Domain 3 - Security Architecture and Engineering - Security Architecture and Design Flashcards

1
Q

Security Models

A

Provides the means to formalize a system policy into an explicit set of rules that a computer can follow to implement the fundamental security concepts, processes, and procedures that make up a security policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

System Architecture

A

Hardware, Software, and firmware as part of the overall design and description of the interaction of information
Enforces the specifications provided by the security model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Security Model Examples

A
Bell-LaPadula Model ****
Biba Model ****
Clark-Wilson Model **
Brewer & Nash Model **
State Machine Model
Information Flow Model
Non-Interference Model
Lattice Model
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

State Machine Model

A

Basis for other models
The state of a system is its snapshot at any one particular moment.
You are only as secure as your weakest state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Bell-LaPadula Model

A

Protects Confidentiality of a system
Developed by DoD multilevel security policy
Divides entities in an information system into subjects and objects
Subjects and Objects are created with Labels
Labels are compared upon attempted access
If it is not expressly called out, it is allowed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Bell-LaPadula Tranquility Property

A

Labels are not arbitrarily changed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Bell-LaPadula Simple Security Property

A

No reading up in classification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Bell-LaPadula *Security Property

A

No writing down in classification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Bell-LaPadula Strong *Property

A

No read/write up or down in classification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Biba Integrity Model

A

Protecting the Sanctity of Knowledge
No subject can depend on an object of lesser integrity
“Down Data’s Dirty”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Biba Simple integrity axiom

A

No Read down of integrity level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Biba *Integrity Axiom

A

No write up on integrity level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Biba Invocation property

A

Subject cannot invoke subjects at a higher integrity level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Clark-Wilson Model

A

Isolation between resources
Keep users out of your stuff or they will break it
Separation of Duties is emphasized
Forces well-formed transactions through access triple

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Brewer-Nash Model

A

Prevent conflict of interest in databases
Developed to combat conflict of interest in databases housing competitor information
Ensures fair competition
aka Chinese Wall model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Access Triple

A

user -> Transformation Procedure -> Constrained data Items (CDI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Security Architecture

A

Directs how the components included in the system architecture should be organized and interact to ensure that security requirements are met

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Trusted Computing Base (TCB)

A

all hardware, software, and firmware within a system that enforces the security of a system and provides a description of the trust of a system
Include the CPU, RAM, OS Kernel, BIOS, etc
Evaluated when certifying a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Security Perimeter

A

Conceptual separation between the TCB and the untrusted elements of a system
API example of how to implement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

CPU Protection Modes

A

Unresticted mode is called kernel, supervisor mode, privileged mode
May perform any operation, access any location, without restrictions
Restricted mode is user mode or problem state

21
Q

CPU Busses

A
Front Side Bus (Internal Bus) allows processor to communicate with RAM
Expansion Bus (Input/output bus) allows motherboard components (PCI, etc) to communicate with one another
22
Q

Protection Rings for OS

A

0 - Privileged OS Functions - kernel (Most privilege)
1 - OS Services - remaining parts of OS
2 - Device Drivers - I/O Drivers and OS Utilities
3 - Application Programs - user activity and programs

23
Q

Reference Monitor Concept

A

Set of design requirements to make the determination regarding subject/object access.
Rules that govern access

24
Q

Security Kernel

A

Enforces the Reference Monitor

25
Q

Requirements for Monitor/kernel

A

Must facilitate isolation of processes
Must be invoked at every access attempt
Must be small enough to be tested and verified in a comprehensive manner

26
Q

Programs

A

An application

27
Q

Processes

A

Program loaded into memory

28
Q

Threads

A

Each individual instruction within a process

29
Q

Multi-programming

A

Multiple programs “open” but no true isolation

30
Q

Multi-tasking

A

Isolation of processes - more than a single process can run at one time

31
Q

Multi-processing

A

More than one CPU

32
Q

Multi-threading

A

Mutliple threads running one process

33
Q

Multi-core processor

A

CPU with more than one core, provides hardware multithreading

34
Q

Service Oriented Architecture (SOA)

A

style of software design where services are provided to the other components by application components, through a communication protocol over a network

35
Q

SOAP Protocol

A

messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP), although some legacy systems communicate over Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission

36
Q

API Access

A

Who is allowed to ask for data or services

37
Q

API Request

A

What data or services can be asked for Requests have methods and Parameters
Methods - the type of question you can ask
parameters - Additional details you can include in the question or response

38
Q

API Response

A

Data or service for your request

39
Q

The “Orange Book” (TCSEC) Trusted Computer Security Evaluation Criteria

A

Used by US gov’t in mid 90s
Way to evaluate system to determine proper amount of security
Part of series of books called the rainbow Series
Based on Bell-LaPadula model
Developed by NCSC National Computer Security Center

40
Q

TCSEC Evaluation Ratings

A

A1 - Verified Protection
B1, B2, B3 - Mandatory Protection
C1, C2 - Discretionary Protection
D - Minimal Security

41
Q

Certification Common Criteria

A
ISO 15408 (International standard)
Certify systems based on the trust (function) and assurance of a system
42
Q

Protection Profile

A

Requirements from Agency or Customer

43
Q

Target of Evaluation

A

System Designed by Vendor

44
Q

Security Target

A

Documentation describing how ToE meets Protection Profile

45
Q

Evaluation Assurance Level (EAL 1-7)

A

Describes the level to which ToE Meets Protection Profile
EAL 1 - Functionally Tested (Lowest rating)
EAL 2 - Structurally Tested
EAL 3 - Methodically tested and checked
EAL 4 - Methodically designed, tested and reviewed
EAL 5 - Semi Formally designed and tested
EAL 6 - Semi-formally verified designed and tested
EAL 7 - Formally verified designed and tested (Highest Rating)

46
Q

Certification

A

process that ensures systems and major applications adhere to formal and established security requirements that are well documented and authorized
Performed by a vendor

47
Q

Accreditation

A

Formal declaration by a Designated Accrediting Authority (DAA) that information systems are approved to operate an an acceptable level of risk based on the implementation of an approved technical, managerial, and procedural safeguards

48
Q

Most important concept for layered security

A

Series, layering is deployment of multiple mechanisms in series

49
Q

Fog Computing

A

Using IoT Devices and sensors to collect data and transfer it back to a central location for processing