1.2 Understand and apply security concepts

  • Confidentiality, integrity, and availability, authenticity and nonrepudiation

The foundation of all security principles comes from three ideas: confidentiality, integrity, and availability, or CIA. 

Confidentiality means that sensitive data is only seen by authorized users. 

We link data (objects) and users (subjects) so that only authorized subjects have access to objects.  We will learn how to protect data later in this book.

We evaluate confidentiality according to the following ideas

  • Sensitivity – what is the value of the information?  How much damage could it cause if it were leaked?

  • Discretion – does a user have the ability to leak the confidential data?  How much ability?  Is it easy or difficult to leak the data?

  • Criticality – how important is the information to the business?

  • Concealment – can we hide the data?

  • Privacy – if the data is leaked, what harm can it cause to a person?

  • Seclusion – can we store the data in a remote location?

  • Isolation – can we store the data away from other types of data?

Data could be leaked intentionally or unintentionally.

Integrity ensures that the data is not modified by unauthorized users while in transit or at rest.  The data that is received is the same as the data that was sent.  We should be able to verify that an object has not been changed.

We evaluate integrity according to the following ideas

  • Accuracy – the information is correct.

  • Authenticity – the information has not changed since it was created

  • Nonrepudiation – the person who created the information cannot deny that he created it.  That is, we are certain of the identity of the author.

  • Completeness – the information is not missing any component.

  • Truthfulness – the information is realistic

  • Validity – the information is logically sound

  • Accountability – a person is responsible

  • Comprehensiveness – the information is complete

If an unauthorized user can access an object, he can probably change it too.  Integrity can be affected by human users and by malicious programs such as viruses.

Availability ensures that the resource is available when it is needed. 

We evaluate availability according to the following ideas

  • Usability – the information is easy to understand

  • Accessibility – many people can use a resource regardless of the type of equipment they have or their background

  • Timeliness – the users can access the data quickly

Availability can be affected by a lack of resources (too many users and not enough computing hardware/bandwidth) or by attacks such as Denial of Service.

How does a secure system provide access to an individual?  Through IAAA – also known as AAA (Authentication, Authorization, and Accounting)

  • Identification is the process of identifying a person.  The person has presented credentials to the system (such as a smart card, an access card, an identification card, or a username).  It is possible that the credentials have been compromised, so the system has not verified the person’s identity at this stage.

  • Authentication is when the person has been positively identified.  Circumstances where authentication takes place

    • User presented a smart card and entered their PIN correctly

    • Presented an identification card to a security guard who positively compares the photograph on the card with the face of the individual

    • Entered the correct username and password into a computer

    • Scanned an access card at a card reader (the access card is a weak form of authentication because a lost/stolen access card can be used by an unauthorized individual)

  • Authorization is the process of providing the user with access to the resources that he requested.  Just because a user requested access and entered the correct username/password (has been authenticated) does not mean that the user is entitled to access.

    • For example, a user comes to work on a weekend, but he regularly works Monday to Friday.  The security guard recognizes the employee as a legitimate employee and verifies his identification but does not permit access because he is not scheduled to work.

    • A user logs in to an HR system with the correct username and password but is not authorized to access the system.

  • Accounting is the process of keeping track of who accessed what.  Accounting is important for audits, and to ensure that all access attempts are legitimate.  For example, patients have the right to know who accesses their personal health data.  A nurse at a hospital may have the ability (authorization) to access the electronic health records of any patient at the hospital but should only do so if she has a legitimate need (and not because she is curious).  The system should be able to track every time a patient record was accessed.

  • We should log the following

    • What credentials were used (username, password, etc.)?

    • What system did they log in to (computer, door, entrance, etc.)?

    • What resources did they access (shared folder, printer, etc.)?

    • When did the access take place?