Session Topic: Session Number 3

Information Security Terminologies

Speaker: Manjunath Hiregange

IC 624: Cyber Security in Industrial Automation

Disclaimer:
 Agenda

• Introduction to Fundamental of Information Security

• Types and classes of attacks
• Additional System Security Concepts
• Policies, Standards, Guidelines, Procedures
• Malicious Codes and Attacks
Disclaimer:

2
Disclaimer:

CIA Triad

3
 CONFIDENTIALITY
Disclaimer:

4
Disclaimer:

INTEGRITY

5
 AVAILABILITY
Disclaimer:

6
 IDENTIFICATION
Disclaimer:

7
 AUTHENTICATION
Disclaimer:

8
 AUTHORIZATION
Disclaimer:

9
 ACCOUNTABILITY
Disclaimer:

10
 Disclaimer:

AUDITING

11
 NONREPUDIATION
Disclaimer:

12
 RELATED TERMINOLOGIES

• Asset
• Threat
• As defined by NIST SP 800-53,1 a threat is “any circumstance or event with the potential to adversely
Impact agency operations (including mission, functions, image, or reputation), agency assets, or
individuals through an information system via unauthorized access, destruction, disclosure,
modification of information, and/or denial of service.”

• Safeguard
• Vulnerability
• According to NIST SP 800-53, vulnerability is “weakness in an information system, system security
procedures, internal controls, or implementation that could be exploited or triggered by a threat
source.”
Disclaimer:

13
 CONTROLS

• Vulnerability can be decreased by applying controls that will mitigate

the effect of an attack. Controls can be partitioned into the following
categories:
• Corrective controls minimize the effect of an attack and the degree of
resulting damage.

• Detective controls discern if attacks have occurred, or are occurring, and

initiate control measures.

• Deterrent controls reduce the potential for an attack to occur.

• Preventive controls prevent a threat from exploiting a vulnerability.

Disclaimer:

14
 THREAT MATRIX
Disclaimer:

15
 TYPES OF ATTACK

• Passive Attack
• Active Attack
• Close-In Attack
• Insider Attack
• Distribution Attack
Disclaimer:

16
 ADDITIONAL SYSTEM SECURITY CONCEPTS
• Complete Mediation
• Defense in depth
• Economy of mechanism
• Fail-safe
• Least common mechanism
• Least privilege
• Leveraging existing components
• Open design
• Psychological acceptability
• Separation of duties
Disclaimer:

• Weakest link
17
 COMPLETE MEDIATION

Complete mediation requires that when an entity (a user or process)

requests access to an object, such as a file or document in a
computer system, the entity must go through a valid authorization
process that cannot be circumvented.
Disclaimer:

18
 DEFENSE IN DEPTH
• NIST SP 800-82 defines a defense-in-depth architecture strategy as
“the use of firewalls, the creation of demilitarized zones and intrusion detection capabilities, along
with effective security policies, training programs, and incident response mechanisms.”

• ANSI/ISA-62443-1-1 (99.01.01)-20075 describes defense in depth as:

The provision of multiple security protections, especially in layers, with the intent to delay, if not
prevent, an attack.
NOTE Defense in depth implies layers of security and detection, even on single systems, and
provides the following features:
– Attackers are faced with breaking through or bypassing each layer without being detected.
– A flaw in one layer can be mitigated by capabilities in other layers.
– System security becomes a set of layers within the overall network security.
Disclaimer:

19
 ECONOMY OF MECHANISM

• Economy of mechanism advances the concept that the design and

implementation of defensive mechanisms should be straightforward,
understandable, and not unnecessarily complex.
Disclaimer:

20
 FAIL-SAFE
• NIST SP 800-123 explains the term fail-safe as follows: “If a failure occurs, the
system should fail in a secure manner, that is, security controls and settings
remain in effect and are enforced. It is usually better to lose functionality rather
than security.”

• Also, a fail-safe design should ensure that when a system recovers from a
failure, it should recover in a secure state, where only authorized users have
access to sensitive information.
Disclaimer:

21
 LEAST COMMON MECHANISM

• Least common mechanism refers to having the least possible

sharing of common security mechanisms among users or processes.
Having many users sharing common security mechanisms can result
in unknown or unauthorized access paths to sensitive data.
Disclaimer:

22
 LEAST PRIVILEGE

• In the principle of least privilege, a user or process is given the

minimum amount of privileges, authorization, and so on, for the
smallest amount of time that will permit the user or process to
accomplish assigned tasks.
Disclaimer:

23
 LEVERAGING EXISTING COMPONENTS

• Leveraging existing components refers to using the security

mechanisms that are already in place in the most efficient and
effective manner and to their maximum capabilities.

