Wirtschaftsinformatik (Fach) / IT Risk Management (Lektion)

In dieser Lektion befinden sich 118 Karteikarten

IT Risk Management Uni Koblenz

Diese Lektion wurde von Irec42 erstellt.

Lektion lernen

zurück  |  weiter 1 / 3

  • Information Security - measures and controls that ensure CIA Triad of information system assets
  • Confidentiality Two related concepts: Data confidentiality, Privacy
  • Data confidentiality assurance that information is not available or disclosed to anyone without authorization
  • Privacy Assurance that owner can control what can be collected and stored about them and what use is being made of that information.
  • Integrity Two related concepts: Data integrity, System integrity
  • Data Integrity assurance that programs and information are only modified by authorized security principles in an expected way
  • Define the Infrastructure and System Components of the Distributed System Structure Infrastructure Components -end system (desktop & laptop computers, user devices) -network infrastructure (internal & public networks, routers, switches) System components -applications (databases, erp-systems) -middleware platforms (makes network system to a distributed system)
  • System Integrity System is able to perform its functions without any modification
  • Network Architecture - Organisational Networks -Computers and IT Systems are connected through internal networks -entry point into the network is called a network perimeter
  • Availability - assurance that system is responsive and free from disruption or denial of service - Performance - avoid single point of failure - redundancy and backup measures
  • Network Architecture - Perimeter Networks -Access Network Operation --perimeter networks are separate networks located at the boundary of the internal network --external traffic can access only the perimeter network and not the internal network
  • Non-Repudiation - Result of CIA Triad
  • Network Architecture - N-Tiered Architectures An n-tier protects data and operations by dividing operations into multiple tiers
  • Why is attacking easy? - low cost - unlimited time - only need to know a few vulnerabilities - little regards for ethics
  • Network Device Protection Guidelines - Network Protection -separate networks when feasible -use simple network management protocol (SNMP) to perform the necessary procedures in order to keep attached systems secure -install firewalls, IDS, and advanced protection systems
  • Firewalls - General -Decide which hosts / users are allowed to communicate -monitor communication protocol compliances
  • Firewalls - Functions -Permit / deny dedicated data flows -Check / modify flow content -Assign flows to users / systems -Hiding of internal structures -Monitoring, logging and alerting
  • Why is defending difficult? - System and network admins...     - must dedicate time and resources     - protect users who are not security aware     - must try to assess all vulnerabilities     - ensure that infrastructure is up-to-date
  • Functions - Components -Packet Filter --Analyse headers of the Network (IP) and Transport (TCP) Layer --Mostly stateless implementations -Proxy --Analyse Applications Layer content of flows (HTTP) --An application layer protocol engine is required in the firewall -Stateful Filter --Analyse Network Transport and Application Layer content --Only implements parts of the application protocol engine
  • Why is security a hindrance - obstacle to get work done - if patience runs out users try to bypass policy - difficult to percieve benefit - affact ability to "freely" share information
  • Categories of vulnerabilities - corrupted (loss of integrity) - leaky (loss of confidentiality) - unavailable or very slow (loss of availability)
  • Breaking Firewalls -using fragments --Send packets of a TCP connection in small IP fragments --If the TCP header is segmented a filter may not be able to check it --Filter has two choices: drop or forward -using broadly specified services (example FTP) --ftp requires a TCP data channel
  • Intrusion Detection Systems (ITS) - Functionality Network traffic analyser configured using configuration files that searches for dangerous patterns in the network traffic
  • Threats - capable of exploiting vulnerability (ies) - represent potential security harm to an asset
  • Intrusion Detection Systems (IDS) - Features -Port Scan Detector -Detecting buffer overflow attacks
  • Attacks - passive: attempt to learn or make use of information from the system that does not affect the system resources - active: attempt to alter system resources or affect their operation - insider: initiated by an entity inside the security perimeter - outsider: initiated by an entity outside the security perimeter
  • Threat consequences and Actions - unauthorized disclosure - deception - disruption - usurpation
  • Types of Intrusion Detection Systems (IDS) -Host-based IDS (HIDS) --Monitors the characteristics of a single host for suspicious activity -Network-based IDS (NIDS) --Monitors network traffic and analyses network, transport and application protocols to identify supicious activity -Destributed or hybrid IDS --Combines information from a number of sensors, often both host and network based, in a central analyser that is able to better identify and respond to intrusion activity
  • Steps of an Attack 1. Reconnaissance 2. Scanning 3. Gaining Access 4. Maintaining Access 5. Covering Tracks
  • General purpose of security models security policies are used to define authorized and secure states security mechanisms represent the entity or procedure that enforce the security policy security models represent a particular policy or set of policies that should be enforced
