Professional Practices

Computer Privacy and Security Principles

At the end of the day, the goals are simple: safety and security.
(Jodi Rell)
Week 14 Topic: Introduction to Computer
Privacy and Security Principles
• Recap of Last Lecture:
• Computer Privacy, Information Security
• Common ways used to secure our Devices etc.
• Information Security Principles
• Confidentiality
• Integrity
• Availability
• Access Control
• Principles of Computer Security
What does “Secure” Computer System mean?
To decide whether a computer system is “secure”, we should think
about the meaning of “secure” first in order to identify the threats to
our information.

Computers can be attacked from many sources.

Computer Security is always our basic concern being a Computer user

and being a Computer Scientist.
Information Security Principles
The CIA principles
Confidentiality
Integrity Confidentiality
Availability

Integrity
C I
S

A
Availability
S = Secure
1. Confidentiality
• Who is authorized to use data?
• Confidentiality is about protecting the information against
unintentional, unlawful, or unauthorized access, disclosure, or theft.
• Example:
• The Passwords, PINs and Patterns that we often use must to protect devices
and accounts should remain confidential.
1. Confidentiality

Confidentiality
• “Need to know” basis for data access
• How do we know who needs what data?
• Approach: access control specifies who can access what

• How do we know a user is the person she claims to be?

• Need her identity and need to verify this identity
• Approach: identification and authentication
1. Confidentiality

Confidentiality
• Analogously: “Need to access/use” basis for physical assets
• For example access to a computer room, use of a desktop

• Confidentiality is:
• Difficult to ensure
• Easy to assess in terms of success (binary in nature: Yes / No)
1. Confidentiality

Managing information confidentiality:

 To whom data can be disclosed
 Whether laws, regulations, or contracts require data to remain
confidential
 Whether data may only be used or released under certain conditions
 Whether data is sensitive by nature and would have a negative impact
if disclosed
 Whether data would be valuable to those who aren't permitted to
have it (e.g., hackers)
1. Confidentiality

Guidelines for data confidentiality

o Encrypt sensitive files:
 Information can be secured from unauthorized entities
o Manage data access:
 Ensuring that access is only for authorized ones.
o Physically secure devices and paper documents:
 Protect devices and paper documents from misuse or theft by storing them
in locked areas.
o Securely dispose of data, devices, and paper records:
o Manage data acquisition:
 Avoid acquiring sensitive data unless absolutely necessary
1. Confidentiality

Guidelines for data confidentiality

o Manage data utilization:
 Confidentiality risk can be further reduced by using sensitive data only as
approved and as necessary.
o Manage devices:
 Using Anti-virus software
 routinely patching software
 whitelisting applications
 using device passcodes
 suspending inactive sessions
 enabling firewalls
 using whole-disk encryption.
2. Integrity
• Is our data accurate?
• The integrity refers to the accuracy and consistency (validity) of
information over its lifecycle.
• Can be compromised in several ways.
• Each time data is replicated or transferred, it should remain intact
and unaltered between updates.
• Various error checking methods and validation procedures are used
to ensure the integrity.
2. Integrity
• Integrity vs. Confidentiality
• Integrity is concerned with unauthorized modification of
information while;
• Confidentiality is concerned with access to information

• Integrity is more difficult to measure than confidentiality

• Not binary – degrees of integrity
• Context-dependent - means different things in different
contexts
• Could mean any subset of these asset properties:
{ precision / accuracy / currency / consistency /
meaningfulness / usefulness / ...}
2. Integrity
Example of integrity:
o Quote from a politician
o Preserve the quote (information integrity) but misattribute (origin
integrity)

Integrity as a Professional:
o Keep your promises even if it takes extra effort.
o Go back to a store and pay for something you forgot to pay for.
o Never betray a friend's trust even if you get in trouble.
o Inform the cashier he gave you too much change back.
2. Integrity
Data integrity might compromise through:

a. Human error, whether malicious or unintentional

b. Transfer errors, including unintended alterations or data
compromise during transfer from one device to another
c. Bugs, viruses/malware, hacking, and other cyber threats
d. Compromised hardware, such as a device or disk crash
e. Physical compromise to devices
2. Integrity
Information Integrity vs. Information Security

 They seem similar apparently but are different actually.

 Information integrity is a desired result of data security.
 The term data integrity refers only to the validity and accuracy of
information rather than the act of protection.
 Information security, in other words, is one of several measures
which can be employed to maintain data integrity.
3. Availability

Can access data whenever need it (for authorized users)?

Most fundamental threats to availability are non-malicious in nature
like:
o Hardware failures
o Unscheduled software downtime
o Network bandwidth issues
3. Availability

Malicious attacks include various forms of sabotage intended to

cause harm to an organization by denying users access to the
information system.
The Denial of Service (DoS) attack is a method frequently used by
hackers to disrupt web service.
Example:
o Availability of a Web application like Facebook, Wikipedia or search engine
like Google
3. Availability
We can say that an asset (resource) is available if:
o Timely request response
o Fair allocation of resources (means no starvation!)
o Fault tolerant (no total breakdown)
o Easy to use in the intended way
o Provides controlled concurrency (concurrency control, deadlock
control etc.)
The CIA in one View
Confidentiality means that data, objects and
resources are protected from unauthorized viewing
and other access.

Integrity means that data is protected from

unauthorized changes to ensure that it is reliable
and correct.

Availability means that authorized users have

access to the systems and the resources they need.
The CIA: Information Security Principles

CIAAAN
 More components are added to CIA

 Authentication: The process of verifying the identity of a user.

 Authorization: specifying access rights/privileges to resources.

 Non-repudiation:

 The assurance that someone cannot deny the validity of something

 The term is often seen in a legal setting when the authenticity of a signature
is being challenged.
Information Security Policy Architecture
(ISPA)
• A policy is
A plan or course of action, as of a government, political party, or
business, intended to influence and determine decisions, actions,
and other matters
• Policies are organizational laws
• Standards, on the other hand, are more detailed statements of what
must be done to comply with policy
• Practices, procedures and guidelines effectively explain how to
comply with policy
• For a policy to be effective it must be properly disseminated, read,
understood and agreed to by all members of the organization
Information Security Policy Architecture
(ISPA)
An IT Security Policy identifies the rules and procedures for all
individuals accessing and using an organization's IT assets and
resources.
The objectives of an IT security policy is the preservation of
confidentiality, integrity, and availability (CIA) of systems and
information used by an organization’s members.
Institutions such as the International Organization of Standardization
(ISO) and the U.S. National Institute of Standards and Technology
(NIST) have published standards and best practices for security policy
formation.
Information Security Policy Architecture
(ISPA)
• According to National Research Council (NRC), the specifications of
any company policy should address:
a. Objectives
b. Scope
c. Specific goals
d. Responsibilities for compliance and actions to be taken in the
event of noncompliance.
Access Control
• Access control is a security technique that regulates who or what can
view or use resources in a computing environment.
• It is a fundamental concept in security that minimizes risk to the
business or organization.
• Two types of access control:
a. Physical Access Control
b. Logical Access Control
Access Control
a. Physical Access Control:
 Limits access physically
 Like limiting access to campuses, buildings, rooms and physical
IT assets.
b. Logical Access Control:
 Limits access virtually
 Like limiting the connections to computer networks, device or
drive files and data
Physical Access Controls
o Walls, locks
o Guards, security cameras
o Backup copies and archives
o Cables and locks (e.g., for notebooks)
o Natural and man-made disaster protection
 Fire, flood, and earthquake protection
 Accident and terrorism protection
Logical Access Controls
Encryption:
o Primary controls!
o Cleartext scambled into ciphertext (enciphered text)
o Protects CIA:
 Confidentiality: by “masking” data
 Integrity: by preventing data updates, for instance, checksums
included
 Availability: by using encryption-based protocols, for example,
protocols ensure availablity of resources for different users
Logical Access Controls
Software Controls:
o Secondary controls: second only to encryption
o Software controls include:
 OS and Network controls:
• Like OS: sandbox / virtual machine
• Logs/firewalls, OS/net virus scans, recorders
 Independent control programs (whole programs)
• Like password checker, virus scanner, IDS (intrusion detection system)
 Internal program controls (part of a program)
• E.g. read/write controls in DBMSs
 Development controls
• E.g. quality standards followed by developers
• incl. testing
Logical Access Controls
Hardware Controls:
o Hardware devices to provide higher degree of security
 Locks and cables (for notebooks)
 Smart cards, dongles, hadware keys,
Logical Access Controls
Policies & Procedures:
o Policy vs. Procedure
 Policy: What is allowed and what is not ?
 Procedure: How you enforce policy?

o Advantages of policy/procedure controls:

 Can replace hardware/software controls
 Can be least expensive
Access Control Objectives
The goal of access control is to minimize the security risk
of unauthorized access to physical and logical systems.

Most organizations have infrastructure and procedures

that limit access to networks, computer systems,
applications, files and sensitive data, such as personally
identifiable information (PII) and intellectual property.
Principles of Computer Security
Principle of Easiest Penetration
An intruder must be expected to use any available means of
penetration.
The penetration may not necessarily be by the most obvious means, nor is it
necessarily the one against which the most solid defense has been installed.

Principle of Adequate Protection

Computer items must be protected to a degree consistent with their
value and only until they lose their value.
Principles of Computer Security
• Principle of Effectiveness
Controls must be used—and used properly—to be effective.
They must be efficient, easy to use, and appropriate.

• Principle of Weakest Link

Security can be no stronger than its weakest link.
Whether it is the power supply that powers the firewall or the operating system
under the security application or the human, who plans, implements, and
administers controls, a failure of any control can lead to a security failure.
.