SlideShare a Scribd company logo

System Security Sem 2(Module 1).pptx

Download as PPTX, PDF
R
rahulkumarcscsf21

This document discusses security elements and goals in IT systems, including integrity, confidentiality, availability, non-repudiation, and authentication. It also covers threats to IT systems and technical controls like vulnerability management. Operating system security is then discussed, including changing threats, why OS's are hard to secure, trust models, threat models, and key security features like access control and network protection. Application security topics like malware protection, application verification, sandboxing, and execution are also summarized.

Engineering
Related topics:
System Security
1 of 114
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
IT System Security-BCSC-0603 ASHEESH TIWARI DEPT. CEA GLA UNIVERSITY MATHURA UNIT-I
Introduction to IT system security • IT system security covers everything from prevention, detection and response to improper access from within and outside an organization, to protect information and systems. • As the critical importance of IT systems grows daily, so does the volume of targeted attacks, internal fraud and other security risks from which IT systems need to be defended. • Elements of IT system security – Vulnerability – Threat – Risk – Exposure – Countermeasure or Safeguard – The Relation Between the Security Elements
Goals of IT System Security • IT security generally is comprised of five main goals: Integrity: guaranteeing that the data are those that they are believed to be Confidentiality: ensuring that only authorized individuals have access to the resources being exchanged Availability: guaranteeing the system's proper operation Non-repudiation: guaranteeing that an operation cannot be denied Authentication: ensuring that only authorized individuals have access to the resources
Elements of IT System Security • Vulnerability • Threat • Risk • Exposure
Threats to IT systems
Threats to IT systems
Threats to IT systems
Technical controls in IT system security
Technical controls in IT system security
Technical controls in IT system security
System security coverage
System security risk management The process of risk assessment involves following activities: – determining the assessment's scope and methodology – collecting and analyzing data – interpreting the risk analysis results System security risk management
Chapter-2 Operating System Security
Introduction of Changing Threats – Basics of Operating Systems & changing threats • Operating systems are the software that provides access to the various hardware resources (e.g. CPU, memory, and devices) that comprise a computer system. • Any program that is being run on a computer system has instructions executed by that computer’s CPU, but these programs may also require the use of other peripheral resources of these complex systems. – Formal security mechanisms in operating system • With the developments in technology and the advent of cloud, there have been increasing trends of operating systems being deployed onto storage resources and shared public computation in cloud data centers. • This, in turn, has attracted attacks against collocated operating systems and their hosting platforms and hence rendering the protection of data and availability of services ineffective.
Why OS is Hard to Secure? – OS not able to find themselves prone attacks • The software required to interface these peripheral devices and network of devices could operate in privileged mode within the operating system. • This way, they could access resources, such as processor memory, directly. An attacker is able to gain full control of the operating system, via a crafted USB device, owing to the vulnerabilities within USB device drivers in the operating system. – Multiple peripherals can be externally connected through interfaces, such as integral devices – Unlike USB driver and hardware devices developed by the hardware manufacturers, etc.
Securing Operating Systems How to secure operating system and its models: – Trust Model – Threat Model There have been consistent goals for a secure operating system established for almost every community: • Ensuring that the operating system is able to separate users and access to resources by following a defined policy. • Ensuring that a trusted execution path is followed. “Trusted” means that there are no vulnerabilities that might affect the operating system’s ability to separate users and access to resources, such as memory, files, I/O and processes.
Trust Model • For an operating system, its trust model is synonymous with the system’s trusted computing base (TCB). • Ideally, a system TCB should consist of the minimal amount of software necessary to enforce the security goals correctly. • The software that must be trusted includes the software that defines the security goals and the software that enforces the security goals (i.e., the operating system’s security mechanism). • Further, software that bootstraps this software must also be trusted. • Thus, an ideal TCB would consist of a bootstrapping mechanism that enables the security goals to be loaded and subsequently enforced for lifetime of the system.
Trust Model • The secure operating system developer must prove that their systems have a viable trust model. This requires that: 1. The system TCB must mediate all security-sensitive operations. 2. Verification of the correctness of the TCB software and its data. 3. Verification that the software’s execution cannot be tampered by processes outside the TCB.
