Adequate Protection

Adequate Protection

  • Submitted By: tbinh7777
  • Date Submitted: 10/04/2010 5:27 AM
  • Category: Technology
  • Words: 2858
  • Page: 12
  • Views: 625

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Overview

SMD149 - Operating Systems - Security
Roland Parviainen

Security goals and principles Security and operating systems Common security threats and controls Cryptography Other controls Summary

December 9, 2005

1 / 63

2 / 63

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Security goals

Principle of easiest penetration

Traditionally:
Confidentiality Integrity Availability

Intruders/attackers will use any means of penetration. A security system is only as good as its weakest link. I.e. an attacker need to find one possible vulnerability, while the security specialist must consider all possible vulnerabilities.

3 / 63

4 / 63

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Principle of adequate protection

Principle of effectiveness

Things need to be protected only until they lose their value. Things need only be protected to a level consistent with their value.

Controls must be used to be effective. Control should be efficient, simple and appropriate.

5 / 63

6 / 63

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Introduction Security and operating systems Attacks and controls Cryptography Other controls Summary

Threat model

Security and Operating systems

Security evaluation needs a threat model
Who are the attackers? What are their resources? What attacks are protecting against? What is the value of what we are protecting?...

Similar Essays