T Salausjärjestelmät (Cryptosystems) Introduction to the second part of the course. Outline. What we'll cover. Requirements and design issues
|
|
- Pierce Nigel Gilbert
- 6 years ago
- Views:
Transcription
1 T Salausjärjestelmät (Cryptosystems) Requirements and design issues Introduction to the second part of the course Outline What we'll cover Introduction to the second part of the course Requirements and design issues Threats, security models, assumptions Risk analysis Choosing a cryptosystem Common design principles Assurance and evaluation We'll look at cryptosystem implementation For a large part just implementing secure (correct) software There are cryptography specific challenges and methods, though We'll look at both kinds of techniques Motivation: implementation is often the weakest link Much less organized than cryptography theory We'll use the software life cycle for structure There are models for the design process But for practical implementation, there is less structure Although a bit messy, these are important issues Importance of software security is increasing Security can be cost-efficient (e.g. savings in updates, complaints,...) 2 4
2 Security and functionality are very different Some problems The attacker always has the advantage You need to cover all the holes; the attacker needs to find one hole Security is invisible You can't read it off a product label You can't directly measure it, like functionality Security failures are difficult to notice Security failures are often silent Example: encryption keys are not derived correctly E.g. IPsec implementation initializes key to zero and only initializes the first byte of the key correctly => 256 possible keys Example: cryptographic keys are accidentally leaked to hard drive Catastrophic for a hard disk encryption system => Importance of standards, interop testing with independent code, test vectors, etc. 5 We can't specify everything in practice There are common expectations for secure software Example: if result of function is undefined on some input, we still expect it to maintain security (not to leak keys or format hard drive) Some of these are captured by common design principles Secure is relative to something, e.g. to a threat model It does not mean there are no successful exploits Example: physical tampering attack not in software scope Example: RSA is always breakable Secure is often subjective Example: estimating the expected monetary impact of an attack What is the probability of an attack? What is the probability of success, if an attack occurs? These are subjective probabilities 7 What is a secure implementation? What keeps us from getting the implementation right? There are (at least) two broad concepts of security 1) The program is free of flaws 2) The program may have flaws, but they are not exploitable The second concept is what we use today Penetrate and patch model of development Defense in depth, multiple overlapping mechanisms Damage control if a flaw is found to prevent actual exploits A pessimistic view there will be flaws, you just have to manage them Requires continuous software updates The first concept is more or less theoretical We don't need defense-in-depth if we operate in this model It's not an impossible model, we just don't have the tools yet to make it practical 6 Most of the world is focused on functionality not security These two are conceptually very different Programming languages and tools are not always suitable Unsafe programming languages (e.g. C) widely used Safe (type safe) programming languages Corporate pressure The release deadline is coming up, and the software works... mostly Security is not productive for a manager Ideally security testing is a waste of time! That is, the software is free of flaws, and we don't find any But if we don't test, we just don't know... 8
3 Life cycle model Basic design issues Requirements Verify Verify Design Refine Refine Implementation Testing Deployment Main software development 1. Develop correct requirements 2. Refine progressively 3. Verify that each refinement is correct (NB: Testing is really just verification of implementation, but we depict it separately as is usually done.) Threat model and threat tree Identifying your assets Developing a threat model Risk analysis, cost-benefit analysis Security objectives and assumptions Security functions Considerations for cryptosystem selection Software maintenance 1. Diagnose problem 2. Escalate to appropriate level 3. Incremental fix and verification 4. Deployment of fix Maintenance Retirement 9 11 Security and safety compared Safety Security Safety mechanism Safety risk Security mechanism Security risk Requirements and design issues Hazard Threat Accident Attack Attacker Vulnerability Harm Vulnerability Harm Asset Asset 10 12