Threat Model • A threat model defines a set of operations that an attacker may use to compromise a system. • In this threat model, we assume a powerful attacker who is capable of injecting operations from the network and maybe in control of some of the running software on the system. • Key Security Features • – Access control • – Network protection • There are principles that are well established to ensure secure control access and its proper practical implementation: • It has to be ensured that there exists a trusted mechanism to first decide and then enforce the rights of the user (requesting access to a resource) along with designated rights of the resource requested.
Threat Model • When these rights are being enforced, it has to be made sure that there are no vulnerabilities present in the enforcement capability. It must be free from any modifications or tampering done beforehand. This concept is referred to as the Trusted Computing Base. • A trusted path must be followed while the enforcement happens. This minimizes the possibility of interruption of execution path by malicious processes or users. This concept is known as the Trusted Path.
Key Security Features • Access control • Operating system, at its core, has the ability to administer control over access to system information and resources. • This is done in order to mitigate threats as well as minimize the possibility of any accidental damage by the users. • The need to prevent a poorly implemented application, that can access the private data of users stored in the memory, is as important as the need to prevent inadvertent download of malware through a browser and installing unwanted spying software. • In layman’s terms, access is the ability to read from, write to, or execute a file, operating systems, such as Microsoft Windows, provide richer access operations that provides the option to acquire ownership of or even delete a data type.
Key Security Features • There are principles that are well established to ensure secure control access and its proper practical implementation: • It has to be ensured that there exists a trusted mechanism to first decide and then enforce the rights of the user (requesting access to a resource) along with designated rights of the resource requested. • When these rights are being enforced, it has to be made sure that there are no vulnerabilities present in the enforcement capability. It must be free from any modifications or tampering done beforehand. This concept is referred to as the Trusted Computing Base. • A trusted path must be followed while the enforcement happens. This minimizes the possibility of interruption of execution path by malicious processes or users. This concept is known as the Trusted Path.
Network protection • With most users finding it mandatory to communicate with each other and while accessing applications and data, most of the operating systems are deployed in highly networked environments. • Before the advent of the more sophisticated operating systems, network that connected the users were believed to be trustworthy as the files that were being shared. • These networks connected organizations on trusted or in-house networks. Nowadays, we have devices that are highly mobile being connected over untrusted and public networks (for e.g., the Internet). • So, to counter this problem, operating systems adapted and the developers started to embed security features (such as firewalls, network encryption and network access protection) onto their • operating systems.
Malware protection • Users’ requirements to access and exchange application and files have been increasing. • This has led to an increase in the means of exchange including social media platforms, web portals and messaging systems. • Most of the cyber security attacks have had been a result of a malicious file being received from an email or a website. • Application Verification and Control • For example, this mechanism is implemented by Apple iOS. Apple’s operating system enforces all applications from the app store. • There is no provision to install applications from external sources. The application on the Apple app store are signed by Apple after verifying their integrity from a security perspective.
Application Separation: Sandboxing • The technique of sandboxing is used to provide a form of isolation to an application to ensure that the functionality of the application is “boxed-in” (limited), such that the ability of the application to access other running applications, or the memory or network resources of other applications. • This method can be applied using different approaches. • A hypervisor is sought which provides a “container” to separate out and execute multiple operating systems on a common platform. • Whole operating system is virtualized and run on a hypervisor which summaries the hardware environment for the platform. • While this approach protects applications on the same hardware irrespective of the operating system, it does not offer any protection to other applications in the same operating system.
Application Execution • There is a possibility of application being exploited by attackers using the user supplied input. • Buffer overrun is the most common form of attacks in the which the input supplied by user end up to be written directly to the operating systems and application memory (normally used to store application execution code, temporary and global data) without any prior verification of its integrity. • The attacker, using this vulnerability of data going in without any check, takes control of the application execution by supplying sufficient data and manipulating the stack pointer. • The attacker, rather than simply execute the application, executes the data and code they have written to the memory within the application context.
Physical Theft • Operating systems have found protection using following ways: • Operating systems can now encrypt individual data files and also the data stored in the memory. • Applications and data can be protected from other users and processes in case an individual gains • access to device for a short period. • Data on devices is protected against subsequent copying in case the device gets stolen. This is done by • encrypting all the data present on the device.
