Domain 3 - Security Engineering Flashcards
DES
Data Encryption Standard
- 64 bit blocks of text
- 64 bit key, 8 bits for parity
- EFFECTIVE KEY LENGTH is 56 bits
- TOTAL KEY LENGTH is 64 bits
- Since DES uses BLOCK size of 64, result is still 64 bits of encrypted data even though effective key size is 56 bits
DES - EFFECTIVE key length
56 bits
DES - TOTAL key length
64 bits
AES
Advanced Encryption Standard
- Sequences of 128-bit blocks
- Cipher key can be 128, 192, 256 bits
- AES-128, AES-192, AES-256
Bell-LaPadula
MANDATORY ACCESS CONTROL
- CONFIDENTIALITY
- Simple Security Property (NRU)
- Security Property (NWD)
- Strong Tranquility Property
- Weak Tranquility Property
Bell-LaPadula - Simple Security Property
No Read Up (NRU)
Bell-LaPadula - * Security Property
No Write Down (NWD)
Bell-LaPadula - Strong Tranquility Property
The security label will not change when the system is operating
Bell-LaPadula - Weak Tranquility Property
The security label will not change in a way that conflicts with defined security properties
Biba
INTEGRITY
- Simple Integrity Axiom
- Integrity Axiom
Biba - Simple Integrity Axiom
No Read Down (NRD)
Biba - * Integrity Axiom
No Write Up (NWU)
Clark-Wilson
INTEGRITY
- Separation of Duties (SoD)
- Well-formed transactions
Clark-Wilson - “Access Control Triple”
TP - Transaction Procedure (well formed transaction)
CDI - Constrained Data Item (data that requires integrity)
UDI - Unconstrained Data Item (data that does not require integrity)
IVP - Integrity Verification Procedures (ensures data is kept in a valid state)
Clark Wilson - Transaction Procedure
Well-formed transaction
Clark Wilson - Constrained Data Item
Data that requires integrity
Clark Wilson - Unconstrained Data Item
Data that does not require integrity
Clark Wilson - Integrity Verification Procedures
Ensures that data is kept in a valid state
Information Flow Model
Uses a lattice
Objects are labeled with security CLASSES
Information can flow either upward or at the same level
Both Bell-LaPadula AND Biba use the Information Flow Model
Reading Down and Writing Up
Applies to Bell-LaPadula
NRU/NWD are the opposite of this
State Machine Model
Mathematical model that groups all possible system occurrences
Occurrences are called STATES
Chinese Wall Model
Designed to avoid CONFLICTS OF INTEREST
Chinese Wall Model - CoI’s
CoI’s = Conflict of Interest categories
Noninterference
Ensures data in different security domains remains separate from one another
Prevents covert channels
Each data access attempt is independent from others
Take-Grant
Contains rules that govern the interactions between subjects and objects, including permissions subjects can grant to other subjects
Take-Grant - Four Rules
Take, Grant, Create, Remove
TCSEC
Trusted Computer System Evaluation Criteria (TCSEC)
NIST and NCSC (National Computer Security Center)
AKA Orange Book
DOES NOT address networks. Systems only
TCSEC/Orange Book - Divisions
D: Minimal Protection
C: Discretionary Protection (C1, C2)
B: Mandatory Protection (B1, B2, B3)
A: Verified Protection (A1)
TNI/Red Book
Trusted Network Interpretation
Brings TCSEC concepts to network systems
ITSEC
European Information Technology Security Evaluation Criteria (ITSEC)
European version of the Orange Book
Information Common Criteria
Successor to ITSEC
“Target of Evaluation” and “Security Target”
PRIMARY OBJECTIVE: Eliminate known vulnerabilities of the target for testing
Layering
Separates hardware and software functionality into modular tiers
One layer is not directly affected by a change to another
Abstraction
Hides unnecessary details from the user
Makes processes LESS COMPLEX to ENHANCE security
Security Domains
A list of objects that a subject is allowed to access
DOD - Confidential, Secret, Top Secret
Kernels - User mode, Kernel mode
The Ring Model
Separates and protects domains (ex: kernel/user mode) from each other
The Ring Model - Ring 0
Kernel - MOST trusted
The Ring Model - Ring 1
Other OS components
The Ring Model - Ring 2
Device Drivers
The Ring Model - Ring 3
User - LEAST trusted
The Ring Model - Ring -1
Hypervisor Mode
DEP
Data Execution Prevention
- Can be enabled within hardware and/or software
- Attempts to ensure that memory locations not PRE-DEFINED to contain executable content will not have the ability to have code executed
- Protects against STACK/HEAP-based buffer overflows
ASLR
Address Space Layout Randomization
- Makes memory addresses employed by the system less predictable
CPU - Multitasking
Allows multiple tasks to run simultaneously on one CPU
Most modern OS’s support multitasking
CPU - Multiprocessing
Runs multiple processes on multiple CPIs
CPU - Multiprocessing - SMP
Symmetric Multiprocessing
- One operating system to manage all CPUs
CPU - Multiprocessing - AMP
Asymmetric Multiprocessing
- One OS system image per CPU, acting as independent systems
Swapping vs Paging
Swapping = copying ENTIRE process to or from disk Paging = copying BLOCKS of memory to or from disk
WORM (memory)
Write Once Read Many
Infrastructure as a Service (IaaS)
Provides an entire virtualized OS
Customer configures from the OS on up
Platform as a Service (PaaS)
Provides a pre-configured OS
Customer configures applications, then just uses the applications
Software as a Service (SaaS)
Completely configured solution from the OS to the applications
think: O365, Dropbox, etc…
Covert Storage Channel
Uses shared storage, such as a temporary directory, to allow two subjects to signal eachother
Covert Timing Channel
Relies on the system clock to infer sensitive information
Overt Channel
Opposite of a covert channel.
Authorized communication that complies with security policy
Macro Virus
Written in a macro language
Boot Sector Virus
Infects the boot sector of a PC
Ensures that the virus loads upon system startup
Stealth Virus
hides itself from the OS and AV
Polymorphic Virus
Changes its signature upon infection of a new system
Attempts to evade AV
Multiparte Virus
Spreads via multiple vectors
Server-side Attack
Launched directly from the attacker to a listening service
Client-side Attack
User downloads malicious content
Firewalls often fail to prevent these attacks
Client-side Attack Mitigations
Patching applications
User Awareness
Server-Side Attack Mitigations
Firewalls
Patching
System hardening
Defense in depth
Inference
There is a mystery to be solved
Lower level details provide CLUES to DEDUCE higher level information
POLYINSTANTIATION can help defend against inference
Aggregation
Mathematical process
User asks every questions and receives every answer, then can derive restricted information
NO DEDUCTION IS REQUIRED (answer is given)
Cryptology
The science of secure communication
Encompasses BOTH cryptography and cryptanalysis
Cryptography
Creates messages whose meaning is hidden
Cryptanalysis
The science of breaking encrypted messages
Diffusion (encryption)
The order of the plaintext should be “diffused” in the ciphertext
Confusion (encryption)
The relationship between the plain/ciphertext should be as confused (random) as possible
Substitution (encryption)
Replaces one character for another
Provides CONFUSION
Permutation (encryption)
Also called transposition
Provides diffusion by rearranging the characters of the plaintext, anagram style