• This process can be accomplished by periodically reviewing the

configuration of the security devices and by optimizing their
operational performance.
Disclaimer:

24
 OPEN DESIGN

• Open design proposes that making designs and security approaches

available to examination and scrutiny by a variety of parties will
ensure that they are robust and are performing as required.

• The alternative to open design is to keep designs proprietary and

confidential in the hope that by doing so they will be more secure
from compromise. In almost all cases, open design results in more
effective and reliable mechanisms.
Disclaimer:

25
 PSYCHOLOGICAL ACCEPTABILITY

• Psychological acceptability is concerned with making the interface

and interaction with access control mechanisms intuitive and easy
for the user to understand and operate.
Disclaimer:

26
 SEPARATION OF DUTIES

• Separation of duties requires that functions, roles, or responsibilities

should be distinct and independent from each other so that no entity
can solely control sensitive operations.
Disclaimer:

27
 WEAKEST LINK

• As with any group of protection mechanisms, it is important to

identify the weakest element in the group. Once the weakest link is
identified, actions can be taken to bolster that element and mitigate
any corresponding risk.
Disclaimer:

28
 Policies, Standards, Guidelines, and Procedures
Disclaimer:

29
 Policies

• Is a statement of the intent of management for the organization and

compliance is mandatory.
• It provides top-down requirements.
Disclaimer:

30
 Standards

• A standard details how specific methods must be applied in a

consistent manner.
• Conformance to standards is normally compulsory.
Disclaimer:

31
 Guidelines

• Guidelines also detail methods to use to create secure information

systems, but are considered to be recommendations and
conformance is not compulsory.
Disclaimer:

32
 Procedures

• Procedures are step-by-step actions that must be taken to implement

policies and standards. Procedures describe compulsory activities.
Disclaimer:

33
 Malicious Code and Attacks

• NIST SP 800-53 - Software or firmware intended to perform an unauthorized

process that will have an adverse impact on the confidentiality, integrity, or
availability of an information system. A virus, worm, Trojan horse, or other code-
based entity that infects a host. Spyware and some forms of adware are also
examples of malicious code.
Disclaimer:

34
 Viruses and Worms

• ANSI/ISA-62443-1-1 –
• virus - “self-replicating or self-reproducing program that spreads by inserting
copies of itself into other executable code or documents,”
• worm - “computer program that can run independently, can propagate a
complete working version of itself onto other hosts on a network, and may
consume computer resources destructively.”
Disclaimer:

35
 Trojan Horse

• A Trojan horse conceals additional code in a program that is used for

a valid purpose. Then, the hidden code, which could be a virus, can
perform malicious acts. Trojan horses can be transmitted through
emails or downloads from websites.
Disclaimer:

36
 Logic Bomb

• A logic bomb is a type of Trojan horse that does not execute until a
preset condition is met; for example, at a specific time and date or
when some activity is performed on the host computer.
Disclaimer:

37
 Mobile Code

• Software that is obtained or downloaded over a network from a

remote source onto a local computer is known as mobile code.
• This mobile code can be used for valid applications or can contain a
virus that could do harm to a computer system.
Disclaimer:

38
 Back Door

• In a back-door attack, an individual attempts to gain access to a

computer system by circumventing its protection mechanisms.
Disclaimer:

39
 Scanning

• A scan can yield the following information:

• Open ports
• Services that are running
• Types of system software
• Domain names
• Existence of intrusion detection systems
• Protocols being used
• Existence of firewalls and perimeter devices
Disclaimer:

40
 Man-in-the-Middle

• In a successful attack, the attacker can intercept data between the

two parties, modify it, and then pass it on without the knowledge of
the sender or receiver.
Disclaimer:

41
 Social Engineering
Disclaimer:

42
 Guessing Passwords
Disclaimer:

43
 Denial of Service/Distributed Denial of Service
Disclaimer:

44
 Disclaimer:

Replay

45
 Dumpster Diving

• In dumpster diving, an individual sorts through discarded material in

a dumpster in the hope of finding sensitive information that can be
used later to attack an organization’s computer system.
• In many cases, user’s manuals, technical manuals, correspondence,
organization charts, and other related material could provide
valuable information to an attacker.
Disclaimer:

46