Server Operating System Security Guidelines
Server Operating System Security Guidelines – Installation & Configuration • System Administrators verify that already installed Servers & guidance for new server setup and general topics required for setting up a server in secure environment. The installation should be carried out from the original media, supplied by the vendor. – OS Hardening Patches: One of the most important tasks of the System Administrator (SA) is to keep the most current patches for the OS and application software installed on a server. Many of these patches fix security vulnerabilities that are well known to intruders. • Service packs are used to patch a wide range of vulnerabilities and bugs. • The latest service pack that has been tested to work in one’s environment should always be applied after installing the operating system.
Server Operating System Security Guidelines • Hotfixes are released more frequently than service packs and are meant to patch a more specific problem. • Not all hotfixes may be needed for a particular system. Before installing these fixes on critical systems or installing them on a large number of devices, hotfixes should be tested to ensure that there is no conflict with other third party drivers. • Disabling unwanted services and protocols • Only required network services should be installed in the server. • There are many default services with the standard OS software. Depending upon the role of server one should load only required network services, like on a mail server DNS service is not required.
Server Operating System Security Guidelines • Each network protocol should be configured for security settings, like in case of TCP/IP protocol only essential ports should be enabled. • For example, on MS Windows NT Server disable inbound and outbound traffic to the external connections for TCP and UDP ports 135, 137, 139 and UDP port 138. • Blocking these ports prevents potential intruders from gathering useful information such as computer names, usernames, and services running on those computers. • Security scanner tools like NMAP, NESSUS should be run to know which ports or services are currently open or running on the server.
Workstation Operating System Security Guidelines • The word "workstation" is used in this module to mean the combination of the hardware, operating system, application software, and network connection. • Planning and executing the deployment of workstation. • Configuring workstation to help make them less vulnerable to attack. • Maintaining the integrity of deployed workstation. • Improving user awareness of security issues.
OS and Application S/W Hardening • OS media should be procured only from an authorised vendor of the manufacturer. • To patch up the vulnerabilities and loopholes of the OS, install all the latest service packs, security patches, hot-fixes, OS updates, etc. as available and applicable for this version at the time of installation. • These patches/updates etc. are available from the vendors as well as from their websites. • Initially, all the ports should be closed/disabled and may be enabled/opened as and when required. • Turn off all network services that are not needed. • Define how long the computer or application can be used. Create a mandatory automated logoff policy based on inactivity or time of day. • Disable application features that expose vulnerability through configuration changes. • Control access to settings, control panels and run functions. Define who has access to applications by location, time of day or time period.
Mobile Operating Systems
Threats of Mobile Operating Systems • Some major threats & vulnerabilities of mobile OS • – Malware Trojans Virus Worm Spyware • – Vulnerabilities Device-Hardware Vulnerabilities Software Vulnerabilities
Threats of Mobile Operating Systems
Threats of Mobile Operating Systems • • Some major attacks of mobile OS • – Hardware-based attacks • – Device-independent attacks • – Software-based attacks • – User-based attacks • JTAG (Joint Test Action Group) Attacks • Forensic Analysis • Phishing Attacks • QR Code Based Attacks • SSL Proxy Attacks
Endpoint Security Chapter-3
What is Endpoint Security • Security is top of mind for today’s CIO/CISO and endpoints are the new target. • Criminals are targeting employees and using their devices to gain access to networks. • Compromise is inevitable but a breach can be prevented. Anti-virus solutions are important but they no longer offer complete protection to the organization. • The terms Endpoint Security or Endpoint Protection are generally used to refer to corporate products that include a range of security features. These typically include: • Malware removal based on existing signature files and heuristic algorithms • Built-in antispyware protection • Ingress/Egress firewall • IPS/IDS sensors and warning systems • Application control and user management • Data input/output control, including portable devices
Endpoint Security • Endpoint security products may contain features and functionality such as: • Data loss prevention • Insider threat protection • Disk, endpoint, and email encryption • Application whitelisting or control • Network access control • Data classification • Endpoint detection and response • Privileged user control
Critical Components of Endpoint Security • Endpoint encryption fully encrypts your enterprise data on endpoints, including laptops, mobile devices, and other endpoints, as well as in individual folders, files, and removable storage devices like CDs and USB drives. • Application control prevents the execution of unauthorized applications on endpoints, a core component of comprehensive endpoint security measures. • Application control solves the challenge of employees downloading unauthorized or dangerous applications on mobile devices, which could create network vulnerabilities and lead to unauthorized access.
