A brief introduction to information security Part I Tyler Moore - - PDF document

A brief introduction to information security

Part I Tyler Moore

Computer Science & Engineering Department, SMU, Dallas, TX

August 23, 2012

Some definitions Computer systems and networks

Outline

1

Some definitions What is security? What is digital information? What is information security?

2

Computer systems and networks Computer architecture Network architecture

2 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Safety vs. Security

Safety Protects against accidents Defends against nature Can be modeled using probability theory with historical data Security Protects against intentional malice Defends against intelligent beings Must model the strategy of adversaries

4 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Safety vs. Security

Safety Security Question: If you were in charge of a building’s security, how would preparations differ for a tornado versus a terrorist attack? Hint: When preparing for a tornado, should you consider whether neighboring buildings have been protected?

5 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks What is security? What is digital information? What is information security?

What is digital information?

Definition Digital information: information encoded in discrete numbers “Hi!” → 0x486921

6 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

What are the implications of digital representation of information?

1 Costless to create perfect copies 2 Information can be transmitted anywhere immediately 3 Information can be remembered indefinitely

⇒ Easy to keep detailed record of transactions

4 Digitally encoded information lacks provenance

⇒ Modifications can’t be identified by just looking at the data

7 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

What is information security?

Information security is the endeavor to achieve protection goals specific to information. What are those goals?

1 Confidentiality: information is accessible only to authorized

parties

2 Integrity: modification of information can be detected 3 Availability: authorized parties can access information (and

use resources) when and where it is needed

8 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Confidentiality

Broker Exchange BUY,200,GOOG,$600.25 Eve

9 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Confidentiality caveats

Confidentiality does not cover prior knowledge Breaches of confidentiality cannot be undone Breaches of confidentiality can be difficult to detect Question: what characteristics of digital information make protecting confidentiality difficult?

10 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Integrity

Broker Exchange BUY,200,GOOG,$600.25 Mallory $550.25

11 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Integrity caveats

Protecting integrity

• =

⇒ correcting modifications Integrity simply ensures that information hasn’t been altered Integrity makes no claim of absolute correctness Question: what characteristics of digital information make protecting integrity difficult?

12 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Availability

Broker Exchange BUY,200,GOOG,$600.25 Mallory BUY,200,GOOG,$600.25

13 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Availability caveats

Integrity is widely seen to be “harder” to guarantee than confidentiality or integrity Why? guarantees must often be made for more than the information Guarantees of the functionality of other parties may be required

14 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Who are these authorized parties the definitions speak of?

Who is an authorized party? How are they authorized? By whom? Parties: human beings controlling computer system, or programs acting on their behalf Authorization: decision a principal must take on whether a party is allowed to undertake a task Authorization decision is the fundamental challenge of security engineering

15 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Identification vs. Authentication vs. Authorization

Identification, authentication and authorization answer different questions

Identification: Who are you? Authentication: Is it really you? Authorization: Knowing who you are, are you allowed to do something?

Common mistake: conflating these concepts

Deploying an authentication system does not solve the authorization problem

16 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

How computers identify people

In order to authorize a user to access computer resources, systems must figure out who they’re interacting with Computer systems store (ID, attribute) pairs Upon encountering a user, the system prompts for the ID and attribute. IDs should be unique If the attribute is only known to the user (e.g., a password), it can be used to authenticate the user to the system

17 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Case study: authentication and authorization at ATMs

ATM Bank Authentication steps

• 1. Insert card
• 2. Request matching PIN
• 3. Enter PIN

Authorization steps

• 4. How much to withdraw?
• 5. Request $100
• 6. Balance≥$100?
• 7. Approve withdrawal
• 8. Dispense $100

18 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Authentication failure: ATM fails to authenticate user

ATM Bank Authentication steps

• 1. Insert card
• 2. Request matching PIN
• 3. Enter PIN

Authorization steps

• 4. How much to withdraw?
• 5. Request $100
• 6. Balance≥$100?
• 7. Approve withdrawal
• 8. Dispense $100

Mallory Guess PIN

19 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Card skimmers: ATM incorrectly authenticates user

Source: http://krebsonsecurity.com/all-about-skimmers/ 20 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Authentication failure: User fails to authenticate ATM

ATM Bank Authentication steps

• 1. Insert card
• 2. Request matching PIN
• 3. Enter PIN

Authorization steps

• 4. How much to withdraw?
• 5. Request $100
• 6. Balance≥$100?
• 7. Approve withdrawal
• 8. Dispense $100

ATM Mallory Fake ATM

21 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Fake ATMs: User fails to authenticate ATM

Source: http://www.wired.com/threatlevel/2009/08/malicious-atm-catches-hackers/ 22 / 41 Some definitions Computer systems and networks What is security? What is digital information? What is information security?

