MIS Power Point
Download
Report
Transcript MIS Power Point
Gerhard Steinke
BUS 3620
According to Internetworldstats.com, there are 2,095,006,005
internet users worldwide
Steinke
1
It is now unsafe to turn
on your computer...
Steinke
2
Slammed on All Sides
Employee Error
Viruses
Rogue Insiders
Software Bugs
Corporate Spies Script Kiddies
Web Defacements
Denial of Service
Network vulnerabilities
“SneakerNet”
Password
Crackers
War Drivers
Trojans
Worms
Buffer Overflows
Backdoors
“Blended Threats”
3
Steinke
Confidentiality
Protecting information from unauthorized
disclosure
Integrity
Protecting information from unauthorized
alternation/destruction
Availability
Ensuring the availability and access to the
information
Availability
Confidentiality
Integrity
4
Internal (authorized users (intentional &
unintentional), contract worker, etc.)
Hackers (‘script kiddies’ to experts)
Industrial Espionage (legal? acceptable in
some countries and sometimes government
funded)
Foreign Espionage
Criminal (financial or criminal motivation)
Other (terrorists, political activists)
Steinke
5
The threat is global
The attack sophistication is increasing
The skill level required to become a threat is
decreasing
We live in a “Target Rich” environment
Exposure time and response time are critical
Steinke
6
Corrupting Information
Disclosing Information
Stealing Service
Denial of Service (preventing the use of IT
resources)
Viruses, worms
File deletion
Data tampering (medical & financial), Web page hacks
Public release of private data
Selling of private or financial data (e.g., stolen charge
card numbers)
Using site as intermediary for attacks
Network flooding
Crashing systems or services
Steinke
7
Steinke
8
A system which examines network packets
entering/leaving an organization and
determines whether the packets are allowed
to travel ‘through’ the firewall
Organization
Steinke
9
Steinke
10
attempts to detect/prevent someone
breaking into your system
running in background and notifies you
when…
Match
Steinke
Alarm
11
Can you decrypt these?
mfuttubsu
cepninotry
Steinke
12
Disguising message in order to hide its substance
Based in logic and mathematics
Confidentiality
Authentication
Integrity
Non-repudiation
◦ Message wasn’t changed
◦ who really sent message?
◦ was message altered?
◦ so sender cannot deny they sent message
Steinke
13
Substitution Cipher (13)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
NOPQRSTUVWXYZABCDEFGHIJKLM
Transposition Cipher
Rearranging all characters in the plaintext
Attack: frequency of letters
Concealment – hide in text
Break Encryption by brute force - try all possible
keys
key length
Steal, bribe, replace encryption software, flaws in
system
Steinke
14
Hiding information
http://www.jjtc.com/Steganography/
http://wwwusers.aston.ac.uk/~papania1/stegano.html
S-tools demo
Steinke
15
same key for encryption and decryption
confidentiality
secure key distribution required
◦ otherwise could impersonate sender as well
scalability - n users require n*(n-1)/2 keys
Steinke
16
Two keys – one encrypts, the other
decrypts
Public and Private keys generated as a pair
Private key for user
Public key for distribution
Each key decrypts what the other encrypts
Confidentiality, integrity, authentication
and non-repudiation
Intensive computations, slow
17
18
Create hash value / digital fingerprint
Provides integrity checking
Shorter than original message
◦ Variable length message to fixed length hash value
One way function, can’t go back
Appended to message
Examples:
◦ MD5 - 128 bit hash
◦ SHA - 160 bit, by NIST, NSA in DSS (Digital
Signature Standard)
19
Create a hash value
Encrypt hash value with your private key
Attach to message to be sent
Encrypt with recipients public key
Send
20
Integrity – Message not changed
Authentication - Verify sender identity and
message origin
Creates non-repudiation
Applications:
◦ Used to authenticate software, data, images
◦ Used with electronic contracts, purchase orders
◦ Protect software against viruses
21
Security policy
◦ document security principles
Educate users - what and why of security
Physical Security
Monitor network
Passwords