Endpoint security perspectives: Consumer versus corporate there is no central administration: • Signature and application updates are received from the developer's control servers via the Internet. • Endpoint security apps are configured on each computer. • Alert and log entries are only available on the affected computer. Centralized administration allows: • Single sign-on web interface for configuring endpoints. • All log entries and alerts to be sent to one location, the controlling server. • Downloading of signature and application updates once, then the server application pushes the files out to all endpoints.
Pillars of Endpoint Security • Four Pillars of Endpoint Security include: • Endpoint hardening - protect the endpoint from attack • Endpoint resiliency - make the endpoint auto-healing • Network prioritization - guard network bandwidth • Network resiliency - make the network auto-healing There are four tenets of security: identity, authentication, access control, and authorization. • Identity - how principals, such as users, are represented. • Authentication - how identity is established. For example, a user in possession of a smartcard provisioned with a trusted X.509 certificate, plus knowledge of the smartcard PIN, will use the card to authenticate, thereby establishing his or her identity within the system. • Access control - the ability of the system to selectively allow or deny principals to perform actions on protected objects. Access control enforces authorization rules. • Authorization - the process by which access control rules are expressed.
• Endpoint Hardening: The goal of the first pillar - endpoint hardening - is to ensure that network assets are using the latest technologies to defend against threats. Typical threats include unsafe email attachments, worm-like viruses that propagate over the network, and related threats to your web browsers. The following technologies can aid in endpoint hardening: • Antivirus and anti-malware software • Mandatory integrity levels • Auditing of network resource access
Endpoint Resiliency • The goal of endpoint resiliency is to ensure that health information on devices and applications is continuously gathered and monitored. That way failed devices or applications can be automatically repaired, thus allowing operations to continue. The following technologies can make endpoints more resilient: • Network access control (NAC), including products such as Cisco NAC and Microsoft Network Access Protection • Configuration baselining, including the use of government standards such as Security Content Automation Protocol (SCAP) • Patching • Antivirus and anti-malware software • Centralized policy and confirmation management, including products such as Microsoft System Center and VMware vCenter
Network Prioritization • The goal of network prioritization is to ensure that the available infrastructure can always meet application bandwidth needs. This consideration applies not only at well-known peak demand times, but also when there are unexpected surges on network loads and distributed external and internal attacks. Network Resiliency • The goal of network resiliency is to allow for seamless asset failover. Techniques in this area ideally afford reconfiguring the network in real-time as performance degrades. • This pillar is similar to endpoint resiliency in that the goal is to facilitate network self-healing in order to minimize the management burden.
Endpoint Security in BYOD • Four Pillars of Endpoint Security in Bring your own device (BYOD) • Endpoint hardening - technologies like platform attestation allow server-side resources to extract high-assurance security claims from mobile devices. • This helps to keep sensitive data off malware and rootkit infested devices and can also be used to enforce client attributes, such as the use of hardware-based disk encryption. • The latest generation of mobile devices supports a variety of high- integrity security features, including TPMs, SIMs, and other hardened cryptographic and data protection features. • Endpoint reliability -Enforcing patching and platform updates is key to maintaining endpoint reliability; technologies exist to do this across all platforms.
Endpoint Security in BYOD • Network prioritization - link encryption is a must-have. All web applications should enforce Transport Layer Security (TLS); all clients support it. Bandwidth waste is on unencrypted or untrusted requests is avoided. • Network reliability - many of the same proven security technologies and practices apply equally across traditional enterprise computing assets: routers, servers, laptops, and desktops. • They need to be utilized and they’re constantly increasing in sophistication. This applies whether the assets are mobile, private cloud, or public cloud.
Endpoint Encryption Defining endpoint encryption and its difference modes – Disk Encryption: Endpoint encryption (which typically includes disk encryption and removable media encryption) protects this data, rendering it unreadable to unauthorized users. Endpoint encryption describes the differences between disk encryption and file encryption, details how disk encryption and removable media encryption work, and addresses recovery mechanisms. – Removable Media Encryption: Removable media encryption software provides the ability to encrypt files on removable storage devices. When a user copies files of a system onto a removable storage device, each file is encrypted to a password, a shared key or a certificate. At the same time, utilities for Windows or Mac systems can be copied (if permitted by policy) allowing authorized access to data without the endpoint client installed on a machine.
