Unit 5

Security
Secure design principal
 Secure design principal

 Ongoing effort to protect

• Protecting information and
 individuals,
information systems
 organizations and
• From unauthorized access, use,  Governments
disclosure, disruption,  from digital attacks
modification, or destruction  By protecting networked systems and
• To provide data from unauthorized use or harm

integrity, confidentiality and

availability
Secure design principal

your identity, your data, and your

computing devices

organization’s reputation, data and

customers

national security, economic stability

and the safety and well being of
citizens are at stake
CIA Triad
• a single set of data is accessible to one or more authorized
people or systems, and nobody else can see it.
• preserving authorized restrictions on access and disclosure implies access to one set of
• means for protecting personal privacy and proprietary data by many
information. sources e.g., patient record

 responsibility of custodians of information to provide that

privacy to the individuals the data is accessible only to
a single source e.g., password
 People assume that information security
means not losing credit card information.
 Information security CIA Triad

 What if the information you received from IT systems could not be trusted to be accurate?

 guarding against improper information modification or destruction,

 Includes ensuring information non-repudiation and authenticity.
 Part of the goal of integrity controls is to block the ability of unauthorized people to make changes
to data, and another part is to provide a means of restoring data back to a known good state (as in
backups)

data has not

been altered in an unauthorized way
Information security CIA Triad
“uptime” of computer-based
services

 Ensuring timely and reliable access to and

use of information.

 An information system that is unavailable is an information system that is not useful

 High-availability (HA) pairs or clusters of computers, redundant network links, and RAID
disks are examples of mechanisms to protect availability.
Additional concepts

• Confidentiality • Control • Response

• Integrity • Democracy • Responsibility
• Availability • Ethics • Risk Assessment
• Accountability • Legality • Security Design and
• Accuracy • Non-repudiation Implementation

• Authenticity • Ownership • Security Management

• Awareness • Physical Possession • Timeliness

• Completeness • Reassessment • Utility

• Consistency • Relevance
Defense Model

• There are two approaches you can take to preserve the confidentiality, integrity, availability,
and authenticity of electronic and physical assets such as the data on your network:
• Build a defensive perimeter around those assets and trust everyone who has access inside
• Use many different types and levels of security controls in a layered defense-in-depth
approach
 Lollipop model

• The most common form of defense, known as perimeter

security, involves building a virtual (or physical) wall
around objects of value.
• Perimeter security is like a lollipop with a hard, crunchy
shell on the outside and a soft, chewy center on the inside
• One of the limitations of perimeter security is that once an
attacker breaches the perimeter defense, the valuables
inside are completely exposed
• Another limitation of the lollipop model is that it does not
provide different levels of security.
Onion Model

• A better approach is the onion

model of security. It is a layered
strategy, often referred to as
defense in depth.
• This model addresses the
contingency of a perimeter security
breach occurring.
• It includes the strong wall of the
lollipop but goes beyond the idea of
a simple barrier
Onion Model
Zone of trust
• Different areas of a network trust each other in different ways.
• Some communications are trusted completely but some networks (like the Internet or wireless hot
spots) are untrusted.
• The security controls should carefully screen the interfaces between each of these networks.
• These definitions of trust levels of networks and computer systems are known as zones of trust.
• Once you have identified the risks and threats to your business, and you know what functions are
required for your business, you can begin to separate those functions into zones of trust.
• To do this, you need to assign levels of trust to each collection of resources on the network—in
other words, you need to specify what level of risk is acceptable to accomplish each business
function.
• That involves making trade-offs between what you want to do and what you want to avoid.
Zone of trust
 Setting Security Controls

• Safeguard used to minimize the impact of information security threats

• Control can be classified 3 parts
• Physical control
• Procedural control
• Technical control
Physical control

• Physical controls use traditional non-technical methods of preventing

harm
• Typically, they prevent unauthorized users from being able to enter
technical facilities
• Examples of such controls include locks, fire extinguishers,
background checks, and doors
 Procedural control
• Procedural controls: Procedural controls are prescribed plans of action that govern the use of
computer resources.
• Procedural controls follow two established principles of security:
• 1. Enforce personal accountability: When people know that they are liable for their actions,
and that actions can be traced back to them, they are generally vigilant about their actions.
• 2. Require cooperation of more than one person to commit a fraud: “ When thieves fall out
honest men get their dues.”
• Experience suggests that there is usually a fallout over the spoils of crime, and the right
procedural controls can use this human weakness to enhance security.
• This is the rationale for the standard accounting procedure of double entry book-keeping.
• Examples of procedural controls include the procedures for obtaining computer accounts,
procedures for escalating privileges, procedures for modifying programs, procedures for
hiring, and requirements that users change their passwords periodically.
Technical control

• Technical controls: Technical controls are the security measures built

into the information system itself
• Common examples include passwords, firewalls, intrusion detection
systems, system updates, and antivirus software.
Types of controls
• Security controls can be logically grouped into several categories:
• Preventative Block security threats before they can exploit a vulnerability
• Detective Discover and provide notification of attacks or misuse when they
happen
• Deterrent Discourage outsider attacks and insider policy violations
• Corrective Restore the integrity of data or another asset
• Recovery Restore the availability of a service
• Compensative In a layered security strategy, provide protection even when
another control fails
 Security control for different threat vectors
  Physical Administrative Technical Operational Virtual
Preventive Locks   Firewall, IPS Guards on Dynamic assess
station lists
Detective Cameras   IDS, Logging, Guards  
SIEM patrolling

Deterrent Signs, barbed Security policies Warning Visible guards Dynamic pop-
wire messages and cameras up warning

Corrective   HR penalties Redundancy    

Recovery     Backups, data Disaster-  

replications recovery plans

Compensative     Manual    
processes