After completing these activities you should be able to:
During the course, we will learn about the Cyber Battlefield — digital data, computers, operating systems, programs, networks, the Internet, systems of programs communicating over networks (with the world wide web as the biggest example). We will see lots of examples of things that can go wrong in the cyber domain — things that we recognize as dangerous, things that we recognize we need to defend against. But what, actually, are we actually defending?
This is a deeper question than it might first appear. Understanding the answer will help us understand what attacks are, how to defend against them, and even help us understand what we really want when we ask for "security".
What then? We have information systems that store, process, and transmit data to different parts of the system in order to provide services — what service depends on the system. For example, Skype is a system that provides video, telephone, and chat services. Security for Skype means the on-going ability to provide their service while maintaining the following key attributes:
These attributes are referred to as the Pillars of Cyber Security (formerly Pillars of Information Assurance). And for almost any information system, they describe the fundamental properties that must be maintained. Essentially, these properties are what we want to protect (or attack, if you're on the other side). Information Assurance (IA) is the practice of managing risks while maintaining these properties. Malicious human threats are not the only kind information assurance considers — a hungry squirrel might gnaw through a cable and bring down a server. Protecting against this is information assurance, though not really cyber security. We'll focus on the cyber security related aspects of IA. [More seriously: IA includes concerns like could extreme weather take down the Internet?]
As with with any domain there are specific definitions for terms; the following are the definitions for the Pillars of Cyber Security.
There is some overlap between the Pillars of Cyber Security. In many cases a defensive measure will protect more than one pillar. In many cases a particular attack will violate more than one. Often the question of what pillars were violated by an action is somewhat subjective, and depends on the viewpoint from which you are asking from.
There is a close relationship between non-repudiation and authentication, but they are separate. Authentication is compromised when an attacker has the ability to pose as another individual or system, often by stealing valid authentication credentials. In contrast, non-repudiation reflects our ability to prove later, after the fact, that an action is associated with a specific individual or entity. Very often, log entries or digital signatures of events (which we will cover later) are used to provide non-repudiation, so a violation occurs when the logging or signature mechanism is compromised. One example is the digital signature you can place on a document, using something that is associated with you (a digital certificate, for example). Non-repudiation establishes that, later on, an analysis of the signed document can show, with high certainty, that it must have been signed by someone who possessed that digital certificate.
Some organizations and publications limit their discussion of Cyber Security pillars to confidentiality, integrity, and availability; other organizations list many more. While the overall number of pillars/attributes that must be maintained in supporting information assurance is debated, the inclusion of confidentiality, integrity, and availability is nearly universal. In this course, we also include non-repudiation and authentication as distinct pillars.
Understanding something as an attack requires understanding which of the five pillars are violated — which properties are lost. Let's consider some examples.
Although there aren't many publicized examples of non-repudiation violations, or 'repudiation attacks,' the following are some general examples:
There is a fundamental tension between the services an information system provides, and security. A building with no doors or windows is quite secure, but pretty limited in its utility. Similarly, an information system with no way for data to flow in or out is very secure, but it is unable to provide a service. The more services you provide/allow, the more ways in and out of your system that need securing. Thus, for each service one needs to weigh the value of the service against the security implications of providing/allowing it. You weigh the risk against the benefits and make a decision.
services.mscin the Windows shell, you can get the services list with mouse clicks too:
services.mscin the Search Bar. An entry in this list looks like a name, description, and status (and some other stuff). Clicking on the entry allows you to see the full description. How many services are installed? How many are running? Can you tell just by the name what each one does? Just this list of running services should give you an idea of the dizzying array of software that exists just to serve your laptop. The picture gets even more complex when we discuss servers, such as web servers, for example.
There is no one right answer as to whether a service should be provided/allowed. For example, Remote Desktop for Windows is a service that allows someone on a remote machine to pull up the complete graphical desktop on your machine, in order to see what they would see if they were sitting in front of your machine. Scroll down your list to find the entry for 'Remote Desktop Services.' Among other things, this is really helpful when providing technical support or remotely administrating a machine — especially for people who are not tech-savvy and aren't sitting near the person who is helping them. Consider the decision as to whether or not to turn this service on in two cases: