diff options
| -rw-r--r-- | en_GB/Introduction to Information Security/introduction_to_information_security.md | 192 |
1 files changed, 192 insertions, 0 deletions
diff --git a/en_GB/Introduction to Information Security/introduction_to_information_security.md b/en_GB/Introduction to Information Security/introduction_to_information_security.md new file mode 100644 index 0000000..88bb06f --- /dev/null +++ b/en_GB/Introduction to Information Security/introduction_to_information_security.md @@ -0,0 +1,192 @@ +# Introduction to Information Security - Lernzettel + +## Security + +### Security objectives + +- Confidentiality + Contents of objects cannot be read by third parties. +- Integrity + Whether or not a message has been modified between origin and receiver. +- Availability + Guaranteed access to the information for permitted parties. +- Access Control + Only permitted parties are allowed to access the information. +- Non-repudiation + Proof that an entity was involved in some event. + +### CIA + +- Confidentiality +- Integrity +- Availability + +### Perkerian hexad + +- Confidentiality +- Integrity +- Availability +- Utility + Ensures that the information is useful and insensitive to e.g. lost keys. +- Possession or Control + Be sure that the possessor is in control of the information at all times. +- Authenticity + Verification of claimed identities. Notice: In most cases, this just proves entities (e.g. machines), not humans. + Also, there must be a point in time where authentication starts. If this step is taken automatically by a machine (e.g. session start), + there is no valid inference to the actual human. + +### Secrecy + +Confidentiality+. +Not only provides hidden contents, but also hides the fact that there is content at all. + +### Strategy + +1. Prevention +2. Detection +3. Reaction + +## Reliability + +Reliability addresses consequences of accidential errors. Reliability checks if service interruptions cause low or medium disturbance. + +## Safety + +Safety addresses catastrophic influences on the environment (e.g. human life). Safety checks if service interruptions cause very high disturbance and even harm. + +## Authentication + +### Modes + +As a user, you can be authenticated on the basis of + +- Something you know (e.g. password) +- Something you hold (e.g. ID card) +- Who you are (e.g. biometrics) +- What you do (e.g. behaviour analysis) +- Where you are (e.g. geo-location) + +### Passwords + +- Assure correct receiver of the initial password. Communication might be intercepted. +- Call back already authenticated entities, which are authorized to hand over the password. +- Force the user to change the password immediately after first login. +- Provide multi-factor authentication to let the user to be able to reset forgotten passwords without costly helpdesks. + +### Guessing passwords + +- Brute force +- Intelligent search (alphabet limits, length limits) + +### Password protection + +- No expiry dates + Studies have shown that this results in worse passwords. +- No restrictions in password alphabet + Studies have shown that this leads to less possibilities in exhaustive guessing and therefore leads to worse passwords. +- Set a minimum length instead + Has a higher impact than complexity. Set the maximum to at least 64. +- No hints +- Show passwords while typing + Doing the opposite motivates the user to choose shorter passwords. +- Allow passwords to be pasted + This enables secure password managers to be used. +- Forbid commonly used passwords + Makes dictionary attacks difficult. +- Limit number of failed password attempts + +### Biometrics + +#### Use cases + +| Use case | Cardinality | Description | +| -------- | ----------- | ----------- | +| Identification | 1:n | Identify the user from a set of users in a database. | +| Verification | 1:1 | Verifies the single claimed identity by comparing captured patterns to the stored patterns. | + +#### False match rate (FMR) + +How often is a false match attempt successful, which it should not be? Best case: $\text{FMR} = 0$. + +$\text{FMR} = \frac{\text{\# successful false matches}}{\text{\# attempted false matches}}$ + +#### False non-match rate (FNMR) + +How often is a genuine match attempt rejected, which it should not be? Best case: $\text{FNMR} = 0$. + +$\text{FNMR} = \frac{\text{\# rejected genuine matches}}{\text{\# attempted genuine matches}}$ + +#### Fitting Rate + +A value (in %) indicating how much the captured pattern fits the stored pattern in the database. + +##### Examples + +A *Fitting Rate* of 100% indicates that all of the captured pattern data fits the data stored in the database (unlikely, due to noise). +A *Fitting Rate* of 50% indicates that half the pattern data fits the data stored in the database. + +#### Matching Threshold + +A value (in %) determining the minimum *Fitting Rate* for an matching check to be considered as matching. +A lower *Matching Threshold* raises the amount of false positive matching checks, but lowers the amount of rejected genuine matching checks. +*FMR* raises, *FNMR* lowers. +A higher *Matching Threshold* raises the amount of rejected genuine matching checks, but lowers the amount of false positive matching checks. +*FMR* lowers, *FNMR* raises. + +#### Equal Error Rate (EER) + +The value of *Matching Threshold*, at which $\text{FMR} = \text{FNMR}$. + +#### Failure-To-Capture Rate (FTC) + +Frequency of failing to capture a sample. + +#### Failure-To-Extract Rate (FTX) + +Frequency of failing to extract a feature of a sample. + +#### Failure-To-Acquire Rate (FTA) + +Frequency of failing to acquire a biometric feature. + +$\text{FTA} = \text{FTC} + \text{FTX} \times (1 - \text{FTC})$ + +#### False Accept Rate (FAR) + +$\text{FAR} = \text{FMR} \times (1 - \text{FTA})$ + +#### False Reject Rate (FRR) + +$\text{FRR} = \text{FTA} + \text{FNMR} \times (1 - \text{FTA})$ + +#### False Positive Identification Rate (FPIR) + +Probability of some sample to match at least one of the entries in the database. + +$\text{FPIR} = (1 - \text{FTA}) \times (1 - (1 - \text{FMR})^{n})$ + +## Threat scenarios + +No security issues without threat models! E.g. a password is considered safe without any provided threat model. + +### Smurf attack + +Attacker sends out ICMP ping request with spoofed sender IP address of the victim to the broadcast of some network. +All recipients will answer the ping, and send the answer packets to the IP address they think was the sender, which is the victims IP address. +In a network with 100 nodes, a single broadcast ICMP request results in 100 answers sent to the victim, causing a denial of service. + +### Password compromise + +Old threat model: One machine, one password. One compromised password means one compromised machine. +New threat model: Multiple machines, one or similar passwords. One compromised machine can cause other compromised passwords. + +### Password spoofing attack + +Attacker presents a fake login screen to the victim. +Victim enters his password and the attacker captures the data forwarded by the fake login screen. + +#### Countermeasures + +- System authentication to the user +- Display number of failed logins + Indicates compromised password to the user. |