Upload
jonathan-reynolds
View
221
Download
0
Tags:
Embed Size (px)
Citation preview
Integrating security to computer system
Security should not be an afterthought Security can be applied more systematically Security needs to be incorporated into all
phases of the computer life cycle to ensure that security can keep up with change in the system’s environment, technology, procedures and personnel.
Computer System Life Cycle Initiation Development/Acquisition Implementation Operation/Maintenance Disposal
Note: the SDLC is included in the Development/Acquisition phase
Initiation
The discovery of the need for a new system or enhancement to an existing system
The system characteristics and functionality proposed within the given constraints
Basic security aspect of the system developed through Sensitivity Assessment
Sensitivity Assessment
What information is handled What potential damage could occur through
error, unauthorized disclosure or modification, or unavailability of data or system
What laws or regulations affect security To what threats is the system or information
particularly vulnerable
Sensitivity Assessment
Are there significant environmental considerations
What are the security relevant characteristics of the user community
What internal security standards, regulations, or guidelines apply to the system
Development/Acquisition
Determine security features, assurances, and operational practices
Incorporating the security requirement into design specification
Actually acquiring them
Determining security requirements
Technical (access controls) Assurances (background check for
developers) Operating practices (awareness and training) Balance between function and usability Based on cost-benefit analysis
Taking security requirements into specifications
The information on security requirements needs to be validated, updated and organized into detailed security protection requirements and specifications used by system developers and purchasers
Acquiring the system
If the system is being built Monitor the development process for security
problems Incorrect code Poor development tools Manipulation of code Malicious insiders Trojan horses
Acquiring the system
If the system is bought Ensure security is part of contract documents Security analysis of proposed systems
Implementation
Proper configuration of the system Security testing Security certification and accreditation
Some hints on installation
Obtain software from refutable vendor Verify the software Test on test system before moving to
production system Read the installation and see what happens Do a complete installation before
customization Cleanse the test system before moving to
production system
Operation and Maintenance
Security operation and administration Operational assurance Periodic re-analysis of the system and re-
accreditation Manage change
Security operation and administration
Holding training classes Backup Manage cryptographic keys Administer user accounts and access
privileges Apply upgrade and patch
Periodic re-analysis
Is there a major change in the system Environmental change System change New vulnerability found Time lapse
Disposal
Information archived Media sanitized
Overwriting Degaussing Destruction
Can license of software be transferred
Configuration Management
The control of changes that are made to the hardware, software, firmware, and the documentation of the information system throughout its life cycle, and the auditing and reporting of the changes.
This can be looked upon as a quality assurance process.
Configuration Management
To configuration items Identify and document the functional and
physical characteristics of the configuration item
Control changes to configuration items and their related documentation
Configuration Management Record and report information needed to
manage configuration items effectively, including the status of proposed changes and the implementation status of approved changes
Audit configuration items to verify conformance to specifications, drawing, interface control documents and other contract requirements.
Configuration Management
To digital data files Uniquely identify the digital data files,
including versions of the files and their status (e.g. working, released, submitted, approved)
Record and report information needed to manage the data files effectively, included the status of updated versions of files
Configuration ManagementThings to consider
How to initiate the change Who are the concerned parties What is the approval process How to phase in the changes What to do with the older versions What if problem happens
Configuration Management Work required
Revision control Installation and testing Fault tracing System integration Maintenance of development environment Periodic auditing
Penetration Testing
To test a system by breaking in To identify methods of gaining access to a
system by using common tools and techniques used by the attackers
The objective is to determine feasibility of an attack, the amount of business impact of a successful exploit, if discovered.
Penetration Testing The process involves an active analysis of
the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures
Penetration Testing Any security issues that are found will be
presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution.
Penetration Testing
To be used with careful consideration, notification and planning
It might slow the organization’s network response time and in some extreme case cause damage to the system
Formal permission must be obtained from the organization and the rule of engagement established
Type of Test
Blue teaming Test with the knowledge and consent of the
organization’s IT staff
Red teaming Test without the knowledge of the
organization’s IT staff but full knowledge and permission of the upper management
Type of Test
External test Tester are not provided with any real
information about the target environment but has to collect it covertly
Internal Test Tester are granted some level of access to
the network usually as a user