Week 11 - Security in Systems Flashcards
(24 cards)
Why security matters
- Many people depend on tech in daily life - need these systems to be trustworthy
- Frequent security breaches and cost time, money and reputation.
- Modern systems are often more complex which can lead them to be more error prone.
- Down time when fixing issues can have large costs.
Why robotic security matters
- Potential harassment: can turn hacked robots into tools for offensive and harmful behaviour.
- Safety and liability: compromised functionality can cause accidents or damage.
- User trust: if people fear privacy or physical harm, users will loose trust in the system.
CIA Triad
A security model that states that for a system to be secure, it needs to balance all 3 pillars of the CIA triad: Confidentiality, Integrity and Availability.
Confidentiality
Computing resources, data (raw) and information (processed) should be accessible only to authorised users.
Confidentiality can be ensured using methods like encryption to hide data from unauthorised users.
Data confidentiality
Ensure that information is not disclosed to unauthorised parties.
Privacy
Gives the owner control over what data is collected, how it’s stored, and how it’s used
Integrity
- Resources should only be modified or removed by authorised users.
- Modifications, even small accidental bugs/errors can break critical processes and mislead decision-making.
- Integrity can be ensured using methods like a checksum, hashing, digital signatures and version control.
Data integrity
Ensures data is not is not tampered with, accidentally or maliciously.
System integrity
The system should function as intended, free of unauthorised modifications.
Availability
Resources need to be accessible when needed by the authorised users.
Key aspects of availability
- Performance: slow or overloaded systems hurt availability.
- Single point of failure: avoid designs where one failing component breaks the entire system.
- Redundancy and backups: provide fallback options e.g., mirrored servers, spare hardware.
Types of availability failures
Malicious: DOS attacks or ransomware.
Accidental: Network outage, hardware crash, misconfiguration.
Environmental: Natural disasters, power failures.
Security design principles
8 principles for security which aims to guide systems to be secure against present day challenges.
They include:
- Economy of mechanism
- Fail-safe defaults
- Complete mediation
- Open design
- Separation of privilege
- Least privilege
- Least common mechanism
- Phycological acceptability
Security design principles - Economy of mechanism
Keep designs as simple and small as possible, reducing the chance of errors.
Reuse simple good quality components/libraries.
Simpler designs → Less code → fewer paths → fewer bugs → simpler verification
Security design principles - Fail-safe defaults
Deny access by default; only grant access if explicitly allowed.
A conservative design must be based on arguments why objects should be accessible, rather than why they should not.
Systems should always revert to closed off rather than open.
Security design principles - Complete mediation
Every request for a resource must be checked for authorization each time - no cached “shortcuts”.
Forces a system-wide view of access control, which in addition to normal operation includes initialization, recovery, shutdown, and maintenance.
Security design principles - Open design
Open Design stresses transparency in security. Don’t rely on “security by obscurity”.
Having open designs encourages robust, peer-reviewed designs that stand up to public scrutiny.
Security design principles - Separation of privilege
Divide power so no single entity alone has enough authority to compromise the system.
Having power separated means that insider threats or threats caused from accidental misuse are reduced.
Security design principles - Least privilege
A subject (user or process) should have the minimal privileges necessary for its task.
Having minimal privilege for a task means the system is less at risk if something is hacked because the hacker will have as least privileges as possible.
Security design principles - Least common mechanism
Minimize shared resources/mechanisms used by multiple components.
Want minimised shared resources as one compromised shared mechanism could become a single point of failure for the entire system.
Security design principles - Phycological acceptability
Security must be user-friendly to be adopted.
Usability and security are sometimes overlooked.
Need user friendly security systems as even the best security fails if users avoid or bypass it due to complexity.
Immutable Laws of Security
Immutable laws of security were 10 rules published by Microsoft in 2001 and updated in 2009 and was aimed at common-sense truths in security.
A new version was released in 2023 to reflect shifts in threat actors like cloud computing, AI and zero-trust approaches.
2023 Immutable Laws of Security
1: Security success is ruining the attacker’s return on investment (ROI).
2: Not keeping up is falling behind.
3: Productivity always wins.
4: Attackers don’t care.
5: Ruthless prioritization is a survival skill.
6: Cybersecurity is a team sport.
7: Your network isn’t as trustworthy as you think it is.
8: Isolated networks aren’t automatically secure.
9: Encryption alone isn’t a data protection solution.
10: Technology doesn’t solve people and process problems.
Differences between old and new immutable laws of security
- 2023 laws are more formal.
- Hackers do not have to be at your computer to exploit it.
- Modern security requires cross-team collaboration rather than having 1 local admin.
- Antivirus isn’t enough, ongoing patching, threat intelligence, and real-time monitoring are crucial.