4 Threat model Security is always relative to threats Without a model of threats, it's difficult to define what security means Threats are related to assets under protection (e.g. information) Defining the threat model is a good starting point Define the threats for the system exhaustively (try to) Start with general categories and refine them further Describe attackers and their capabilities The set of threats is infinite, but we must still try It's difficult to ensure a design is secure unless we know what sorts of threats we're working against Working on threat scenarios inspires better design Also rule out categories we're not interested in For instance, physical tampering, electromagnetic attacks in case of networked software 13 Risk analysis Threats can be quantified using risk analysis Model 1 Expected damage = Prob( Attack succeeds ) * Average impact Compare value of asset with expected damage Model 2 Estimate monetary resources required to damage assets Compare estimated cost to estimated damage We can then make more informed decisions on security I.e. which threats we consider to be out of scope Notes about risks 1. Risk is a function of environment 2. Risks change with time (e.g. changes in environment, new technology) 3. Risks are often very remote, but still need to be considered 15 Threat tree Security objectives and assumptions Threat tree Root = all threats, children are main categories of threats Nodes are further subdivided to more and more refined threats Each level should be complete, i.e. cover all threats covered by parent Often an and-or structure is used (notation varies) A part of threat model T t 1 t 2 t 3 by (t 1 and t 2 ) or t 3 Parent threat T is caused (only) Each threat is covered by a) stating that it is out of scope (=> described in assumptions) b) describing required security objective(s) which address the threat c) a combination of a) and b) Security objective A high level requirement, refined to security function(s) in design Assumption Example: It is assumed that access to the physical hosts used in the system is restricted to trusted personnel Example Threat: unauthorized access to resources Security objective: require user identification and authentication before a user is given access to resources Assumption: only network access is possible, physical access is protected 16
5 Security functions Choosing a cryptosystem More concrete than security objectives E.g. cryptographic protocols and primitives Must address all security objectives satisfactorily And ultimately, the threat model Example: Threat model: passive eavesdroppers on communication line Security objective: encryption for communication Security function: anonymous TLS using ciphersuite X Layer in networking stack affects choice, examples Bulk encryption (point-to-point) IPsec or other per-packet system Application data (point-to-point) TLS or other stream-based system Content (or relay protocol) PGP or other object-security system Underlying layers are also your problem E.g. if you send PGP data over TCP, protection against Denial-of-Service is more difficult Process and environment issues Cryptosystems require a supporting environment (physical, processes,...) Key management is often problematic, e.g. for PKIs a huge deployment issue User password management, dealing with lost passwords, etc. If you don't take processes into accounts, your effort may backfire Typical example: too complex passwords => people write them down Choosing a cryptosystem Dolev-Yao model is often good for networking An attacker can obtain any message passing through the network; is a legitimate user of the network, and thus in particular can initiate a conversation with any other user; will have the opportunity to be a receiver to any principal; can send messages to any principal by impersonating any other principal. In other words: the attacker carries your messages Network may often be considered only point of access Assumption of physical security, assume no backdoors E.g. login using SSH, use broken permissions to add trusted Choosing a cryptosystem You should use an existing cryptosystem / protocol Designing a cryptosystem is very difficult Even if you get it right, you'll have to convince others The gains of your own design are likely to be quite small You can use a profile of an existing cryptosystem For instance: select a subset of crypto algorithms, fix key lengths, don't support optional functional features, etc. You can even drop mandatory features if necessary, as long as you don't touch security critical components Example: Our HTTPS client is a non-compliant subset, but interoperates certificates Thus we're mostly interested in attacker computation capabilities, strengths of cryptosystems (in the mathematical sense) Affects key length decisions, for instance 18 20
