Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Winfried E. Khnhauser
Summer Term 2016
Winfried E. Khnhauser
CSI
Ilmenau Technical University
www.tu-ilmenau.de
Systems Security, ST 2016 wk
-1-
Organization
Teaching Units
Lectures
Periodical discussions
Exercises
-2-
Organization
Exercises
Goal
Working Style
Rotating speakers
-3-
Organization
Web Pages
tu-ilmenau.de/vsbs, Lehre SS 2016 Systems Security
Course description
TOC
Slides
Assignments
Literature
Assignment solutions
-4-
Organization
Marks
will be based on
Any
questions?
-5-
Organization
1 Introduction
Topics Today
Take a Look
-6-
1 Introduction
-7-
1.1 Risikoszenarien
1.1 Scenarios
Information Systems
Availability
Timeliness
Scalability
Openness
-8-
Security
Correctness
1.1 Scenarios
Communication Systems
Availability
Timeliness
Scalability
Openness
-9-
Security
Correctness
1.1 Scenarios
Energy Management
Availability
Timeliness
Scalability
Openness
- 10 -
Security
Correctness
1.1 Scenarios
Traffic Management
Availability
Timeliness
Scalability
Openness
- 11 -
Security
Correctness
1.1 Scenarios
Secure IT Systems
Traffic
Management
Information Systems
Energy
Management
Communikation
Systems
- 12 -
1.1 Scenarios
1.2 Security
Example 1
Our Facultys Examination Management System
Maintains
Services
Registration to examinations
Registration of examination marks
Information and attestations desk
Web
Clients
Examinations
Offices Server
Systems Security, ST 2016 wk
- 13 -
1.2 Security
Operational Risks
Condition sine qua non:
Provability of information properties
- 14 -
1.2 Security
Example 2
Industrial Control Systems; e.g. Energy/Water Plants
Chinese Hacking Team Caught Taking Over Decoy Water Plant
http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-overdecoy-water-plant/
Operational Risks
Threat of primary community support systems
- 15 -
1.2 IT-Sicherheit
Confidentiality
Integrity
Availability
Non-repudiability
- 16 -
1.2 Security
Safety
Security
Goal: to protect IT systems against hazards caused by malicious attacks
making sure things work in the face of an intelligent and malicious adversary
Systems Security, ST 2016 wk
- 17 -
1.2 Security
Basic Terms
- 18 -
1.2 Security
Requirements
Engineering
Security
Requirements
Policy
Engineering
Security
Policy
Model
Engineering
Security
Model
Architecture
Engineering
- 19 -
Security
Architecture
Roadmap
Threats
Vulnerabilities
Risks
Security Requirements
Security Policies
Modeling and Specification
Security Mechanisms
Authentication
Access Control
Cryptography
Security Architectures
- 20 -