网络安全1introduction-p.pdf

1 东南大学东南大学 1 计算机网络与数据安全计算机网络与数据安全 计算机科学与工程学院计算机科学与工程学院 龚俭龚俭 jgong@ 东南大学东南大学 2 课程教学说明课程教学说明 • 教学内容是课件和教材的结合教学内容是课件和教材的结合 • 介绍概念介绍概念/框架为主（广度优先），要求学生能够框架为主（广度优先），要求学生能够 依据这些概念进行适度展开，掌握并能运用所学概依据这些概念进行适度展开，掌握并能运用所学概 念设计安全的系统并对其进行安全管理念设计安全的系统并对其进行安全管理 • 学习要求学习要求 – 课前预习，及时提问课前预习，及时提问 – 课后复习，补充细节课后复习，补充细节 – 广泛阅读，印证理解广泛阅读，印证理解 – 理顺思路，建立体系理顺思路，建立体系 东南大学东南大学 3 教学安排教学安排 • 10次课（次课（2月－月－5月）月） – 网络安全导论网络安全导论 – 数据加密与密钥管理数据加密与密钥管理 – 数据完整性保护数据完整性保护 – 数据鉴别数据鉴别 – 访问控制访问控制 – 网络攻击网络攻击 – 安全监测安全监测 – 应急响应应急响应 – 网络基础设施保护网络基础设施保护 • 开卷考试开卷考试 • 一个专题报告一个专题报告 • 龚俭，吴桦，杨望，龚俭，吴桦，杨望， 计算机网络安全导论计算机网络安全导论 （第二版），东南大（第二版），东南大 学出版社，学出版社，2007.9 东南大学东南大学 4 Chapter One Security of Computer System and Network 东南大学东南大学 5 Topics • Security realms • Security evaluation • Security management 东南大学东南大学 6 1.1 Introduction 2 东南大学东南大学 7 Security concepts and relationships It is an evolving process 东南大学东南大学 8 Cybersecurity – A New Doctrine • Cyberspace as a source of conflict – Copyrights and Intellectual Property, free speech and censorship, privacy and surveillance, Internet governance and telecommunication policy • Cyberspace as a tool of conflict – Street protests that are coordinated and promoted via websites and social media – Used by cybercriminals for personal gain – state-on-state wars that rely on cyberspace to transmit information to warfighter and coordinate military operations • Cyberspace as a target of conflict – Its elements are subject to cyberattacks in support of state and non-state battles 东南大学东南大学 9 Cybersecurity – A New Doctrine • The goals state which system properties will be preserved, as well as which policies will be enforced, for whom, at what costs, and against what kinds of threats. • The means range broadly over technological, educational, and/or regulatory measures. • A analogy to public health: the prevention of disease and promotion of good health in populations – A public good: non-rivalrous and non-excludable – Favor prevention over recovery 东南大学东南大学 10 Taxonomy - Threat • Activities that bring negative effects on system availability • Fault – System out-of-order caused by hardware or software problems • Accident – Threat by system operation and its environment • Attack – Intended hostile activities against system initiated by adversary 东南大学东南大学 11 Taxonomy - Objective • System security – Physical：：hardware, software and environment – Operational：：proper usage and management, e.g. access control, system monitoring, etc. • Data security – Confidentiality：：unauthorized access – Integrity：： Fabrication and Masquerade • Network security – Transport：：eavesdropping, integrity violation – Access：： hacking, cheating – Operation：：Infrastructure protection 东南大学东南大学 12 Another Taxonomy - mechanism • Data – Encryption – Authentication – Integrity • Operation – Risk Analysis – Auditing – Disaster Planning & Recovery – Incident Response • System – Secure Software & Hardware – Infrastructure Protection – Access Control – Intrusion Detection – Incident Response 3 东南大学东南大学 13 Security Targets（（1）） • Authenticity: reliable, consistent, authoritative data – System reliability – Operation environment and procedures – System classification：：trustable, innocent, vicious system • Availability：：system can work as expected, fulfill the assigned task, and achieve correct results. – Abuse：：cause damages to data – Misuse：：use data in an unauthorized way • Integrity: Consistency – Software – Data 东南大学东南大学 14 Security Targets（（2）） • Confidentiality – Sensitive data: access control is required – Breach of confidentiality：：access to sensitive data in unauthorized way • Possession：：the ability to really hold, control and use the system (not been hijacked) 东南大学东南大学 15 ACM IAS Curriculum Guideline-2008 • Fundamental Aspects • Security Mechanisms (Countermeasures) • Operational Issues • Policy • Attacks • Security Domains • Forensics • Information States • Security Services • Threat Analysis Model • Vulnerabilities 东南大学东南大学 16 1.2 Security Evaluation 东南大学东南大学 17 Normalization of System Security • Standard semantic of system security – Consistent view to security targets – Consistent view to security functions – System creditability – System inter-operability • Measured with analytical or experimental metrics – Metrics require assumptions and abstractions, that may lead vulnerabilities 东南大学东南大学 18 Cybersecurity Metrics • Relative metrics – How much more secure a system f’ is than a system f • Computational-complexity metrics – Amount of information and computational power required – Mathematical abstraction vs. real implementation 4 东南大学东南大学 19 Cybersecurity Metrics • Economic and Biological metrics – How hard to compromise a system: cost, variation strength, propagation strength, etc. – How to model the system? • Empirical metrics – How weak a system might be: modeling adversaries – Tiger team 东南大学东南大学 20 Orange Book • Trusted Computer System Evaluation Criteria by US DoD in 1985 • Minimal Protection (D) – Any system that does not comply。