Question: how does authentication fail on phishing websites?

23 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Four fundamental ideas of computer architecture

1 Code is data 2 Layers of abstraction 3 Moore’s law 4 Halting problem 25 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

The von Neumann computer architecture

The pervasive von Neumann computer architecture does not distinguish between instructions for computer programs and data Consequently, Code is Data

⇒ Enables great flexibility in reprogramming computers ⇒ Programs can be costlessly reproduced, not just data

There are unfortunate security implications John von Neumann

26 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks Computer architecture Network architecture

The dark side of “Code is Data”

Source: http://www.cl.cam.ac.uk/~rja14/Papers/SE-04.pdf 27 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Layers of abstraction

Abstraction: specifying meaning and behavior of software while hiding implementation details Modular code exploits abstraction and enables composition and reuse Abstraction and code modularity enables rapid software development (which has in turn led to a rapid rise in software complexity) Unlike for mechanical engineering, in software engineering there is no practical limit to the potential combinations of code

28 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Abstraction solves everything?

“All problems in computer science can be solved by another level of indirection.” David Wheeler

29 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Layered computer architecture

Hardware Operating system Libraries Application Active content

Intel x86 Microsoft Windows Mozilla Firefox Gecko, NSPR, OJI, . . . Facebook

30 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks Computer architecture Network architecture

Layers – good or bad?

+ Abstraction enables greater compatibility since higher layer

• nly interacts with next layer

+ Layered approach means that developers can ignore problems already solved at other layers

• Higher layers cannot identify or prevent malfunctions at lower

layers

• Vulnerabilities propagate up the stack
• Flaws in a single layer can affect all software developed on top

⇒ Think back to when Windows was ridden with holes

Question: at what layer can a strategic attacker wreak the most havoc at least cost?

31 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Abstraction solves everything?

“All problems in computer science can be solved by another level of indirection”, except security problems.

32 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Moore’s law

Intel founder Gordon Moore noticed in 1965 that integrated circuit density had been doubling since the 1950s He predicted the trend to continue Moore’s Law: computer performance roughly doubles every 18 months

Figure from Moore’s original paper speculating on the implications of exponential growth in computing power 33 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

The halting problem

In 1936, Alan Turing proved that it is impossible to write a general-purpose program that can determine whether another program will stop Bear this in mind the next time someone complains that software developers should be able to find and remove all vulnerabilities in their code

34 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks Computer architecture Network architecture

The Internet circa 1971

Source: http://personalpages.manchester.ac.uk/staff/m.dodge/cybergeography/atlas/arpanet3.gif 35 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Network architecture

It has long been recognized that there could be value in connecting computers together Researchers developed protocols that specified how computers could communicate with each other Networking protocols also leverage abstraction layers

36 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Networking protocol stack

Physical Data Link Network Transport Application 802.11n Ethernet IP TCP, UDP HTTP, SMTP, BGP

37 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Networking protocols

IP protocol

Each computer has a 32-bit unique address (e.g., 129.119.70.166) Any computer should be reachable using its IP address

Transport layer

TCP: establishes connection between devices before sending traffic UDP: connectionless – data is simply transmitted

Application layer

Many available applications, each operating on a different port HTTP (port 80): protocol for web sites (e.g., connecting to 129.119.70.166:80 delivers the SMU home page) SMTP (port 25): protocol for sending email SSH (port 22): secure remote login to computers BGP (port 179): protocol for connecting Internet providers Many applications have been developed (e.g., see a list of common port numbers at

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers) 38 / 41

Notes Notes Notes Notes

Some definitions Computer systems and networks Computer architecture Network architecture

Global routing via BGP

Source: http://www.enisa.europa.eu/activities/Resilience-and-CIIP/networks-and-services-resilience/inter-x/interx/ report/interx-report/at_download/fullReport 39 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Important design decisions for networking protocols

Internet protocols incorporated a number of design decisions that impact security

1

IP makes computers globally addressable

2

Packets are delivered on a best-effort basis, making it hard to distinguish malice from bad luck

3

No built-in authentication to protocols, which enables spoofing

4

Design is inherently decentralized, which makes coordination difficult (e.g., to upgrade to a more secure protocol)

40 / 41 Some definitions Computer systems and networks Computer architecture Network architecture

Recap

1

Some definitions What is security? What is digital information? What is information security?

2

Computer systems and networks Computer architecture Network architecture

41 / 41

Notes Notes Notes Notes