Driver influence endpoint security • Explaining the business drivers that influence the endpoint security – Correct and reliable operation – Service-level agreements – IT asset value – Protection of the business asset value or brand image – Legal and regulatory compliance – Contractual obligation – Financial loss and liability – Critical infrastructure – Safety and survival
Driver influence endpoint security • Explaining the IT drivers that influence the endpoint security – Internal threats and threat agents – External threats and threat agents – IT service management commitments – IT environment complexity – Business environment complexity – Audit and traceability – IT vulnerabilities: Configuration – IT vulnerabilities: Flaws – IT vulnerabilities: Exploits – End User Complexity – Fast-Growing Web Threats – VPN Security Challenges
Challenges of Endpoint Security – Complacency and Risk • IT management bandwidth • More flexible and mobile workforce • Lack of integration • Fast moving security threats – Business Challenges • Lack of IT resources • No in-house expertise • Ad-hoc PC management • Focus on more important tasks • – The Threats Keep Coming
Endpoint Security Solutions General aspects covered by an Endpoint Solution – Personal Firewall – Wireless Security – Port Control – Data Encryption – USB and Storage Device Security – Application Control – Integrity and Remediation – Client Self-Defense – Alerts Monitoring
Endpoint Security Solutions
Gartner’s Magic Quadrant Endpoint protection platforms capabilities & things include in EPP – Antimalware – Personal firewall – Port and device control EPP solutions also often include: • Vulnerability assessment • Application control and application sandboxing • Memory protection • Behavioral monitoring of application code • Endpoint detection and remediation technology • Full-disk and file encryption, also known as mobile data protection • Endpoint data loss prevention (DLP) • Enterprise mobility management (EMM), typically in a parallel non - integrated product
Quadrant Descriptions Explaining the quadrant descriptions – Leaders – Challengers – Visionaries – Niche Players
Evaluation Criteria Definitions – Ability to Execute Product/Service, Overall Viability, Sales Execution/Pricing Market Responsiveness/Record Marketing Execution Customer Experience Operations Completeness of Vision Market Understanding Marketing Strategy Sales Strategy Offering (Product) Strategy Business Model Innovation
Vendor Strengths and Limitations • Bitdefender: Bitdefender still generates the majority of its revenue from consumer sales, but the gap between consumer sales and enterprise sales narrowed in 2015. • The company is investing heavily into its sales operations in Europe and the U.S. Updates to the enterprise offering included improvements in security event feeds from endpoints to the management console, formulating better insights into the presence of malware, unwanted applications, advanced threats and remediation. Strengths • Bitdefender provides very good malware detection capabilities, including a sandboxed application emulation environment, automatic unknown file analysis and continuous behavior monitoring, resulting in very good public test scores. Limitations Bitdefender does not offer full feature parity between Windows, OS X and Linux. The Windows offering supports anti-malware, firewall, content control and device control. OS X and Linux have only anti- malware capabilities.
Vendor Strengths and Limitations Check Point Software Technologies • Check Point Software Technologies is a well-known network security company. Its venture into the EPP market, starting with the 2004 acquisition of ZoneAlarm, continues to suffer from poor marketing and channel execution. Strengths • Endpoint's URL filtering capability enables an off-LAN URL filtering security policy synchronized with a firewall blade policy. Limitations • Check Point's application control capabilities (which it calls "program control") remain largely unchanged for this year. Application control capabilities continue to rely on URL filtering, anti-bot and anti-malware for restricting unapproved and suspicious applications.
Application Server Security Chapter-4
Application Server Security Overview
Application Server Security Overview • Security is a system issue, not a single-product issue. Each component of system application affects the security of the entire system. • Web Browsers • Firewalls • Load Balancers • Virtual Private Networks (VPNs)
SSL Keys and Certificates • When an SSL session is negotiated, the following steps take place: • The server sends the client its public key. • The client creates a bulk encryption key, often a 128 bit RC4 key, using a specified encryption suite. • The client encrypts the bulk key with the server's public key, and sends the encrypted bulk key to the server. • The server decrypts the bulk encryption key using the server’s private key. • This set of operations is called key exchange. After key exchange has taken place, the client and the server use the bulk encryption key to encrypt all exchanged data.
