Information Security : Is it an Art or a Science


Published on

A brief overview on Information Security

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Information Security : Is it an Art or a Science

  1. 1. Information Security : Is it an Art or a Science ? 1 by Pankaj Rane Research Associate(IDRBT)
  2. 2. AGENDA What is Security ?  What is Information Security ?  Brief History : Information Security  Present Day : InfoSec  Why InfoSec is important ?  What is Information Assurance ?  Security Services  Information States  Security Countermeasures  Prevention , Detection , Response  References  2
  3. 3. WHAT IS SECURITY ?  “The quality or state of being secure to be free from danger”  To be protected from adversaries  A successful organization should have multiple layers of security in place:      Physical security Personal security Operations security Communications security Network security 3
  4. 4. Fig.1 Spheres of security 4
  5. 5. WHAT IS INFORMATION SECURITY ?    The protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information Tools, such as policy, awareness, training, education, and technology are necessary The C.I.A. triangle was the standard based on Confidentiality, Integrity, and Availability 5
  6. 6. C.I.A. Triangle 6
  7. 7. BRIEF HISTORY OF INFORMATION SECURITY     Computer security began immediately after the first mainframes were developed Groups developing code-breaking computations during World War II created the first modern computers Physical controls were needed to limit access to authorized personnel to sensitive military locations Only limited controls were available to defend against physical theft, espionage, and sabotage 7
  8. 8. The "Enigma" machines, which scramble messages into codes, were best known for their use by the German military during WWII. Many models were made and there were complex additions to the machines during the war, but British code breakers managed to crack the "Enigma" code. 8
  9. 9. PRESENT DAY : INFORMATION SECURITY  The Internet has brought millions of computer networks into communication with each other – many of them unsecured  Ability to secure each now influenced by the security on every computer to which it is connected 9
  10. 10. WHY INFORMATION SECURITY IS IMPORTANT ?  Governments, commercial businesses, and individuals are all storing information electronically    compact, instantaneous transfer, easy access Ability to use information more efficiently has resulted in a rapid increase in the value of information Information stored electronically faces new and potentially more damaging security threats can potentially be stolen from a remote location  much easier to intercept and alter electronic communication than its paper-based predecessors  10
  11. 11. WHAT IS INFORMATION ASSURANCE ?    The act of ensuring that data is not lost when critical issues arise. These issues include natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. Common method of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arise. 11
  12. 12. SECURITY SERVICES : WHAT TYPES OF PROBLEMS CAN OCCUR? Confidentiality  Integrity  Availability  Authentication  Non Repudiation  12
  13. 13. CONFIDENTIALITY “the assurance that information is not disclosed to unauthorized persons, processes or devices.” INTEGRITY “the assurance that data can not be created, changed, or deleted without proper authorization” AVAILABILITY “Timely, reliable access to data and information services for authorized users.” AUTHENTICATION “Designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorizations to receive specific categories of information” 13
  14. 14. NON-REPUDIATION “The assurance the sender of the data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the data” Examples where non-repudiation is lacking include: - An online shopper purchases and downloads a software package, but later claims he never downloaded it. - An online shopper purchases and downloads a software package that he later finds out was corrupted, but he later finds out the seller was not who he expected, but instead was a “man in the middle”. 14
  15. 15. INFORMATION STATES : WHERE IS THE DATA? Transmission  Storage  Processing  15
  16. 16. TRANSMISSION Time in which the data is in transit between processing/process steps. STORAGE Time during which data is on a persistent medium such as a hard drive or tape. PROCESSING Time during which the data is actually in the control of a processing step. 16
  17. 17. Fig.NSTISSC Security Model 17
  18. 18. SECURITY COUNTERMEASURES : WHO CAN ENFORCE /CHECK SECURITY? People  Policy and Practice  Technology  18
  19. 19. PEOPLE The heart and soul of secure systems.  Awareness, literacy, training, education in sound practice.  Must follow policy and practice or the systems will be compromised no matter how good the design!  Both strength and vulnerability.  19
  20. 20. POLICY AND PRACTICE System users  System administrators  Software conventions  Trust validation  20
  21. 21. TECHNOLOGY  Evolves rapidly  Crypto systems  Hardware  Software  Network      Platform     Firewalls Routers Intrusion detection Other…. Operating systems Transaction monitoring Other…. Especially vulnerable to misconfiguration and other “human” errors. 21
  22. 22. PREVENTION  Establishment of policy and access control who: identification, authentication, authorization  what: granted on “need-to-know” basis   Implementation of hardware, software, and services users cannot override, unalterable (attackers cannot defeat security mechanisms by changing them)  examples of preventative mechanisms  passwords - prevent unauthorized system access  firewalls - prevent unauthorized network access  encryption - prevents breaches of confidentiality  physical security devices - prevent theft   Maintenance 22
  23. 23. PREVENTION IS NOT ENOUGH! Prevention systems are never perfect. No bank ever says: "Our safe is so good, we don't need an alarm system." No museum ever says: "Our door and window locks are so good, we don't need night watchmen.“ Detection and response are how we get security in the real world, and they're the only way we can possibly get security in the cyberspace world. Bruce Schneier, Counterpane Internet Security, Inc. 23
  24. 24. DETECTION Determine that either an attack is underway or has occurred and report it  Real-time monitoring  or, as close as possible  monitor attacks to provide data about their nature, severity, and results   Intrusion verification and notification intrusion detection systems (IDS)  typical detection systems monitor various aspects of the system, looking for actions or information indicating an attack   example: denial of access to a system when user repeatedly enters incorrect password 24
  25. 25. RESPONSE  Stop/contain an attack  must be timely!  incident response plan developed in advance Assess and repair any damage  Resumption of correct operation  Evidence collection and preservation   very important identifies vulnerabilities  strengthens future security measures  25
  26. 26. REFERENCES [1] {InformIT Reference Guides} [2] [3] ap01.ppt [4] [5] 26
  27. 27. THANK YOU !!! 27
  28. 28. QUERIES ??? 28