ENTS 650 Network Security. Dr. Edward Schneider

Transcription

1 ENTS 650 Network Security Dr. Edward Schneider

2 Stallings. Cryptography and Network Security, 4e. Prentice-Hall NIST Special Pubs: csrc.nist.gov/publications/pubssps.html FIPS: csrc.nist.gov/publications/pubsfips.html PGP: GPG:

3 Security Core Principles Confidentiality (secrecy) Integrity Availability Accountability Nonrepudiation

4 Information Security Policy The aggregate of public law, directives, regulations, rules, and practices that regulate how an organization manages, protects, and distributes information. The information security policy lists all the security requirements applicable to specific information.

5 Risk threat: a potential violation of security value of information Threat + Value fi Strength of Function Mechanisms

6 TABLE 1-1: SECURITY CONTROL CLASSES, FAMILIES, AND IDENTIFIERS IDENTIFIER FAMILY CLASS AC Access Control Technical AT Awareness and Training Operational AU Audit and Accountability Technical CA Security Assessment and Authorization Management CM Configuration Management Operational CP Contingency Planning Operational IA Identification and Authentication Technical IR Incident Response Operational MA Maintenance Operational MP Media Protection Operational PE Physical and Environmental Protection Operational PL Planning Management PS Personnel Security Operational RA Risk Assessment Management SA System and Services Acquisition Management SC System and Communications Protection Technical SI System and Information Integrity Operational PM Program Management Management

7 Mechanisms Identification and Authentication Access Control Cryptography Audit Labeling Object Reuse Replication Trusted Path Security Management

8 Policy P.ACCOUNT: User activity shall be monitored to the extent that sanctions can be applied when malfeasance occurs, and to ensure that system controls are properly applied. All users will be notified that such monitoring may occur. P.INTEGRITY: The integrity of user data must be protected. P.MANAGE: The TOE shall be managed such that its security functions are implemented and preserved throughout its operational lifetime.

9 Threats T.CRASH: The TOE may take actions based on security-critical data that, due to interruption of the operation of the TOE, is either incomplete or corrupted. T.TRAFFIC: Use of the TOE may transmit (via traffic analysis or covert channel analysis) sensitive information to unauthorized users.

10 Objectives O.ACCESS: The TOE will control access to information that is subject to the enclave security policy, based on the identity of the accountable individuals, such that this policy cannot be bypassed in the TOE. O.AUDIT: The TOE will provide support for an audit trail to ensure each authenticated user and TOE administrator can be held accountable for his or her actions in the TOE.

11 Functional Requirements FAU_STG.4. Prevention of audit data loss FAU_STG.4.1. The TSF shall [ST selection: prevent auditable events, overwrite the oldest stored audit records] and [ST assignment: other actions to be taken in case of audit storage failure] if the audit trail is full. FDP_RIP.2. Full residual information protection. FDP_RIP.2.1. The TSF shall ensure that any previous information content of a resource is made unavailable upon the deallocation of the resource from the following objects: all objects.

12 Assurance Requirements ADV_LLD.1 Descriptive low-level design ADV_LLD.1.1D The developer shall provide the lowlevel design of the TSF. ADV_LLD.1.1C The presentation of the low-level design shall be informal. ATE_IND.2 Independent testing - sample ATE_IND.2.1D The developer shall provide the TOE for testing. ATE_IND.2.2E The evaluator shall test a subset of the TSF as appropriate to confirm that the TOE operates as specified.

13 FIGURE 3-1. THE SDLC A CONCEPTUAL VIEW