Data Security and Cryptology, I Introduction. Essence of Data Security

Report
Data Security and Cryptology, I
Introduction.
Essence of Data Security
September 3th, 2014
Valdo Praust
[email protected]
Lecture Course in Estonian IT College
Autumn 2014
Name and Goal
Name: Data Security and Cryptology
(Andmeturve ja krüptoloogia)
Place: Estonian IT College
Goal of lecture course: To provide a systematic
overview of contemporary data security and
cryptology, both from theoretical and practical
side. Data security as a practical discipline will
considered a little bit more theoretically and
cyrpotography as a deep theoretical discipline
(and also an important tool for data security) more
practically
Processual Data, I
Code: I378
Invovles: 16 academic pairs of lectures, 12 pairs of
practices, 74 hours independent work
Points: 5 ECTS
Schedule (lectures): once a week, on Wednesdays
between 2pm and 4pm
Grading: final test (determines the final mark) – 70
multiple choice questions
Processual Data, II
• Distibution of materials: via webpage
http://www.itcollege.ee/~valdo/security/ English slideshows (PPTs); Estonian
slideshows from year 2011 also available
• Communication between lecturer and
students: via email and the abovementioned webpage
• Practical exercises will start in 5th week
(4 pm)
Lecturer
Valdo Praust
• Master of Science (MSc)
• have 22 years different experience if the
field of data security (different roles)
• currently freelancer IT Securiy expert
• ph +372 514 3262
• email [email protected]
Plan of Lectures, I
1. Introduction. Essense of Data Security. Data
security, it’s essence and importance in
contemporary information systems and in whole
world. Availability, integrity and confidentiality,
its importance in different information systems
and in protection of IT assets. Standard model
of security harming. Economical side of data
security. Practical solving of security problem
2. Security Threats, Classification.
Classification of threats: spontaneous
(accidental) threats and attacks. Methods used
for finding and evaluating threats. Threats
frequency
Plan of Lectures, II
3. Vulnerabilities of Information Assets.
Appliable Security Measues. Classification of
vulnerabilities. Interaction between
vulnerabilities and theats, examples
4. Risk Management and its Methodics. Risk
management as a tool of solving practical
security problem. Four alternatives of risk
management – detailed risk analysis, baseline
security method, mixed method, non-formal
method; their comparison. Quantitative and
qualitative risk analysis, examples. Examples of
baseline security methods, BSI and ISKE
Plan of Lectures, III
5. Essence of Cryptogrtaphy. PreComputer Cryptography. Essence and
basic concepts of encryption. History of
cryptography, traditional cryptography.
Pre-computer cryptography, best-known
traditional techniques and machines.
Theoretical and practical security
6. Basics of Contemporary
Cryptography. Main concepts, essence
and goals. Main types of algorithms and
their’ usage. Cryptanalysis, its’ goal and
properties. Practical security of
cryptoalgoritms, ways of achieving this
Plan of Lectures, IV
7. Symmetric Cryptoalgorithms. AES.
Essence of symmetric cryptoalgorithms.
Modes of operation, their usability and
security. AES – history, main properties,
technical description. Security and modes
operation of AES
8. Other Symmetric Cryptoalgorithms.
IDEA, Skipjack, Blowfish, AES, RC4. Their
properties, security, usability. DES as a
retrospective view of a classic symmetric
algorithm
Plan of Lectures, V
9. Asymmetric Cryptoalgorithms. RSA.
Essence, properties, mathemathical
background and main concepts. Example.
Practical usability, realisations
10.Hash Functions. Cryptoprotocols, TLS
Essence of hash functions, properties,
demands. Mostly used algorithms, thoretical
and practical secrity. Collisions. Security
protocols. TLS as an example - its
desciption and usability
Plan of Lectures, VI
11. Digital Signature, its Usage. Urgency
of digital signature in digital record
management. Digital signature as an
application of public-key cryptography.
Practices of handling both the private
and public key. Certification,
certificates. Timestamp, validity of
approval, service providers.
Certification infrastructure, PKI. Digital
signature in Estonia
Plan of Lectures, VII
12. Digital Signature and Digital Record
Management in Practice. Digital
Archieving, Estonian ID card.
Peculiarities of digital signature in
practice. Comparison with handwritten
signature for end users and business.
Overview of Estonian ID-card and
mobile-ID card. Digital record
management and digital archieving from
the point of view of security
Plan of Lectures, VIII
13. Database Security. Network Security.
Database security, theory and practice.
Importance and usability of
cryptographical chaining, integrity and
accountability. Confidentiality as a
difficultly solvable problem. Importance
of network security. Firewall, virtual
private network, cryptowall. Secure
remote client
Plan of Lectures, IX
14. Security Management (Organisational
Security). Principles and goals of data
security management. Functions and
activities. Essence of data security policy.
Roles of Data Security Forum. Choosing of
appropriate risk management technique.
Data security plan, implementation of
security measures and follow-up activities.
Related national and international standards
Plan of Lectures, X
15.
Legal Control of Data Security. Protecting of
Personal Data. Essence of personal data. Common
practices of protecting personal data both in Europe
and in all around the world. Estonian Data Protection
Act. Sensitive personal data, obligation of
registration. Peculiarities of data security in public
sector – data security classes, etc
16.
Social Elements of Data Security. Influence of data
security to information systems and society.
Cyberattacks, cyberwar, information war.
Cyberdefence, the role and share of different
institutions. Cyber-security and data security, their
main problems and comparison
Practical exercises, I
• Classification of threats, vulnerabilities and
safeguards, their inter-dependendence
• Different baseline security standards
• Different risk analysis methodics
• Different cryptographic tools, usage of
cryptoalgorithms
Practical exercises, II
• Introduction of PKI environment and
software
• Practical solving of security task (different
aspects and poit of view)
• Different secure authentication means
Will start in 5th week
Independent work
Referative work, related to data security or
cryptography (deadline - 14th week). Minimal
amount – 20 pages
Final test (determines the final mark) – 70
multiple choice questions
In order to access to the final test both the
referative work and practical exercises must
be passed (and marked)
What We Protect: Information
Information (informatsioon, teave) – a knowledge
concerning any objects, such as facts, events,
things, processes or ideas, which have a special
meaning in certain contexts
The concept “information” is heavily related to the
more general concept – knowledge. It assumes that
there is a fact whis is known (an object), and the
person who knows the fact (the subject)
Information itself does not have the practical
shape. The practical shape of information will
occure when we also consider the practical
representation of information (and then it is
called - data)
What We Protect: Data
Data (andmed) – reinterpretable
formalized representation of an
information in such a form which is
suitable for transfer, processing and/or
interpretation
Data are always the presentation of information,
usually in a pre-agreed form (which allows to transfer
the information beared by the data from one subject
to another)
The same data can be interpreted differently by the
different subjects having a different background (for
example, “hallitus” in Estonian and in Finnish)
Digital Data
Any information can be represented (carried) by the data
in many different ways. The more essential ways are two
following:
• paper-based data (paberkandjal andmed) – text,
schemes, pictures etc are beared on the surface of the
carrier (paper sheet(s))
• digital data (digikujul andmed) – all the data are coded
into the queues of 0’s and 1’s using certain standards
and certain technical equipment
When we talk about the computer-based
(computer processable) data we always
thought the digital data, which are always
coded by using the queues of 0’s and 1’s.
Data Format
Data format (andmevorming, vorming) —
a desciption how different type of
information – text, picture, voice, video
etc – is coded into the queue of 0’s and
1’s
A pre-agreed (standardised) data format gives to
data (to data file) a concrete and unique meaning.
If we have data but do not have the data format
desciption, then we do not have the information,
carried by the data
From Data Format to Meaning
Different data formats are supported by a
different application software which usually
allow to write the file in certain format, or to
made the content of data (information) humanperceptable etc.
A typical end-user usually don’t know anything about
different data formats and interpretation. He/she
usually associates the certain format only to the
certain software which is able to interpretate these
format(s).
End user usually receives only an human-perceptable
form, prepared by the software, so-calles WYSIWYG
(What You See Is What You Get, in Estonian
adekvaatkuva)
Necessity of Data Security
If we possess (or process) the data then the
information carried by the data has always a certain
value for us (for our business process). It does not
depend either the infomation is represented by the
digital nor by the paper-based data
Information security (infoturve) or data security
(andmeturve) is a discipline concerning the
maintaining these values/properties of information
(performed in practice by the maintaining the
properties of data)
Components of Information
Security
Infortmation security (infoturve) or data security
(andmeturve) is a complex concept consisting
of following three properties:
• information availability (käideldavus)
• information integrity (terviklus)
• information confidentiality (konfidentsiaalsus)
These three properties (branches of secrity) must be
maintained for all information/data items we possess.
