Chapter 7: Security in pervasive systems Flashcards
What is Information Systems Security?
- Processes and methodologies to protect information and information systems against unauthorized access
- It is essentially risk management
How can you manage the risk of information systems?
Risk = Probability x Impact
Probability: f(threats, vulnerabilities)
Impact: f(assets)
Asset: anything that could be of value
Threat: Potential danger to information life cycle
Vulnerability: Weakness that provides an opportunity for a threat to be exploited
What countermeasures / safeguards are available to mitigate potential risks?
- Administrative, operational or logical measures
Is there a perfect security?
- No because with enough time and resources every security technology is breakable
How can you determine Good Enough Security
- you need to find the minimum cost between cost for security enhancing mechanisms and expected total cost for violations
- At a certain point towards 100 % security, the costs for security mechanisms increase exponentially
What are the components of security
- Security Services
- Security mechanisms
Explain Security Services
A service that enhances the security of the information systems. Uses one or more security mechanisms CIA - Confidentiality - Integrity - Availability - Authentication
Explain Security mechanisms
Mechanism designed to prevent or recover from a security attack
- Encryption
- Hashing
- Digital Signatures
- Passwords
What means confidentiality?
Ensuring that only authorized principals can read the information
Threat: Disclosure
Security Mechanism: Encryption
What is encryption?
A transformation of plain text to cypher text
Decryption is the reverse transformation into plain text
How does the Caesar encryption work?
Encryption + 3 letters shift in the alphabet
Decryption - 3 letters shift in the alphabet
Hallo -> KDOOR
How does a symmetric cryptography work in general?
Message Source P ->
Encryption Algorithm E -> C=E(K,P)
Decryption Algorithm D -> P=D(K,C)
C= Cypher Text P = Plain Text K = Key
Algorithms are public; security due to secrecy of the key, same key for encryption and decryption
What are potential methods to attack encrypted data?
Brute Force: Try all possible decryption key until finding the correct one
Cryptanalysis: Analyze information of the cryptosystem to reduce the space of possible decryption keys
Why do we need (public key) asymmetric cryptography
- Modern encryption algorithms are computationally secure (brute-force is computationally unfeasible)
- Key distribution must be secure
-> Public key (asymmetric) cryptography allows to exchange keys over an insecure channel
How does (public key) asymmetric cryptography work?
Two keys per user:
- Public key can be distributed over insecure channels
- Private key is kept secret
1) Encrypt plain text with receivers public key
2) Transmit cryphertext
3) Receiver decrypts the text using its private key to obtain plain text
Explain integrity
Ensures that only authorized principals can modify the information
Threat: Corruption
Mechanism: Hash, MAC code, digital signature
What is a hash?
- Mathematical function that converts arbitrary long string into a string of fixed length that guarantees integrity
- easy to compute in forward direction but impossible to compute in reverse direction
- Collision resistant: no two string generate same hash
How can attackers influence the hash?
- They can’t modify the hashed message that satisfies the hash
- But attackers could modify the hash
Explain how message authentication code can create integrity
Message Authentication Code (MAC):
- Hash parameterized with a secret key
- Sender needs key for computation
- Receiver needs key for verification
- Attacker can’t manipulate the hash
Explain how digital signature can create integrity
- Tries to recapture properties of handwritten signature
- Only the signer may generate it
- Anybody can verify its validity
- Based on Public Key Cryptography
(Encryption with senders private key and decryption with senders public key)
Explain Availability
- Ensures that authorized principals can access and use the system without undue delays
Threat: Denial of Service (DoS)
Mechanism: redundancy, load balancing
How can redundancy guarantee availability
- copies of components that take over workload in the event of failure
How can load balancing guarantee availability
- Transfer workload from overloaded components to others with lighter load
- Need to take care of (System monitoring, minimize impact of maintenance, optimize performance)
Explain Authentication
- Identify and verify a principals claimed identity
- Threat: Impersonation
- Mechanism: username/password
How are passwords stored in a machine?
- Not directly but the hashed of a password
- Attackers can’t get a list of passwords
- Salt (extra bytes) add protection against dictionary attacks
Password + Salt Value -> Hash algorithm -> Hash value
In what way does pervasive computing make a difference to security?
These dimensions are fairly new for security:
Extended Computing Boundaries:
- IoT
- 1 user-N devices
Non-intrusive
Adaptive
Context-Aware
- Location
What are the new attack vectors emerging from ubiquitous computing?
- Networked computer systems become deeply embedded in the fabric of society
- New usage patterns open up new vulnerabilities (but also opportunities)
- Damage of malicious attacks become more varied and more pervasive
Give some examples for new attack vectors of ubiquitous computing
- Track people through geolocated dating apps
- Internet of (evil) things (devices talk behind your back)
- Denial of Life attack (pace maker / wearables)
What is the problem with some geolocated dating apps?
- They send distance of a single to the client (before that they sent the exact coordinates)
Problem:
- Create a profile in the app
- Fake three different locations
- Query the service API to find distance to a particular user
- -> Exact user location can be calculated using trilateration
Whats the difference between Positioning and Tracking
Determine the spatial position of a system / person:
Positioning: entity determines its own location
Tracking: system determines entities location (privacy concern)
What potential security issues can emerge from an wireless pacemakers?
Privacy:
- Access of sensitive health data
Integrity, Availability
- Change settings (disable therapies)
- Deliver command shock
How can you track user behavior with ultrasonic?
- High-frequency tones (not hearable for humans) embedded in ads, web pages, retail stores
- Ultrasound beacons are gathered by user devices
- User behavior can be profiled (ads seen, physical location visited)
What are the general security challenges?
Extended computing boundary:
- More computing devices increases complexity
- Heterogenous devices make standard security mechanisms harder to implement
Security services musst be context-aware too
Security needs to be integrated from the very start