6 Choosing a cryptosystem Some terminology from access control Library support If based on a standard, existing cryptosystems may have partial support Performance and code/data size Sometimes cannot be overlooked, but less and less relevant Code/data size can be minimized by e.g. Decreasing number of supported algorithms Selecting algorithms with small footprint Specialized implementation for small size or performance Asymmetric algorithms often use dynamic memory management, which may be a problem Can be avoided by fixing big number sizes (key lengths) Symmetric algorithms vary greatly in resource requirements Subject E.g. a user, a UNIX process,... Object E.g. a file, a UNIX process,... Operation E.g. read, write, delete, execute,... Right (privilege) Privilege: Operation X on object Y is allowed for subject Z Two basic models Access Control Lists (ACLs): (Subject, Operation) tuples per object Capabilities: (Object, Operation) tuples owned by process Common design principles Least privilege A subject should only have the minimum privileges it needs to Common design principles (Mostly based on Matt Bishop: Computer Security: Art and Science) complete its task Within reason: the administration of exact privileges must not complicate system to offset the benefits This is basically a principle of containment the impact of an attack is contained if least privileges are used Fail-safe defaults The system should default to deny in access control E.g. if a new subject is created, it should have no rights except those explicitly given 22 24
7 Common design principles Common design principles Economy of mechanisms (KISS) Mechanisms for implementing security should be as simple as possible Applies to design, implementation of modules, module interfaces, etc.!"# Complete mediation All accesses to objects should be checked Essentially, caching is considered bad UNIX: open() checks for privileges, but an open file descriptor can be used even if the privileges are later revoked Check return code of all functions and system calls Check that the action was actually taken (don't trust the OS) E.g. change uid => check return code, and then check using getuid Least common mechanism Mechanisms used to access resources should not be shared If resources are shared, a transmission channel may be inadvertently formed, leaking information Psychological acceptance Security mechanisms should not make a resource more difficult to access than without the security mechanisms Unachievable in practice, so we need to compromise Example: when using username/password authentication, we don't usually indicate which one was incorrect; however, this makes usage more difficult Without psychological acceptance, people work around systems, possibly decreasing overall security Common design principles More design principles... Open design $Security of a system should not depend on the secrecy of its design or implementation $Compare to Kerckhoffs' principle in cryptography $Current commercial software does not follow this principle $Controversial %Dedicated attacker: can steal secrets, and get source code anyway %Casual attacker: it's easier to attack if you've got the source Separation of privilege $Permission should not be granted based on a single condition $Essentially Defense in depth Trusted computing base (TCB) TCB = software and hardware that implement the system's information security policies Kernel, trusted system processes, configuration files, etc. Security of TCB depends on... Correct requirements, design, and implementation Protection of TCB mechanisms Correct inputs (e.g. security policies) Example: VPN gateway Packet processing is part of the TCB; security policy for traffic However, security of TCB!= security of system Firewall / VPN is trusted, and designed accordingly A user space process can still get malicious inputs because the TCB 26 does not inspect traffic 28
8 Assurance and trust Assurance and evaluation Trust through evaluation A system is considered trusted if it has been shown to meet requirements under an evaluation by certified experts Note that trust and security are different concepts A non-trusted system may be secure (just not evaluated to be secure) A trusted system (evaluated) may be insecure But we hope that evaluation correlates with overall security Evaluation provides assurance Correspondence between life cycle stage deliverables Requirements Design Implementation May also require minimum functional mechanisms Increases trust that mechanisms are appropriate E.g. a certain access control model, level of cryptographic strength Assurance and trust Evaluation methodologies TCSEC Assurance point of view We can't currently make software that remains secure over time A system is trustworthy, if there is evidence that it meets given requirements; trust measures trustworthiness, relying on evidence Assurance is more specific: security assurance is confidence that a system meets its security requirements, based on evidence provided by specific assurance techniques Categorization of assurance techniques Informal natural language for specifications and justification of claims TCSEC ( ) Trusted Computer System Evaluation Criteria, a.k.a Orange Book Six evaluation classes: C1, C2, B1, B2, B3, A1 Each class contains both functional and assurance requirements Applies best to operating systems and access control Emphasizes confidentiality Developed as a standard methodology for devices processing government classified information Semiformal natural language used, but a specific methodology is used Formal mathematics, formal languages, automated tools and techniques In practice, evaluation methods use semiformal approach 30 32
9 Evaluation methodologies ITSEC Evaluation methodologies CC ITSEC ( ) European effort: France, Germany, UK, Netherlands,... Widely used before Common Criteria became available Six evaluation levels: E1 through E6 Assurance requirements Security functional requirements defined in a security target provided by vendor Functionality and assurance essentially separate But security targets often overlooked Common Criteria (... continued) Some terminology Protection Profile (PP) implementation-independent set of security requirements for a category of products Target of Evaluation (TOE) HW/SW under evaluation Security Target (ST) describes security requirements for TOE (based on a profile, or customized) TOE Security Policy (TSP) set of rules for managing security TOE Security Functions (TSF) HW/SW implementing the TSP ITSEC shortcomings for security targets addressed by profiles Evaluation methodologies CC Evaluation methodologies FIPS 140 Common Criteria (1998 Present) International effort: NIST + NSA, UK, France, Germany,... Three part standard The Common Criteria (CC) documents The CC Evaluation Methodology (CEM) Country-specific evaluation methodology (National scheme) The CC document describes overview of methodology and Identifies functional and assurance requirements Defines Evaluation Assurance Levels (EALs) The CEM document has detailed guidelines for evaluation However, each country implements the methodology in its own way FIPS and (1994 Present) Security Requirements for Cryptographic Modules NIST (National Institute for Standards and Technology, US) Security requirements cover 11 areas, including Basic design and documentation Key management Cryptographic algorithms Self testing Individual ratings (1...4) for each area, and overall rating (= minimum) Although hardware oriented, may be used for software as well Requires use of third party operating system etc, which is part of evaluation 34 36
10 Formal methods Formal methods are one way to gain assurance Correspondence between refinements can be proven to be correct Differences in many areas, e.g. Underlying mathematical method Degree of automation Property verification or full verification Domain of application HW/SW, concurrent/sequential, etc Pre- vs. post-development (design aid or verification) In practice can be applied only in limited scenarios A certain module A certain aspect of a module Informal and semiformal methods used in practice E.g. all practical evaluation methodologies Thank you! Questions? Summary Introduction to the second part of the course Requirements and design issues Threats, security models, assumptions Risk analysis Choosing a cryptosystem Common design principles Assurance and evaluation 38
Chapter 18: Evaluating Systems
Chapter 18: Evaluating Systems Goals Trusted Computer System Evaluation Criteria FIPS 140 Common Criteria SSE-CMM Slide #18-1 Overview Goals Why evaluate? Evaluation criteria TCSEC (aka Orange Book) FIPS
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationTrusted OS Design CS461/ECE422
Trusted OS Design CS461/ECE422 1 Reading Material Section 5.4 of Security in Computing 2 Design Principles Security Features Kernelized Design Virtualization Overview 3 Design Principles Simplicity Less
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationFirewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003
Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003 A system or combination of systems that enforces a boundary between two or more networks - NCSA
More informationCertification Report
Certification Report EAL 4+ Evaluation of Firewall Enterprise v8.2.0 and Firewall Enterprise Control Center v5.2.0 Issued by: Communications Security Establishment Canada Certification Body Canadian Common
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Blue Ridge Networks BorderGuard Centrally Managed Embedded PKI Virtual Private Network (VPN)
More informationApplied IT Security. Device Security. Dr. Stephan Spitz 10 Development Security. Applied IT Security, Dr.
Applied IT Security Device Security Dr. Stephan Spitz Stephan.Spitz@gi-de.com Overview & Basics System Security Network Protocols and the Internet Operating Systems and Applications Operating System Security
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Deep Defender 1.0.1 and epolicy Orchestrator 4.6.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report EAL 3+ Evaluation of Juniper Networks M-Series Multiservice Edge Routers, MX-Series 3D Universal Edge Routers, T-Series Core Routers and EX-Series Ethernet Switches running JUNOS 11.4R2
More informationCertification Report
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCSE 127: Computer Security. Security Concepts. Kirill Levchenko
CSE 127: Computer Security Security Concepts Kirill Levchenko October 3, 2014 Computer Security Protection of systems against an adversary Secrecy: Can t view protected information Integrity: Can t modify
More informationCertification Report
Certification Report EAL 4+ Evaluation of JUNOS-FIPS for SRX Series version 10.4R4 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report U.S. Government Router Protection Profile for Medium Robustness Environments Report Number:
More informationCertification Report
Certification Report EAL 2+ Evaluation of EMC Celerra Network Server Version 5.5 running on EMC Celerra NSX and EMC Celerra NS series Issued by: Communications Security Establishment Certification Body
More informationCertification Report
Certification Report McAfee File and Removable Media Protection 4.3.1 and epolicy Orchestrator 5.1.2 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report EAL 2+ Evaluation of Verdasys Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationCertification Report
Certification Report EMC NetWorker v8.0.1.4 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada,
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Technologies CA API Gateway v9.2 10 October 2017 383-4-417 V 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be
More informationIntroduction to Assurance
Introduction to Assurance Overview Why assurance? Trust and assurance Life cycle and assurance April 1, 2015 Slide #1 Overview Trust Problems from lack of assurance Types of assurance Life cycle and assurance
More informationCertification Report
Certification Report Curtiss-Wright Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications
More informationAdvanced Systems Security: Multics
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationIT Security Evaluation : Common Criteria
AfriNIC-9 MEETING Mauritius 22-28 November 2008 IT Security Evaluation : Common Criteria Ministry of Communication Technologies National Digital Certification Agency Mounir Ferjani November 2008 afrinic
More informationL17: Assurance. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L17: Assurance Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 11/06/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are revised
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationCertification Report
Certification Report McAfee Enterprise Security Manager with Event Receiver, Enterprise Log Manager, Advanced Correlation Engine, Application Data Monitor and Database Event Monitor 9.1 Issued by: Communications
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationCertification Report
Certification Report EAL 2+ Evaluation of Fortinet FortiMail V3.0 MR5 Secure Messaging Platform Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More information19.1. Security must consider external environment of the system, and protect it from:
Module 19: Security The Security Problem Authentication Program Threats System Threats Securing Systems Intrusion Detection Encryption Windows NT 19.1 The Security Problem Security must consider external
More informationCertification Report
Certification Report McAfee Management for Optimized Virtual Environments Antivirus 3.0.0 with epolicy Orchestrator 5.1.1 Issued by: Communications Security Establishment Certification Body Canadian Common
More informationCertification Report
Certification Report EAL 3+ Evaluation of Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Issued by: Communications Security Establishment Canada Certification Body Canadian Common
More informationSoftware Security and Exploitation
COMS E6998-9: 9: Software Security and Exploitation Lecture 8: Fail Secure; DoS Prevention; Evaluating Components for Security Hugh Thompson, Ph.D. hthompson@cs.columbia.edu Failing Securely and Denial
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationDefine information security Define security as process, not point product.
CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is
More informationUNICOS/mp Common Criteria Evaluation
UNICOS/mp Common Criteria Evaluation Janet Lebens, Cray Inc. Cray Proprietary Agenda Definitions NIAP CCEVS Common Criteria CC vs TCSEC Why Evaluate? Steps of Evaluation Details of Steps for Cray / Progress
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report. for
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report for Report Number: CCEVS-VR-10746-2016 Dated: November 10, 2016 Version: 1.0 National Institute
More informationSecurity & Privacy. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of
Contents Security & Privacy Contents Web Architecture and Information Management [./] Spring 2009 INFO 190-02 (CCN 42509) Erik Wilde, UC Berkeley School of Information Abstract 1 Security Concepts Identification
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security
More informationSecurity System and COntrol 1
Security System and COntrol 1 Security Management By: Joseph Ronald Canedo It is a Risky World Vulnerabilities Security objectives: Prevent attacks Detect attacks Recover from attacks Attacks: against
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationCryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols
More informationNational Information Assurance Partnership
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Sun Java System Identity Manager v5.0 Report Number: CCEVS-VR-05-0117 Dated: 6 September
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Policy Auditor 6.4 with epolicy Orchestrator 5.10 5 November 2018 383-4-455 V1.0 Government of Canada. This document is the property of the Government of Canada.
