Assignment

Cooper123

Chapter4SecureDesignPrinciplesIM.pptx

Home >Computer Science homework help >Assignment

Chapter 4

Secure Design Principles

Introduction

This chapter covers information security principles.

Every network security implementation is based on a model.

The CIA triad is perhaps the most well-known model, with focus on confidentiality, integrity, and availability of data.

Other models focus on other aspects of information security

Firewalls as a primary defense is a perimeter security model

Relying on several different security mechanisms is a layered defense model

Every security design includes assumptions about what is trusted and what is not trusted, and who can go where.

Countermeasures

The CIA Triad

The CIA triad is a data-centric model to help people think about security, although it is neither perfect nor all-inclusive.

Confidentiality: Restriction of access to data only to those who are authorized to use it

“confidential” implies access to one set of data by many sources

“private” means the data is accessible only to a single source

Integrity: Assurance that data has not been altered

Availability: Assurance that a service will be available when needed

Alternatives to the CIA Triad

Parkerian Hexad

Confidentiality, Integrity, Availability, Control, Authenticity, Utility

U.S. DoD “Five Pillars of Information Assurance”

Confidentiality, Integrity, Availability, Authenticity, Non-repudiation

OECD guidelines The Organization for Economic Co-operation and Development

Confidentiality, Integrity, Availability, Awareness, Responsibility, Response, Ethics, Democracy, Risk Assessment, Security Design and Implementation, Security Management, and Reassessment.

NIST 800-27

Proposes 33 principles for securing technology systems

Best-known Attributes of Security

Confidentiality

Integrity

Availability

Accountability

Accuracy

Authenticity

Awareness

Completeness

Consistency

Control

Democracy

Ethics

Legality

Non-repudiation

Ownership

Physical possession

Reassessment

Relevance

Response

Responsibility

Risk assessment

Security design and implementation

Security management

Timeliness

Utility

Defense Models

The Lollipop

Hard, crunchy shell; soft, chewy center

Once the hard, crunchy exterior is broken, the soft, chewy center is exposed

Not the best defense model

The Onion

Layered strategy

Defense in depth

Must be peeled away by the attacker, layer by layer, with plenty of crying

Zones of Trust

Different areas of a network trust each other in different ways

Best Practices

Secure the physical environment.

Harden the operating system.

Keep patches updated.

Use an antivirus scanner (with real-time scanning).

Use firewall software.

Secure network share permissions.

Use encryption.

Secure applications.

Back up the system.

Create a computer security defense plan.

Implement ARP poisoning defenses.

Secure the Physical Environment

Lock down PCs and laptops.

Password-protect boot.

Password-protect CMOS.

Disable peripheral device boot.

Harden the Operating System

1. Reduce the attack surface of systems by turning off unneeded services.

2. Install secure software.

3. Configure software settings securely.

4. Patch systems regularly and quickly.

5. Segment the network into zones of trust and place systems into those zones based on their communication needs and Internet exposure.

6. Strengthen authentication processes.

7. Limit the number (and privileges) of administrators.

Keep Patches Updated

In most cases, the vulnerabilities exploited are widely known, and the affected vendors have already released patches.

Attacks against unpatched systems are widely successful.

Use an Antivirus Scanner

Essential

Forced, automatic updates

Enabled for real-time protection

Use Firewall Software

Stateful inspection systems capable of analyzing threats occurring anywhere in layers 3 through 7.

Able to collate separate events into one threat description.

Block unwanted inbound connections.

Block unauthorized software applications (such as Trojans) from initiating outbound traffic.

Secure Network Share Permissions

One of the most common ways a attacker or worm spreads

By default, Windows assigns the Everyone group Full Control on every newly created share

This is the opposite of the least privilege principle (maybe it should be called the most privilege principle)

Use Encryption

Protects passwords

Protects data

’nuff said

Secure Applications

Applications should be configured with the vendors’ recommended security settings.

Block active e-mail content from executing.

Block dangerous file attachments.

Install applications to nonstandard directories and ports.

Enforce policies to designate what software is allowed to run on a particular computer.

Eradicate or secure P2P services.

Make sure any new programs in your environment are developed securely.

Back Up the System

Recover modified, corrupted, or deleted files.

Worms and viruses often delete files, format hard drives, or intentionally corrupt data.

You cannot always repair the damage and put the system back to the way it was prior to an exploit, so backups are essential.

Create a Computer Security Defense Plan

1. Inventory the assets to protect.

2. Decide the value of each asset and its chance of being exploited in order to come up with a quantifiable exposure risk.

3. Develop a plan to tighten the security on your protected assets.

Assets with the highest exposure risk should be given the most protection, but make sure all assets get some baseline level of security.

4. Develop and document security baseline tools and methods.

For example, a security template for end-user workstations

Apply security templates to workstations

5. Use vulnerability testing tools to confirm appropriate configurations.

6. Do periodic testing to make sure security settings stay implemented.

7. Change and update the plan as dictated by new events and risks.

Implement ARP Poisoning Defenses

ARP poisoning attacks are one of the most common and effective threats against network infrastructures (especially wireless networks).

ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network.

A form of man-in-the-middle attack that allow an attacker to intercept and modify network traffic, invisibly. Thus, these attacks merit their own special countermeasures.

Defenses include

Static ARP tables

Port rate limiting

DHCP snooping with dynamic ARP inspection (DAI).

Dynamic Host Configuration Protocol. This is a method for automatically configuring TCP/IP network settings on computers, printers, and other network devices

Summary

The CIA triad is a well-known model, but there are many others.

The onion model is a better defense than the lollipop.

Trust is an important consideration in every network.

Attacks can come from automated malicious code or from manual attackers.

You can implement many countermeasures to minimize the risk of a successful attack, including securing the physical environment, keeping patches updated, using an antivirus scanner, using a firewall, securing user accounts, securing the file system, securing network shares, and securing applications.

Security settings should be automated whenever possible and should be part of a computer security defense plan.