  • Why formal models for security models? regulations are in general desciptive not prescirptive systems must be demonstrably secure maps the policy designers into a set of rules
  • Risk Control Strategies - Avoidance: applying safeguards that eliminate or reduce the remaining uncontrolled risks of the vulnerability - Transfer: Shifting the risk to others or outside entities - Mitigation: Reducing the impact if the vulnerability is exploited - Accaptance: understanding the concequences and accepting the risk wighout control or mitigation
  • Risk Control: Avoidance accomplished through: - Application of policy - Application of training and education - Countering threats - Implementation of technical security controls and safeguards
  • state machine models security models control information flow --information flow results in state transitions --transitions must be secure --models provide rules for how information flows from state to state --information flow models do not address covert channels state machines --maintaining the state of a machine deals with each subject association with an object --State transitions alter the state
  • Risk Control: Transfer achieved by reconstructiong how processes are structured, etc... - Revising deployment models - Outsourcing to other organizations - Purchasing insurance - Implementing service contracts with providers
  • Bell-LaPadula (BLP) Model is about Confidentiality basic idea: -enforces rules to provide confidentiality protection -subject's clearance is compared to the object's classification access conditions -subjects are authenticated -needs to know -formal access approval if rules confirm access rights
  • Risk Control: Mitigation Types of mitigation plans: - Disaster Recovery Plan (DRP) - Incident Response Plan (IRP) - Business Continuity Plan (BCP)
  • Risk Control: Acceptance prudent concludes that... ...the cost of protecting do not justify the security expenditure ...the likelihood of an occurance is so small that protection is not worthwhile ...the impact is so great that no level of protection will prevent (catastrophic) concequences
  • Bell-LaPadula Model - Simple Security Rule Subjects                                                                          Objects Top Secret               _---read forbidden                             Top Secret Secret   ->              ----read ok                                        Secret Unclassified             --__read ok                                       Unclassified
  • Managing Risk: Risk Appetite - willingness of an organization to accept a quantity and nature of risk - reasoned approach to risk balances and expense
  • Bell-LaPadula Model - Star Property Rule Subjects                                                                          Objects Top Secret               _---write ok?                                     Top Secret Secret   ->              ----write ok                                       Secret Unclassified             --__write forbidden                            Unclassified
  • Managing Risk: Residual Risk - remaining risk not shifted, removed or planned for after vulnerabilities have benn controlled as much as possible
  • Bell-LaPadula Model - Strong Star Property Rule Subjects                                                                          Objects Top Secret               _---R/W forbidden                             Top Secret Secret   ->              ----R/W ok                                        Secret Unclassified             --__R/W forbidden                             Unclassified
  • Biba Model basic idea: -developed after the Bell-LaPadula (BLP) Model -enforces rules to privide integrity protection -result is to turn the BLP model upside down Goals: -prevent data modification by unauthorized parties -prevent unauthorized data modification by authorized parties -maintain internal and external consistency
  • Guidelines for Risk Control - when vulnerability exists -> Implement security controls to reduce likelihood of exploit - when vulnerability can be exploitet -> apply layered control to minimize the risk or prevent occurance - when the attacker's potential gain is higher than the cost of attack -> apply technical or managerical controls to increase the atacker's cost or reduce his gain (depends on motiviation)
  • Due Care vs. Due Diligence Due Care: - what is done to correct the threat identified or minimize risk -> Do Correct Due Diligence: - investigate and understand the risk you face -> Do Detect
  • Biba model - star integrity axiom Subjects                                                                          Objects High integrity              ____write forbidden                        high integrity medium integrity         __--write forbidden                         medium integrity low integrity   ->         ---write ok                                     low integrity
  • Organization Security Model - Security Planning: 1. Strategic 2. Tactical 3. Operational - Involves technology, people and processes - Business decision makers must be involved
  • Biba model - Simple Integrity Axiom Subjects                                                                          Objects High integrity              -----read ok                                   high integrity medium integrity         ---__read forbidden                       medium integrity low integrity   ->         _____read forbidden                      low integrity
  • Organization Security Model: Strategic - Align with business and IT goals - Long and broad horizon -up to five years

zurück  |  weiter 1 / 3