Web Traffic Security Approaches
SSL (Secure Socket Layer) • transport layer security service • originally developed by Netscape • version 3 designed with public input • subsequently became Internet standard known as TLS (Transport Layer Security) • uses TCP to provide a reliable end-to-end service • SSL has two layers of protocols
SSL Architecture
SSL Architecture SSL connection a transient, peer-to-peer, communications link associated with 1 SSL session SSL session an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections
SSL Architecture  Session state is defined by  Session Identifier  Peer Certificate  Compression methods  Cipher Spec  Master Secret  Is Resumable  Connection state is defined by  Server and Client Random  Server write MAC secret  Client write MAC secret  Server write key  Client write key  Initialization vectors  Sequence numbers
SSL Record Protocol Operation
SSL Change Cipher Spec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message • causes pending state to become current • hence updating the cipher suite in use
SSL Alert Protocol conveys SSL-related alerts to peer entity severity • warning or fatal specific alert • fatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • warning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown compressed & encrypted like all SSL data
SSL Handshake Protocol  allows server & client to:  authenticate each other  to negotiate encryption & MAC algorithms  to negotiate cryptographic keys to be used  comprises a series of messages in phases 1. Establish Security Capabilities 2. Server Authentication and Key Exchange 3. Client Authentication and Key Exchange 4. Finish
7-73 SSL Handshake Protocol
Need of Security • Application Server Threats and Countermeasures – Network Eavesdropping – Unauthorized Access – Viruses, Worms, and Trojan Horses
Introduction to Oracle Application Server • Introduction to Oracle Application Server and security objectives – Providing Basic Security Services – Supporting Standards – Ensuring Deployment and Configuration Flexibility – Minimizing Application Development and Deployment Cost – Providing Security in Depth
Security architecture of oracle application server
Oracle Application Server Security Best Practices – Best practices for HTTPS Use – Best Practices for Cookie Security – Best Practices for Certificates Use – Review Code and Content Against Already Known Attack – Follow Common Sense Firewall Practices – Leverage Declarative Security – Use Switched Connections in DMZ – Place Application Server in the DMZ – Secure Sockets Layer
Web Application Server Security best practices – Use separate servers for internal and external applications – Use Separate Development Server for Testing and Debugging Apps – Audit Website activity and store logs in a secure location – Education of developers on sound security coding practices – Patching Operating System and Web Server – Use of Application Scanners
Introduction to OWASP • Introduction to OWASP and top 10 OWASP – Insecure Data Storage – Weak Server-Side Controls – Insufficient Transport Layer Protection – Client Side Injection – Poor Authorization and Authentication – Improper Session Handling – Security Decisions via Untrusted Inputs – Side Channel Data Leakage – Broken Cryptography – Sensitive Information Disclosure
Mobile Application Security Testing • We Can Divide Mobile Application Testing into Three Parts: – Dynamic analysis – Black box security testing – Static analysis & code review
Identifying and protecting • Every piece of data is sensitive. Data cannot be classified as sensitive and non-sensitive. Users enter data into an application under the assumption that security will not be compromised. Considering the importance users give to data, applications should be designed to treat every little piece of user data as sensitive. Examples of personal data users prefer to keep private: • Their location • Contacts • Unique device and customer identifiers • Identity of the data subject • Identity of the phone (make of the phone) • Credit card and payment data • Phone call logs, SMS or instant messaging • Browsing history • Email
Protecting Data • The data handled by an application should be protected from storage to transit • Access to data being stored in another field is to be taken into consideration while handling data • An important location where data leak can occur is the side channel data leakage • Data should be logged or shown in error logs • Each piece of code that handles data needs to be crafted carefully • User data should be encrypted using smart algorithms before being stored on the device • The encryption method should use a strong key • The data stored on the device should be accessible only to the application that stores the data • The data should not be given global read privileges leading to other applications residing on the device • Whenever the data is transferred to other locations, such as a server, the application should use https
Formidable App • Creating a Formidable App • Developers creating mobile applications need to realize that the mobile application is only a part of the system that attackers target. • When an application is built, every piece of information that enters the application needs to be validated. • User input should be considered, but not enforced while making security decisions • The data stored on the device should be handled carefully to ensure that none of the information is accessible even when the device changes hands • The permissions set to the files and databases should ensure that application use is unique and should be accessible only to the owner • The user may install a malicious application accidentally. Such applications should not be able to access the files and database of the developed application
Steps to Create a Secure and Powerful Application • The first step is to identify the data that is most critical to an application or a device – this can be done by threat modeling the data before development. • Consider all the data that the application uses, analyze the data and identify the threat level associated with the data. • Once the threat modeling is done, decide the level of security that is required to protect the data. • During the coding phase the developer writes necessary protection methods for the data. • This includes validations on both client and server sides to hashing and encryption of data. Security is embedded into the application without disturbing the business logic of the application.
