1-Introduction

Information Security

The protection of information and associated elements like systems and hardware that store and transmit that information.

IS also includes information security management, data security and network security.

Primary goal of studying IS is to identify security and privacy issues in various aspects of computing and designing systems that are more protective of security and privacy.

CIA Triad

In context of computers, security generally means three things:

  • Confidentialty
  • Integrity
  • Availability

A computing system is said to be secure if it has all three properties

Security of a system is closely tied with its reliability, a secure system is one you can rely on

Confidentiality

Information is restricted to a few set of individuals or organizations and disclosure or exposure to unauthorized individials, organizations or system is prevented.

Integrity

Information should remain its integrity, it should not be altered and should retain it’s original state unless explicitly changed or modified.

Availability

Information should be accessible at the time it is needed and during it’s access there should be no interference or interruptions or obstructions.

Authentication

The process of verifying user identity e.g. signup pages authenticate users

Authorization

The process of authorizing (permitting access) to users to either read, write, modify some informations. In simple terms granting access. People with access are called authorized users and without access are called unauthorized users.

Non-Repudiation

Non-repudiation is the assurance that the originator of a message or transaction cannot deny having sent it and the recipient cannot deny having received it, providing irrefutable evidence of transactions. This ensures accountability and some ways to achieve this are digital signatures, time stamps , audit logs etc.

Authenticity

Quality or state of being genuine, authentic.

Accountability

Actions of a user should be uniquely traceable. This helps in after-attack recovery and during investigations.

Privacy

Keeping individual’s Personally Identifiable Information (PII) secret.

Adversaries

Adversaries are attackers against whom we need to protect our systems.

Assets

The things that we want to protect like Hardware, Software, Data

Vulnerabilities

Vulnerabilites are weaknesses in a system that can be exploited in order to cause loss or harm.

Threat

A potential security harm to an asset caused by exploiting the vulnerability There are four major categories of threats:

  1. Interception (confidentiality threat) : an unauthorized party gains access to data, resources, or communications. Goal of attacker is to read of eavesdrop on information without altering it. Example: wiretapping a phone call, packet sniffing on a network, gaining unauthorized access to files.
  2. Interruption (availability threat) : an asset becomes lost, unavailable, or unusable. Goal of attacker is to disrupt service or deny legitimate use. Example: Denial of service attack, cutting a communications cable, server crash caused intentionally.
  3. Modification (integrity thread) : unauthorized alteration of data or system functions. Goal of attacker is to change existing information or behavior. Example: altering messages in transit, changing values in a database, tampering with software code.
  4. Fabrication (authenticity threat): unauthorized creation of data, processes, or communications. Goal of attacker is to forge false information and make it appear legitimate. Example: inserting fake transactions into a system, forged email or identity spoofing, adding unauthorized entries in logs.

Components of IS System

  • Software
  • People
  • Hardware
  • Data
  • Procedures
  • Networks

Methods of Defence

  • Prevent it: prevent the attack
  • Deter it: make the attack harder or more expensive
  • Delect it: make yourself less attractive to the attacker
  • Detect it: notice the attack is occuring (or has occured)
  • Recover from it: mitigate the effects of the attack