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Data Loss Prevention 11.0 with epolicy Orchestrator 5.9.0 4 January 2018 383-4-429 Version 1.0 Government of Canada. This document is the property of the Government
More information- Table of Contents -
- Table of Contents - 1 INTRODUCTION... 1 1.1 OBJECTIVES OF THIS GUIDE... 1 1.2 ORGANIZATION OF THIS GUIDE... 2 1.3 COMMON CRITERIA STANDARDS DOCUMENTS... 3 1.4 TERMS AND DEFINITIONS... 5 2 BASIC KNOWLEDGE
More informationCommon Criteria. Introduction Emilie Barse Magnus Ahlbin
Common Criteria Introduction 2015-02-23 Emilie Barse Magnus Ahlbin 1 Magnus Ahlbin Head of EC/ITSEF Information and Security Combitech AB SE-351 80 Växjö Sweden magnus.ahlbin@combitech.se www.combitech.se
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT WorkCentre 7525/7530/7535/7545/7556 with FIPS 140-2 Compliance over SNMPv3 25 July 2016 v1.0 383-4-371 Government of Canada. This document is the property of the Government
More informationComputer Security CS 426 Lecture 17
Computer Security CS 426 Lecture 17 Trusted Computing Base. Orange Book, Common Criteria Elisa Bertino Purdue University IN, USA bertino@cs.purdue.edu 1 Trusted vs. Trustworthy A component of a system
More informationOperating System Security, Continued CS 136 Computer Security Peter Reiher January 29, 2008
Operating System Security, Continued CS 136 Computer Security Peter Reiher January 29, 2008 Page 1 Outline Designing secure operating systems Assuring OS security TPM and trusted computing Page 2 Desired
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationCCM 4350 Week 22. Security Architecture and Engineering. Dr A. Lasebae School of Science and Technology CCM4350 1
CCM 4350 Week 22 Security Architecture and Engineering Dr A. Lasebae School of Science and Technology CCM4350 1 Security Evaluation CCM4350 2 Security Evaluation How do you get assurance that your computer
More informationImplementing Cryptography: Good Theory vs. Bad Practice
Implementing Cryptography: Good Theory vs. Bad Practice Viet Pham Information Security Group, Department of Mathematics Royal Holloway, University of London Outline News report What is cryptography? Why
More informationXerox FreeFlow Print Server. Security White Paper. Secure solutions. for you and your customers
Xerox FreeFlow Print Server Security White Paper Secure solutions for you and your customers Executive Summary Why is security more important than ever? New government regulations have been implemented
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security
More informationPRACTICAL NETWORK DEFENSE VERSION 1
PRACTICAL NETWORK DEFENSE VERSION 1 The world s premiere online practical network defense course elearnsecurity has been chosen by students in over 140 countries in the world and by leading organizations
More informationMILS Multiple Independent Levels of Security. Carol Taylor & Jim Alves-Foss University of Idaho Moscow, Idaho
MILS Multiple Independent Levels of Security Carol Taylor & Jim Alves-Foss University of Idaho Moscow, Idaho United states December 8, 2005 Taylor, ACSAC Presentation 2 Outline Introduction and Motivation
More informationCompTIA Security+(2008 Edition) Exam
http://www.51- pass.com Exam : SY0-201 Title : CompTIA Security+(2008 Edition) Exam Version : Demo 1 / 7 1.An administrator is explaining the conditions under which penetration testing is preferred over
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Privileged Access Manager Version 2.5.5 v1.2 8 August 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief,
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationMultiple Independent Layers of Security (MILS) Network Subsystem Protection Profile (MNSPP) An Approach to High Assurance Networking Rationale
Multiple Independent Layers of Security (MILS) Subsystem Protection Profile (MNSPP) An Approach to High Assurance ing Rationale 1 2008 Wind River Systems, Inc. The MILS Subsystem (MNS) is A class of subsystem
More informationCertification Report
Certification Report EAL 2+ Evaluation of Tactical Network-layer Gateway (2E2 IA): a GD Canada MESHnet G2 Gateway product Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationRedCastle v3.0 for Asianux Server 3 Certification Report
KECS-CR-08-21 RedCastle v3.0 for Asianux Server 3 Certification Report Certification No.: KECS-CISS-0104-2008 April 2008 IT Security Certification Center National Intelligence Service This document is
More informationGoogle Cloud Platform: Customer Responsibility Matrix. December 2018
Google Cloud Platform: Customer Responsibility Matrix December 2018 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect
More informationNetwork Security Issues and Cryptography
Network Security Issues and Cryptography PriyaTrivedi 1, Sanya Harneja 2 1 Information Technology, Maharishi Dayanand University Farrukhnagar, Gurgaon, Haryana, India 2 Information Technology, Maharishi
More informationAustralasian Information Security Evaluation Program
