Upload
jada-conner
View
34
Download
1
Embed Size (px)
DESCRIPTION
Data Security and Cryptology , I Introduction . Essence of Data Security. September 3th , 2014 Valdo Praust mois @ mois .ee Lecture Course in Estonian IT College Autumn 2014. Name and Goal. Name : Data Security and Cryptology ( Andmeturve ja krüptoloogia) - PowerPoint PPT Presentation
Citation preview
Data Security and Cryptology, I
Introduction. Essence of Data Security
Data Security and Cryptology, I
Introduction. Essence of Data Security
September 2nd, 2015
Valdo Praust
Lecture Course in Estonian IT CollegeAutumn 2015
September 2nd, 2015
Valdo Praust
Lecture Course in Estonian IT CollegeAutumn 2015
Name and GoalName and GoalName: Data Security and Cryptology(Andmeturve ja krüptoloogia)
Place: Estonian IT College
Goal of lecture course: To provide a systematic overview of contemporary data security and cryptology, both from theoretical and practical side. Data security as a practical discipline will considered a little bit more theoretically and cyrpotography as a deep theoretical discipline (and also an important tool for data security) more practically
Processual Data, IProcessual Data, ICode: I378
Invovles: 16 academic pairs of lectures, 12 pairs of practices, 74 hours independent work
Points: 5 ECTS
Schedule (lectures): once a week, on Wednesdays between 2pm and 4pm
Grading: final test (determines the final mark) – 70 multiple choice questions
Processual Data, IIProcessual Data, II
• Distibution of materials: via webpage http://www.itcollege.ee/~valdo/security/ - English slideshows (PPTs); Estonian slideshows from year 2011 also available
• Communication between lecturer and students: via email and the above-mentioned webpage
• Practical exercises will start in 5th week (4 pm)
LecturerLecturer
Valdo Praust
• Master of Science (MSc)
• have 22 years different experience if the field of data security (different roles)
• currently freelancer IT Securiy expert
• ph +372 514 3262
• email [email protected]
Plan of Lectures, IPlan of Lectures, I1. Introduction. Essense of Data Security. Data
security, it’s essence and importance in contemporary information systems and in whole world. Availability, integrity and confidentiality, its importance in different information systems and in protection of IT assets. Standard model of security harming. Economical side of data security. Practical solving of security problem
2. Security Threats, Classification. Classification of threats: spontaneous (accidental) threats and attacks. Methods used for finding and evaluating threats. Threats frequency
Plan of Lectures, IIPlan of Lectures, II3. Vulnerabilities of Information Assets.
Appliable Security Measues. Classification of vulnerabilities. Interaction between vulnerabilities and theats, examples
4. Risk Management and its Methodics. Risk management as a tool of solving practical security problem. Four alternatives of risk management – detailed risk analysis, baseline security method, mixed method, non-formal method; their comparison. Quantitative and qualitative risk analysis, examples. Examples of baseline security methods, BSI and ISKE
Plan of Lectures, IIIPlan of Lectures, III5. Essence of Cryptogrtaphy. Pre-
Computer Cryptography. Essence and basic concepts of encryption. History of cryptography, traditional cryptography. Pre-computer cryptography, best-known traditional techniques and machines. Theoretical and practical security
6. Basics of Contemporary Cryptography. Main concepts, essence and goals. Main types of algorithms and their’ usage. Cryptanalysis, its’ goal and properties. Practical security of cryptoalgoritms, ways of achieving this
Plan of Lectures, IVPlan of Lectures, IV
7. Symmetric Cryptoalgorithms. AES. Essence of symmetric cryptoalgorithms. Modes of operation, their usability and security. AES – history, main properties, technical description. Security and modes operation of AES
8. Other Symmetric Cryptoalgorithms. IDEA, Skipjack, Blowfish, AES, RC4. Their properties, security, usability. DES as a retrospective view of a classic symmetric algorithm
Plan of Lectures, VPlan of Lectures, V9. Asymmetric Cryptoalgorithms. RSA.
