Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Access control systems are here to preserve info and make sure it is consistent and there
when you need it (Integrity. ). So to ensure this, we classify people and separate them.
(Separation of duties). That way we know who does what and what access to give them
to what. The money you spend on access control must not exceed the amount of the info
you’re protecting. You determine the value of the info you’re protecting by qualitative
and quantative methods.
Availability: Systems must be available ensuring the systems authorized users have
uninterrupted access.
One important term you will come across is “least priviledge”. When an access system
grants users only those rights necessary for them to perform their work, then it is
operating on the least privilege security principle. Least privilege addresses
INTEGRITY!
Controls
Controls are implemented to mitigate risk and reduce the potential for loss.
Controls can by preventive, detective or corrective.
Controls provide accountability for individuals who are accessing sensitive information.
Control combos
-preventive/admin
-preventive/tech
-preventive/physical
-detective/admin
-detective/tech
-detective/physical
Preventive/admin –Emphasis on “soft mechanisms”. does preemployment background
checks. Does classification labeling, vacation scheduling. Awareness
training..Organizational policies and procedures..
Detective/tech –intended to reveal violations of security policy. IDS systems and/or audit
generating programs. You must protect audit (event viewer logs) so that you can see
whats going on
BIOMETRICS-a 1 to 1 search to verify a persons claim of identity so that they can be authenticated
BIOMETRIC CHARACTERISTICS:]=
2. Sesame- authenticates by using the first block of a message only and not complete.
Subject to password guessing. Developed to address weaknesses in Kerberos.
The difference between kryptoknight and Kerberos is that there is per to peer relations
among parties .
The description of the database is called a schema, and the schema is defined by a
DDL (data description language)
For security, the DBMS can be set up so that only certain subjects are permitted to
perform certain operations on the database. For example, a particular user can be
restricted to certain info in the database and will no be allowed to view any other
info. You can define this as a “view” A filter that only allows individuals to see
the only things they are allowed to se. In this way, the view can be thought as
implementing least privledge.
NOTE* The referential integrity requires that for any foreign key attribute, the
referenced relation must have a tuple with the same value for its primary key.
Relational database models are ideal for business transactions where most of the
information is in text form.
OODBs are useful in storing and manipulating complex data like images and
graphics.. But it has a steep learning curve and high overheard
IDS
A system that is used to monitor network traffic or monitor host audit logs to determine if
any violations of an organizations security policy have taken place. An ids can detect
intrusion that have passed through a firewall or are occurring within the LAn behind the
Firewall.
A truly effective IDS will detect common attacks as they are occurring.
The problem with this IDS is that it will not detect attacks against a host made by an
intrude who is logged in at the hosts terminal.
Host based review the systems event logs in order to detect and attack on the host
and to determine if the attack was successful. As you can imagine, detection capabilities
of host based ID systems are limited by the incompleteleness of the operating systems
“logging” abilities. Uses “AGENTS”
Weaknesses are that you cant detect attacks that are launched over a long period of time.
Why? Well because only attack signatures stored in their database are detected. And if
the attacker is slow, the ids system is unlikely to be able to store all the sigs. Also, new
attacks go un-noticed.
ACCOUNTABILITY
The following measures are used to compensate for both internal and external access
violations
-backups
-raid
-fault tolerance
-business continuity planning
-insurance