentication DialIn User Service Internet standard for remoteaccess authentication authorization and accounting RPC Remote Procedure Call Transport and application layer 55 AA BB CC DD EE FF GG HH XXXXXXXXXXA SAS70 Audit Statement ofAuditing Standards 70 1 Not a security audit 2 Only con rms a company s compliance with its own procedures Those procedures may relate to security 3 Does not guarantee best practices 4 Does not make any recommendations for improvement 5 Prime purpose is to audit controls in place to prevent or detect an errorthat would be signi cant to a nancial audit 6 AICPA SQL Structured Query Language standardized language for relational DBMS schema tables views ltered data SMlME Secure Multipurpose Internet Mail Extensions Symmetric key encrypted with public key cryptography Uses X509 Secure HTTP SHTTP alternative to SSL SHTTP can be used to protect individual WWW documents provides authentication con dentiality integrity and nonrepudiation and supports a variety of encryption algorithms SSH2 Protocol secure terminal sessions with three components 1 transport layer protocol 2 user authentication protocol 3 connection protocol SSL Developed by Netscape HTTPs SSO Single Sign On Structured Programming Using programming rules and procedures and preprogrammed modules Superzap IBM mainframe utility used to install zaps or xes to MVS OS or application program code All powerful Circumvents all security Use checksums to detect changes to programs TEMPEST TEMPEST certi ed hardware rooms or buildings are shielded to limit EM radiation from computer equipment TLS Transaction Layer Security Confidentiality authentication and integrity above the transport layer and resides between the application and the TCP layer SSL and TLS use X509 V reless Application Protocol WAP Used by wireless devices to access the Internet Uses Wireless Transport Layer Security Protocol WTLS Data must be unencrypted at gateway between wireless and wired network to be reencrypted using SSL VVTLS provides three classes of security 1 Class 1 Anonymous Authentication Neither client or server is authenticated 2 Class 2 Server Authentication 3 Class 3 Two way Client and Server Authentication 56


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Amaris Trozzo George Washington University

"I made $350 in just two days after posting my first study guide."

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.