Essence, properties, mathemathical background and main concepts. Example. Practical usability, realisations
10.Hash Functions. Cryptoprotocols, TLS Essence of hash functions, properties, demands. Mostly used algorithms, thoretical and practical secrity. Collisions. Security protocols. TLS as an example - its desciption and usability
Plan of Lectures, VIPlan of Lectures, VI
11. Digital Signature, its Usage. Urgency of digital signature in digital record management. Digital signature as an application of public-key cryptography. Practices of handling both the private and public key. Certification, certificates. Timestamp, validity of approval, service providers. Certification infrastructure, PKI. Digital signature in Estonia
Plan of Lectures, VIIPlan of Lectures, VII
12. Digital Signature and Digital Record Management in Practice. Digital Archieving, Estonian ID card. Peculiarities of digital signature in practice. Comparison with handwritten signature for end users and business. Overview of Estonian ID-card and mobile-ID card. Digital record management and digital archieving from the point of view of security
Plan of Lectures, VIIIPlan of Lectures, VIII
13. Database Security. Network Security. Database security, theory and practice. Importance and usability of cryptographical chaining, integrity and accountability. Confidentiality as a difficultly solvable problem. Importance of network security. Firewall, virtual private network, cryptowall. Secure remote client
Plan of Lectures, IXPlan of Lectures, IX
14. Security Management (Organisational Security). Principles and goals of data security management. Functions and activities. Essence of data security policy. Roles of Data Security Forum. Choosing of appropriate risk management technique. Data security plan, implementation of security measures and follow-up activities. Related national and international standards
Plan of Lectures, XPlan of Lectures, X15. Legal Control of Data Security. Protecting of
Personal Data. Essence of personal data. Common practices of protecting personal data both in Europe and in all around the world. Estonian Data Protection Act. Sensitive personal data, obligation of registration. Peculiarities of data security in public sector – data security classes, etc
16. Social Elements of Data Security. Influence of data security to information systems and society. Cyberattacks, cyberwar, information war. Cyberdefence, the role and share of different institutions. Cyber-security and data security, their main problems and comparison
Practical exercises, IPractical exercises, I
• Classification of threats, vulnerabilities and safeguards, their inter-dependendence
• Different baseline security standards
• Different risk analysis methodics
• Different cryptographic tools, usage of cryptoalgorithms
Practical exercises, IIPractical exercises, II
• Introduction of PKI environment and software
• Practical solving of security task (different aspects and poit of view)
• Different secure authentication means
Will start in 5th week
Independent workIndependent work
Final test (determines the final mark) – 70 multiple choice questions
In order to access to the final test both the referative work and practical exercises must be passed (and marked)
Referative work, related to data security or cryptography (deadline - 14th week). Minimal amount – 20 pages
What We Protect: Information What We Protect: Information Information (informatsioon, teave) – a knowledge concerning any objects, such as facts, events, things, processes or ideas, which have a special meaning in certain contexts
The concept “information” is heavily related to the more general concept – knowledge. It assumes that there is a fact whis is known (an object), and the person who knows the fact (the subject)
Information itself does not have the practical shape. The practical shape of information will occure when we also consider the practical representation of information (and then it is called - data)
Information itself does not have the practical shape. The practical shape of information will occure when we also consider the practical representation of information (and then it is called - data)
What We Protect: DataWhat We Protect: Data
Data are always the presentation of information, usually in a pre-agreed form (which allows to transfer the information beared by the data from one subject to another)
The same data can be interpreted differently by the different subjects having a different background (for example, “hallitus” in Estonian and in Finnish)
Data (andmed) – reinterpretable formalized representation of an information in such a form which is suitable for transfer, processing and/or interpretation
Data (andmed) – reinterpretable formalized representation of an information in such a form which is suitable for transfer, processing and/or interpretation
Digital DataDigital DataAny information can be represented (carried) by the data in many different ways. The more essential ways are two following:
• paper-based data (paberkandjal andmed) – text, schemes, pictures etc are beared on the surface of the carrier (paper sheet(s))
• digital data (digikujul andmed) – all the data are coded into the queues of 0’s and 1’s using certain standards and certain technical equipment
When we talk about the computer-based (computer processable) data we always thought the digital data, which are always coded by using the queues of 0’s and 1’s.