Steinke
22
gateway to network
access to information on PC
power on password, screen saver password
encryption
password protect files, disk drive
erase information when deleting a file
Steinke
23
control program change requests
require multiple authorizations
require full documentation
independent testing of changes
check with operations before acceptance
procedure to handle emergency situations
Steinke
24
investigate error messages, reports, alarms
monitor communication lines for failures,
problems
monitor network status for operational, outof-service stations
monitor traffic queues for congestion
control tapes, disks and other system
materials to ensure proper labeling and
retention
Steinke
25
maintain backup for programs, tapes and
other material
examine system printouts, program dumps,
recovery printouts
monitor vendor and maintenance personnel
control testing during operational hours
ensure that changes to hardware and
software are necessary
Steinke
26
Identify people by measuring some aspect of
individual anatomy or physiology, some deeply
ingrained skill, or other behavioral characteristic or
something that is a combination of the two
◦
◦
◦
◦
◦
◦
◦
◦
◦
Handwritten signatures
Face Recognition
Fingerprints
Iris Codes
Voice
Retina Prints
DNA Identification
Palm Prints
Handwriting Analysis
27
All recognition systems are subject to error
‘Fraud’ / ‘false positive’
◦ A client is accepted as authenticated when they
should have been rejected
‘Insult’ / ‘false negative’
◦ A client is rejected as NOT authenticated when in
fact they should have been accepted.
28
The oldest way
There is widespread acceptance (and
requirement!) for photo ID
The issuing of other authentication devices
(like passwords, key cards, digital signatures)
usually depends on facial recognition by the
agents of the issuing authority
Photo-ID is not particularly reliable, but has a
very significant deterrent effect
29
Strengths:
Database can be built from driver’s license records,
visas, etc.
Can be applied covertly (surveillance photos). (Super
Bowl 2001)
Few people object to having their photo taken
Weaknesses:
No real scientific validation
Attacks:
Surgery
Facial Hair
Hats
Turning away from the camera
Defenses:
Scanning stations with mandated poses
30
Accounts for the majority of sales of
biometric equipment
◦ The ridges that cover the fingertips make patterns,
that were classified in the 1800’s
◦ These patterns have loops of several distinct types,
branches, and endpoints.
Because of the association with criminals,
commercial users are very reluctant to
impose fingerprinting systems upon their
clients
Fingerprint sensors on laptops
31
32
Iris patterns believed to be unique
The patterns are easy enough to detect
They do not wear out
They are protected by the eyelids and cornea
Easier to capture and process than
fingerprints
A processing technique is used to generate a
256 byte iris code
Low false acceptance rates
33
Practical difficulties:
◦ Capturing the iris image is intrusive
◦ The subject has to be co-operative
34
Strengths:
◦ Most systems have audio hardware
◦ Works over the telephone
◦ Can be done covertly
◦ Lack of negative perception
Weaknesses:
◦ Background noise
◦ No large database of voice samples
Attacks:
◦ Tape recordings
◦ Identical twins / soundalikes
35
Typical systems measure
90 different features:
Overall hand and finger
width
Distance between joints
Bone structure
Primarily for access
control:
Machine rooms
Olympics
Strengths:
Weaknesses:
No negative connotations
– non-intrusive
Reasonably robust
systems
Accuracy is limited
36
Retina Scan
◦ Very popular in the 1980s military; not used much
anymore.
Facial Thermograms
Vein identification
Scent Detection
Gait recognition
Handwriting
37
Biometric
Approx Template Size
Voice
70k – 80k
Face
84 bytes – 2k
Signature
500 bytes – 1000 bytes
Fingerprint
256 bytes – 1.2k
Hand Geometry
9 bytes
Iris
256 bytes – 512 bytes
Retina
96 bytes
38
39
impossible to provide complete security
match to value of assets
provide good security but keep system easy to
use
easy to use, little security <-----> difficult to use, high security
Steinke
40