CSE-509- COMPUTER SYSTEM SECURITY

Prof. Rob Johnson

Lecture 1 – Aug 30, 2010
Notes by Ritin Suthagaran

Course webpage: http://www.cs.sunysb.edu/~rob/teaching/cse509-fa10/

WHAT IS COMPUTER SECURITY?

 Security that cannot be bypassed (ideally) - Complete Mediation
 System is not vulnerable to internal / external threat - Threat Model
 Trust boundaries - Trusted Computing Base (TCB)
o Ideally small TCB
 Consequences and mitigations
o What are you protecting?
o What property is being protected?

PROTECTING INFORMATION - SECURITY GOALS

 AVAILABILITY - People who have access to the information can actually have it. The data
providing systems ability to deliver the correct data to the correct person within the bounds of
the correct policies.
o Denial of Service
 Network Bandwidth exhaustion – flooding server farms.
 OS Resources (SYN Flood Attack )
 Crash system via malformed inputs
 Account locking by repeated wrong input tries
 CPU Time hog
 RAM hog
 Disk hog
 Fork Bomb (creating multiple forks)
 Cookies Attack (exceeding browser cookie limits)

 SECRECY - Ensuring that information is accessible only to those authorized to have access

o The confidential information may include :

 Password
 Encryption key
 Financial Info
 SSN
 Cookies
 Contacts (Privacy )
  Source Code
 National Security
 Trade Secrets
 Credit card #s

o Anonymity - Hide who is talking to whom.

 INTEGRITY - Data with complete or whole structure. Data is only allowed to be modified in
authorized ways.
o Database Contents
o Source Code
o Man-in-the-middle attack
o Modifying messages in Transit - Passive Attack

AUTHENTICATION - A TOOL FOR IMPLEMENTING SECURITY

 Purpose: Identify users to other parties
 Verify specific properties of the assessors (e.g. captcha codes for human vs. bot detection)

COMPUTER SECURITY IS THE STUDY OF COMPUTING IN THE PRESENCE OF AN ADVERSARY.

 Attackers adapt to defenses

 Attackers don't follow a known probability distribution.
 Trade-off: Security vs. Reliability - Using RAID backups, redundant storage
 Governing policies and laws can affect all three pillars of security
 Software updates and patches enhance all three aspects of security

THREAT MODEL - DEFINE POWERS AND LIMITS OF THE ATTACKER

 Computational Limitation - Can vary from 1 to 106(or more) CPUs

 Access Limitation
o Insider or Outsider
o Remote or Local
o Bandwidth, connectivity etc.
o Time - Session expiration
o Knowledge of defense
 Cryptosystem
 Login name
 Public key
 User info
 Trapdoors
 Time
 OS
 Browser
 Network Layer
 File system
  Source code
 Partial knowledge of data (e.g. tender which has same format just the different
amount)

Basically everything except explicitly denoted secrets like passwords, encryption keys,
random numbers etc.

Aside: Truth about computer security, what an attacker could do… :-)