When we talk about the computer-based (computer processable) data we always thought the digital data, which are always coded by using the queues of 0’s and 1’s.
Data FormatData Format
Data format (andmevorming, vorming) — a desciption how different type of information – text, picture, voice, video etc – is coded into the queue of 0’s and 1’s
A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data
A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data
From Data Format to MeaningFrom Data Format to MeaningDifferent data formats are supported by a different application software which usually allow to write the file in certain format, or to made the content of data (information) human-perceptable etc.
Different data formats are supported by a different application software which usually allow to write the file in certain format, or to made the content of data (information) human-perceptable etc.
A typical end-user usually don’t know anything about different data formats and interpretation. He/she usually associates the certain format only to the certain software which is able to interpretate these format(s).
End user usually receives only an human-perceptable form, prepared by the software, so-calles WYSIWYG (What You See Is What You Get, in Estonian adekvaatkuva)
Necessity of Data Security
If we possess (or process) the data then the information carried by the data has always a certain value for us (for our business process). It does not depend either the infomation is represented by the digital nor by the paper-based data
Information security (infoturve) or data security (andmeturve) is a discipline concerning the maintaining these values/properties of information (performed in practice by the maintaining the properties of data)
Information security (infoturve) or data security (andmeturve) is a discipline concerning the maintaining these values/properties of information (performed in practice by the maintaining the properties of data)
Components of Information Security
Infortmation security (infoturve) or data security (andmeturve) is a complex concept consisting of following three properties:• information availability (käideldavus)• information integrity (terviklus)• information confidentiality (konfidentsiaalsus)
Infortmation security (infoturve) or data security (andmeturve) is a complex concept consisting of following three properties:• information availability (käideldavus)• information integrity (terviklus)• information confidentiality (konfidentsiaalsus)
These three properties (branches of secrity) must be maintained for all information/data items we possess.
In pre-computer world (paper-based information) we talked only about the confidentiality, not for other branches
About Different ConceptsThe following four concepts:
• information security (infoturve)
• information protection (infokaitse)
• data security (andmeturve)
• data protection (andmekaitse)
are widely taken synonyms
It’s mainly a question about traditions and culture where we use which concept. For example in Europe the concept data protection is often used in a context of protection of personal data (isikuandmete kaitse)
It’s mainly a question about traditions and culture where we use which concept. For example in Europe the concept data protection is often used in a context of protection of personal data (isikuandmete kaitse)
Data AvailabilityData availabilty (andmete käideldavus) is a timely and convenient access and usage of information carried by the data for all authorized persons and other entities
Data availabilty (andmete käideldavus) is a timely and convenient access and usage of information carried by the data for all authorized persons and other entities
Availability is the most important component of data security – the worst thing which must be happened is that data are no more available for the subjects which need them during business process (maybe destroyed forever)
Examples:• border guard does not have the list of fugitives (or the list
isn’t up-to-date);• National Board of Land does not know the who possesses
the concrete plot of land
Data IntegrityData integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain source and haven’t been altered (both by an accident or by a deliberate act or by the fake)
Data integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain source and haven’t been altered (both by an accident or by a deliberate act or by the fake)
Integrity are the second important security branch (by the availability)
In the business process we usually assume that the data we used (information carried by the data) are firmly related to the creator/source of the data, creation time etc. Violation or absense of these relationships will usually causes serios negative consequences
Näide: karistusregistri kuritahtliku muutmisega saab vang õigusevastaselt varem vabaks
Data ConfidentialityData confidentiality (andmete konfidentsiaalsus ehk salastatus ehk salastus) is the availability of the information, carried by the data, only by the authorized subjects (and strict non-availability for other subjects)
