Security Fundamentals

Study Sheet

CIS341 – Spring 2004

 

Answer these questions, using the Answer bank below, based on the Security Fundamentals posting.  Then check your answers here.

 

Basic Terms

 

Identify these basic terms:

 

♦ a precise specification of what types of actions are and are not permitted within an information system.

 

♦ an information system that always obeys the existing security policy.

 

♦ a violation of the security policy.

 

♦ a rule limiting what actions can and cannot be taken within an information system.

 

♦ A means of disabling a system's security, by a mechanism intentionally hidden by the designers.

 

♦ The process of one entity offering proof of its identity to another.

 

♦ The total hardware, software and personnel cost of the security aspects of an information system.

 

♦ The total cost of engineering and implementing a security breach.

 

♦ The cost to the owner of the information system of sustaining a security breach.

 

♦ The gain to the perpetrator of achieving a security breach.

 

♦ The goal is to design a system that has no security breaches whatsoever.

 

♦ The goal is to design a system in which the benefit to the perpetrator of achieving a security breach is clearly less than the cost to him or her.

 

Basic Principles

 

Identify these basic principles:

 

♦ The more restrictive the security policy, the less overall functionality the system will have, and vice versa.

 

♦ The more restrictive the security policy, the more secure the system will be, but only if no security breaches occur; and vice versa.

 

♦ The less restrictive the security policy, the fewer security breaches it will have, but at the cost of overall loss of security.

 

♦ A security policy should be as simple as possible, and no simpler.

 

♦ A system should include as much functionality as necessary, and no more.

♦ Design the security system in such a way that the cost of achieving a security breach clearly exceeds its benefit; and the cost to the owner of the information system of sustaining a security breach is clearly less than the cost of thwarting that breach.

 

Comments

 

Fill in the blanks:

 

♦ A system with absolutely no restrictions will have _____.

♦ But, it will also be effectively _____.

 ♦ An _____ system will also have no security breaches.

♦ But such a system will have _____.

♦ The key to designing and implementing a security policy is to _____ between these two extremes.

♦ Security breaches caused by policy shortcomings are most often due to an _____ or _____ policy, a _____ of the policy’s requirements, or an error in its _____.

 

♦ The number of potential security problems associated with two interacting system components is the _____ of the problems associated with each component individually.

 

♦ Increasing the amount of time and skill required to breach a system’s defenses _____ who can successfully attack it.

♦  Increasing the _____ of getting caught serves to dissuade many of those who possess the requisite time and skills from trying. 

♦ If the _____exceeds the expected payoff for a successful attack, then most intruders will _____.

♦ The Debug option of the Unix sendmail program was a back door exploited by _____.

 

List the problems that can occur with the cost/benefit approach to security

♦ Underestimating . . .

♦ Underestimating . . .

♦ Overestimating . . .

♦ Overestimating . . .

 

List four classes of personnel which must be taken into account when assessing the effectiveness of  an information security system.

♦

♦

♦

♦

 

 

Fill in the details of this outline of administrative problems relative to information security:

1.

   a.

   b.

   c.

   d.

2.

   a.

   b.

   c.

 

 

List two shortcomings of IT workers which compromise the security of an information system.

♦

♦

 

List three shortcomings of users which compromise the security of an information system.

♦

♦

♦

 

Answer Bank

 

security policy

Restrictiveness/Incident Tradeoff

Policy Simplicity Principle

System Functionality Principle

no security breaches

Underestimating the potential loss to the owner of the information system

Overestimating the cost of security to the owner of the information system

Authentication

information system designers

administrators

insecure

absolutely restricted

no functionality

strike a balance

incomplete

inconsistent

misunderstanding

implementation

multiple

Security Cost

Cost of Security Attack

Relative Security

Cost/Benefit Principle of Security Design

odds and penalties

cost of attacking

the Internet Worm of 1988

seek out a more rewarding target

decreases the pool of intruders

Underestimating the cost of mounting a successful attack.

Failure to make reasonable effort to understand security policy.

Disregard for security policy.

Failure to understand consequences of actions

Underestimating the benefit to the perpetrator of a security breach

secure system

security breach

trap door

restriction

Restrictiveness/Functionality Tradeoff

Restrictiveness/Security Tradeoff

Underestimating the determination of the attacker

IT staff

users

Poorly designed security policy.

Too lax

Cost of Security Breach

Benefit of Security Breach

Absolute Security

Unnecessarily strict (the Regal Eagle)

Unilaterally formulated

Poorly trained staff

Inadequately informed users.

Disconnect between staff and users

Failure to understand user community

Poorly administered security policy.

Ignorance of security policies.

Failure to carry out security policies.