In pre-computer world (paper-based information) we
talked only about the confidentiality, not for other
branches
About Different Concepts
The following four concepts:
• information security (infoturve)
• information protection (infokaitse)
• data security (andmeturve)
• data protection (andmekaitse)
are widely taken synonyms
It’s mainly a question about traditions and
culture where we use which concept. For
example in Europe the concept data protection is
often used in a context of protection of personal
data (isikuandmete kaitse)
Data Availability
Data availabilty (andmete käideldavus)
is a timely and convenient access and
usage of information carried by the
data for all authorized persons and
other entities
Availability is the most important component of data
security – the worst thing which must be happened is that
data are no more available for the subjects which need
them during business process (maybe destroyed forever)
Examples:
• border guard does not have the list of fugitives (or the list
isn’t up-to-date);
• National Board of Land does not know the who possesses
the concrete plot of land
Data Integrity
Data integrity (andmete terviklus) is a
ensuring that data are originated
(information was stored into the data)
by a certain source and haven’t been
altered (both by an accident or by a
deliberate act or by the fake)
Integrity are the second important security branch (by
the availability)
In the business process we usually assume that the
data we used (information carried by the data) are
firmly related to the creator/source of the data,
creation time etc. Violation or absense of these
relationships will usually causes serios negative
consequences
Data Confidentiality
Data confidentiality (andmete
konfidentsiaalsus ehk salastatus ehk
salastus) is the availability of the
information, carried by the data, only
by the authorized subjects (and strict
non-availability for other subjects)
Examples:
• state of corporative secret will be disclosed
• operational intelligence information will be disclosed
• personal data will be spread without the permission of
data subject
Security of Data vs IT Assets
Security of data (security of information beared
by the data) is ensured by the securing the (IT)
assets surrounding the data
IT assets (infovarad) include:
• IT equipment (hardware, communication devices, power
supplies etc)
• data communication channels
• software (both system and application software)
but it also MUST include (must taken into the account):
• organization (its structure and operation)
• personnel
• data carriers (incl. documents)
• infrastructure (buildings, offices etc)
Main Properties of Digital Data (from
the security point of view)
1. A great but indirect value of a data
(information): it’s very hard to measure it
2. Portativity: data which can be stored by the
very small and easily movable carriers can
possess a huge value for our business
process
3. Possibility of avoiding the physical contact:
the physical and virtual structures are usually
very different
4. Disclosure of security losses especially for
integrity and confidentiality losses
Standard Model of Security Harming
1. Threats (ohud) influence the data (via IT assets)
2. Threats use the vulnerabilities (nõrkused,
turvaaugud) of IT assets or components of IT system
3. Threats with co-influence the vulnerabilites will
determine the risk or security risk (risk, turvarisk)
4. When a certain risk realises, there will appear a
security loss or security breach or security incident
(turvakadu, turvarike, turvaintsident)
5. In order to minimize the risks there’s necessary to
minimise vulnerabilities using safeguards of security
measures (turvameetmeid)
Harming of Security
Influence of Safeguard(s)
Essence of Security Concepts
• Threat (oht) – a potential extern-influenced harm of
information security
• Vulnerability (nõrkus ehk turvaauk) – the property of each
IT asset (component) from the point of view of external
threats
• Risk (risk) – a probability that threat can use the certain
vulnerability and will realise
• Security loss (turvakadu) – an event when the security
(availability, integrity and/or confidentiality) of some IT
asset(s) will be harmed
• Safeguard or security measure (turvameede) – a
modification of IT asset(s) which will minimise the risk(s)
(the rate of vulnerabilities of asset(s))
Examples of Security Losses
• failure of equipment – integrity loss of IT
asset
• theft of equipment – availability loss of IT
asset
• Unauthorised modifying of register –
integrity loss of data
• destroying of office rooms by fire –
availability loss of infrastructure
• wiretapping of non-crypted data cabels –
confidentiality loss of data
Relations Between Main Concepts
Security and Residual Risk
NB! It does not matter how many safeguards we
implement, we NEVER achieve the absolute security. If
we implement more safeguards we only minimise the
probability that security (availability, integrity of
confidentiality) will be harmed but it will never fall into
zero
Instead of absolute security usually the concept
acceptable residual risk by the business process
(äriprotsessi jaoks aktsepteeritav jääkrisk) is used
An acceptable residual risk is a situation
where the total price of all implemented
safeguards is approximately equal to the
forecasted total loss of security
(measured by the amount of money)
Economical View of Data Security
Serious Obstacles of Evaluating the
Optimal Security Point
The both graphs are hardly predictable (estimatable):
• We do not know the exact expenses of the all
safeguards (it will change over the times)
• Even less we can estimate the graph of damages – we
do not have the actual data of threat frequences and
their impact for all IT assets
• Even we have all this estimation data, the exact
calculation (quantitative risk analysis) is very timeconsuming prosess - there’s a hunderds of different IT
assets, thousands of threats, thousands of
vulnerabilities (and all of them must be taken account
together)
Necessity for a Risk Management
Techniques
In order to simplify a practical security task it’s usually
necessary
• to standardise different security levels i.e.
different availability, integrity and
confidentiality levels
• to create a system which is able to
determine standardised actions
(safeguards), for different security levels,
which result ensures us to approximately
achieve the optimum point (to archieve the
acceptable residual risk situation
This process is usually called a risk
management (riskihaldus)

similar documents