Data confidentiality (andmete konfidentsiaalsus ehk salastatus ehk salastus) is the availability of the information, carried by the data, only by the authorized subjects (and strict non-availability for other subjects)
Examples:• state of corporative secret will be disclosed• operational intelligence information will be disclosed• personal data will be spread without the permission of
data subject
Security of Data vs IT Assets Security of data (security of information beared by the data) is ensured by the securing the (IT) assets surrounding the data
Security of data (security of information beared by the data) is ensured by the securing the (IT) assets surrounding the data
IT assets (infovarad) include:• IT equipment (hardware, communication devices, power
supplies etc)• data communication channels• software (both system and application software)
but it also MUST include (must taken into the account):• organization (its structure and operation)• personnel• data carriers (incl. documents)• infrastructure (buildings, offices etc)
Main Properties of Digital Data (from the security point of view)1. A great but indirect value of a data
(information): it’s very hard to measure it
2. Portativity: data which can be stored by the very small and easily movable carriers can possess a huge value for our business process
3. Possibility of avoiding the physical contact: the physical and virtual structures are usually very different
4. Disclosure of security losses especially for integrity and confidentiality losses
Standard Model of Security Harming1. Threats (ohud) influence the data (via IT assets)
2. Threats use the vulnerabilities (nõrkused, turvaaugud) of IT assets or components of IT system
3. Threats with co-influence the vulnerabilites will determine the risk or security risk (risk, turvarisk)
4. When a certain risk realises, there will appear a security loss or security breach or security incident (turvakadu, turvarike, turvaintsident)
5. In order to minimize the risks there’s necessary to minimise vulnerabilities using safeguards of security measures (turvameetmeid)
Essence of Security Concepts• Threat (oht) – a potential extern-influenced harm of
information security
• Vulnerability (nõrkus ehk turvaauk) – the property of each IT asset (component) from the point of view of external threats
• Risk (risk) – a probability that threat can use the certain vulnerability and will realise
• Security loss (turvakadu) – an event when the security (availability, integrity and/or confidentiality) of some IT asset(s) will be harmed
• Safeguard or security measure (turvameede) – a modification of IT asset(s) which will minimise the risk(s) (the rate of vulnerabilities of asset(s))
Examples of Security Losses• failure of equipment – integrity loss of IT
asset
• theft of equipment – availability loss of IT asset
• Unauthorised modifying of register – integrity loss of data
• destroying of office rooms by fire – availability loss of infrastructure
• wiretapping of non-crypted data cabels – confidentiality loss of data
Security and Residual Risk
Instead of absolute security usually the concept acceptable residual risk by the business process (äriprotsessi jaoks aktsepteeritav jääkrisk) is used
NB! It does not matter how many safeguards we implement, we NEVER achieve the absolute security. If we implement more safeguards we only minimise the probability that security (availability, integrity of confidentiality) will be harmed but it will never fall into zero
NB! It does not matter how many safeguards we implement, we NEVER achieve the absolute security. If we implement more safeguards we only minimise the probability that security (availability, integrity of confidentiality) will be harmed but it will never fall into zero
An acceptable residual risk is a situation where the total price of all implemented safeguards is approximately equal to the forecasted total loss of security (measured by the amount of money)
The both graphs are hardly predictable (estimatable):
• We do not know the exact expenses of the all safeguards (it will change over the times)
• Even less we can estimate the graph of damages – we do not have the actual data of threat frequences and their impact for all IT assets
• Even we have all this estimation data, the exact calculation (quantitative risk analysis) is very time-consuming prosess - there’s a hunderds of different IT assets, thousands of threats, thousands of vulnerabilities (and all of them must be taken account together)
Serious Obstacles of Evaluating the Optimal Security Point
Necessity for a Risk Management Techniques
Necessity for a Risk Management Techniques
• to standardise different security levels i.e. different availability, integrity and confidentiality levels
• to create a system which is able to determine standardised actions (safeguards), for different security levels, which result ensures us to approximately achieve the optimum point (to archieve the acceptable residual risk situation
This process is usually called a risk management (riskihaldus)This process is usually called a risk management (riskihaldus)
In order to simplify a practical security task it’s usually necessary