Australasian Information Security Evaluation Program Certification Report Certificate Number: 2012/8282 11 Oct 2012 Version 1.0 Commonwealth of Australia 2012 Reproduction is authorised provided that the
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report. for
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report for Microsoft Windows 10 Anniversary Update IPsec VPN Client TM Report Number: CCEVS-VR-VID10753-2016
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationGoogle Cloud Platform: Customer Responsibility Matrix. April 2017
Google Cloud Platform: Customer Responsibility Matrix April 2017 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect Cardholder
More informationCertification Report
Certification Report EAL 4 Evaluation of Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications
More informationCSWAE Certified Secure Web Application Engineer
CSWAE Certified Secure Web Application Engineer Overview Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized
More informationTest Conditions. Closed book, closed notes, no calculator, no laptop just brains 75 minutes. Steven M. Bellovin October 19,
Test Conditions Closed book, closed notes, no calculator, no laptop just brains 75 minutes Steven M. Bellovin October 19, 2005 1 Form 8 questions I m not asking you to write programs or even pseudo-code
More informationSecurity Fundamentals
COMP 150-IDS: Internet Scale Distributed Systems (Spring 2015) Security Fundamentals Noah Mendelsohn Tufts University Email: noah@cs.tufts.edu Web: http://www.cs.tufts.edu/~noah Copyright 2012 & 2015 Noah
More informationPrinciples of Information Security, Fourth Edition. Chapter 8 Cryptography
Principles of Information Security, Fourth Edition Chapter 8 Cryptography Learning Objectives Upon completion of this material, you should be able to: Chronicle the most significant events and discoveries
More informationCertification Report
Certification Report EAL 4+ Evaluation of Chrysalis-ITS, Inc. Luna CA³ Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme 2002
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 24a December 2, 2013 CPSC 467, Lecture 24a 1/20 Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management and Trusted
More informationT Salausjärjestelmät (Cryptosystems) Security testing. Security testing. Outline. Testing Final stages of life cycle
T-110.470 Salausjärjestelmät (Cryptosystems) Testing Final stages of life cycle Security testing 15.11.2004 1 3 Outline Security testing Security testing Some testing techniques Final stages of life cycle
More informationUnit OS7: Security The Security Problem. Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze
Unit OS7: Security 7.1. The Security Problem Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze 2 Copyright Notice 2000-2005 David A. Solomon and Mark Russinovich
More informatione-commerce Study Guide Test 2. Security Chapter 10
e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the
More informationKeep your fingers off my keys today & tomorrow
SIGS SE February 2017 Keep your fingers off my keys today & tomorrow Marcel Dasen VP Engineering Securosys SA Keys? Encryption keys asymmetric e.g. RSA, ECC public/private key pairs for wrapping symmetric
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Dell EMC Elastic Cloud Storage v3.2 15 May 2018 383-4-439 V1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be altered,
More informationCS6501: Great Works in Computer Science
CS6501: Great Works in Computer Science Jan. 29th 2013 Longze Chen The Protection of Information in Computer Systems Jerome H. Saltzer and Michael D. Schroeder Jerry Saltzer Michael Schroeder 1 The Meaning
More informationMulti-Layered Security Framework for Metro-Scale Wi-Fi Networks
Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks A Security Whitepaper January, 2004 Photo courtesy of NASA Image exchange. Image use in no way implies endorsement by NASA of any of the
More information1-7 Attacks on Cryptosystems
1-7 Attacks on Cryptosystems In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT EMC VPLEX v5.5 Version 1.0 11 May 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief, Communications Security
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationRequirements from the
Requirements from the collaborative Protection Profile for Network Devices Extended Package (EP) for Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS) Version: 1.0 2016-10-06 National Assurance
More informationExercises with solutions, Set 3
Exercises with solutions, Set 3 EDA625 Security, 2017 Dept. of Electrical and Information Technology, Lund University, Sweden Instructions These exercises are for self-assessment so you can check your
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationCertification Report
Certification Report Lancope Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report TM Trusted Computing Group (TCG) Personal Computer (PC) Specific Trusted Building Block (TBB)
More informationKALASALINGAM UNIVERSITY
KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE
More information