Introduction, Continued
Tom Kelliher, CS 325
Sept. 1, 2006
Perl resources pointed to on class Web site.
Interest in ACM Programming Contest?
2.1-2.4 is assigned for the next week.
Write and run a small, standalone Perl program on phoenix, to familiarize
yourself a bit with Perl and re-familiarize yourself with phoenix.
Introduction.
- Introduction, continued.
- Discussion/exercises.
Cryptography, Perl CGI and file I/O.
- Prevent. Block attack (firewall) or close vulnerability (load new
kernel).
- Deter. Make attack harder (use weak encryption).
- Deflect. Make another target more attractive (honeypot).
- Detect. At time of attack or later (intrusion detection).
- Recover. From the attack (backups).
- Encryption. Basic tool. Clear text; cipher text.
- Software controls:
- Internal security controls. Authentication and views within a
DBMS. Apache global and local controls.
- Operating system and network controls. Traditional authentication
and access measures. SE Linux. TCP wrappers.
- Independent control programs. John the Ripper, TripWire,
ipChains, PAM.
- Development controls. Software design standards and
methodologies.
- Hardware controls.
- Hardware encryption engines.
- Smart cards for authentication; biometrics.
- Locks and chains.
- Firewalls, bandwidth regulation systems, intrusion detection
systems, network partitioning.
- Policies.
Policies for programmers, administrators, and users.
- Physical controls.
Controlled access to computing systems.
How do these relate to defense mechanisms?
- Awareness of the problem.
- Likelihood of Use.
Principle of effectiveness.
- Overlapping controls.
- Periodic review.
Principle of weakest link.
- Do you currently use any computer security control measures? If so,
what? Against what attacks are you trying to protect?
- When you say that software is of high quality, what do you mean? How
does security fit into your definition of quality? Can an application be
insecure and still be good?
- Cite a recent report of a security failure that exemplifies one or
more of the principles we've discussed: easiest penetration, adequate
protection, effectiveness, weakest link.
Thomas P. Kelliher
2006-08-31
Tom Kelliher