Chapter 9 - Security Flashcards
3 main characteristics of security
confidentiality
integrity
availability
what is confidentiality
the property that data or services are protected from unauthorized access
what is integrity
the property that data or services are not subject to unauthorized manipulation
3 other characteristics of security
authentication
non-repudiation
authorization
what is authentication?
verifies the identities of the parties to a transaction and checks if they are who they claim to be
what is non-repudiation
guarantees that the sender of message cannot deny having sent it and the recipient cannot deny having received it
what is authorization
grants a user privileges to perform a task
what is security
a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people and systems that are authorized
what is an attack
an action taken against a computer system with the intention of doing harm
general scenario: 2 possible values for source
human
another system
(either inside or outside organization)
general scenario: 5 possible values for stimulus
unauthorized attempt to:
- display data
- change or delete data
- access system services
- change the system behavior
- reduce availability
general scenario: 3 possible values for artifact
- data within system
- component or resources of the system
- data produced or consumed by the system
general scenario: 6 possible values for environment
- online or offline
- connected or disconnected from a network
- behind a firewall or open to a network
- fully operation
- partially operational
- not operational
general scenario: the 2 categories of the response
transactions are carried out in a certain way
the system tracks activities in it
general scenario: response: 5 ways the system carries out transactions
Draw a picture
- data or services are protected from unauthorized access
- data or services are not being manipulated without authorization
- parties to a transaction are identified with assurance
- parties to the transaction cannot repudiate their involvement
- the data resources and system services will be available for legitimate use
3 ways the system tracks activities within
recording access/modification
recording attempts to access data, resources, or services
notifying appropriate entities when an apparent attack is occuring
general scenario: 5 possible values for response measure
picture
how much of a system is compromised when a particular component or data value is compromised
how much time passes before the attack was detected
how many attacks were resisted
how long does it take to recover from a successful attack
how much data is vulnerable to a particular attack
4 categories of security tactics
detect
resist
react
recover
4 ways to detect attacks
detect intrusion
detect service denial
verify message integrity
detect message delay
what is detecting intrusion
compare network traffic or service request patterns within a system to a set of signatures or known patterns of malicious behaviors stored in a DB
what is detecting service denial
comparison of the pattern or signature of network traffic coming into a system to historic profiles of known DoS attacks
what is verifying message integrity
use techniques such as checksums or has values to verify the integrity of messages
what is detecting message delay
checking the time that it takes to deliver a message, in attempt to detect suspicious timing behavior
4 ways to resist attacks
identify actors
authenticate actors
authorize actors
limit access
