Security and Protection

• Security: policy (what will be done) of authorizing accesses
  • prevents intentional misuses of the system
• Protection: mechanisms (how something will be done) implemented to enforce the specialized policy
  • prevents accidental and intentional misuses
• Confidentiality: secret data remains secret
• Integrity: unauthorized users should not be able to modify data
• Availability: nobody can make a system unusable
• Encryption
  • Uses a key to transform the data
  • Difficult to reverse without the key
• UNIX stores encrypted passwords in /etc/passwd
  • uses one way transformers
  • required only lower-case, 5 letter passwords
  • require more complex password
• Private key encryption of data
  • Encrypt(key, plaintext) = Cipher text
• Eavesdropping: listeners approach
  • tap into the ethernet and see everything
  • countermeasure: pressurize cables
• Abuse of privilege:
  • if the superuser is evil, not much you can do
• Imposter: breaks into the system by pretending to be someone else
  • recorded voice and facial image
  • countermeasure: behavioral monitoring to look for suspicious activities
• Trojan horse: seemingly innocent program performs an unexpected function
  • spyware is a variation that download ads, create popup windows and steal user information
  • countermeasure: integrity checking
• Salami attack: builds up an attack one-bit at a time
  • partial pennies to a bank account
  • countermeasure: code reviews
• Logic Bombs: a programmer secretly insert a piece of code into production system
• Denial of Service attacks: aim to reduce system availability
  • throttle the system
  • randomware: can encrypt important files until a random is paid
  • countedmeasure: versioned backup