Security Testing Tools • – Qasat • – HashQ • – Android Emulator • – WebScarab • – WebSlayer
Database Server Security Chapter-5
Introduction to Database Server Security • A database can be defined as a collection of data that is saved on a computer system’s hard drive. • Databases allow any authorized user to access, enter and analyse data quickly and easily. It’s a collection of queries, tables and views. • The data stored in the databases are usually organised to model aspects that support processes that require information storage and retrieval. • These layers are: database administrator system administrator, security officer, developers and employee and security can be breached at any of these layers by an attacker.
Importance of Database Server Security • Database servers are the foundation of virtually every Electronic Business, Financial, and Enterprise Resource Planning (ERP) system, and frequently include sensitive information from business partners and customers. • Data integrity and improper access can be compromised by many factors, including complexity, insecure password usage, misconfigurations, and unrecognized system backdoors, making imperative regular use of an adaptive database server security solution. • Database security concerns the use of a broad range of information security controls to protect databases (potentially including the data, the database applications or stored functions, the database systems, the database servers and the associated network links) against compromises of their confidentiality, integrity and availability.
Architecture for Database Systems • Explaining the Architecture for Database Systems and it provide: – Independence of data and programs – Ease of system design – Ease of programming – Powerful query facilities – Protection of data
Architecture for Database Systems • As new computing methods have evolved, different methods of transferring the data between the database systems and the end users have been also evolved. For database-backed up systems, there are three most common architectures as follows: • A direct link to the computer which performs all the work • A client/server (two-tier) architecture • A thin client (three-tier) architecture In general, the goals of database security are: • Confidentiality and secrecy: Data should not ever be revealed to anyone who is not authorized to access it • Authentication, accuracy and integrity: It means that data cannot be modified maliciously or corrupted intentionally. • Recoverable and availability: Systems should continue working, and the lost data could be recovered easily, efficiently and in the original form
Database attacks,security & lifecycle • Attacks on Database • Two kinds of attack can be made to the databases; physical attack and the logical attack. Physical attacks can include forced disclosure of sensitive information like passwords, demolition of storage devices in system, complete power failure, and theft of secured information. While logical threats are intentionally or unauthorized access to sensitive information. – Insider Threat – Login Attacks
Database security lifecycle
Need of Database Server Security • Following are the database vulnerabilities – Lack of security feature maturity Login Attacks – Database Password Management – Oracle Internal Password – Oracle Listener Process password – Oracle Internal Password - “orapw” File Permission Control – Operating system back doors – Auditing – TrojanHorses Database Vulnerabilities • Risks associated with vendor-supplied software • Risks associated with administration • Risks associated with user activity
Database Server threats & countermeasures • Following are the database vulnerabilities – SQL Injection – Network Eavesdropping – Unauthorized Server Access – Password Cracking •
Acquiring Database and Server Security • Explaining the database acquiring and server security mechanisms – NAT and PAT – A demilitarised zone (DMZ) – Content-based firewalls – SSL connections – IPSec security
Securing Open Source Databases • How to secure open source database and its methodology – Patches and Updates – Services – Protocols – Accounts – Files and Directories – Shares – Ports – Registry – Auditing and Logging – SQL Server Security – SQL Server Logins, Users, and Roles – SQL Server Database Objects
Steps for Securing Database Server
Best Practices to secure database server • Database server secure practices and planning – Strong Password Policy Execution – Discard all Default Users and Demo-test Databases – Change the Admin User Name – User Privileges Need to be Restricted – Disable Public Network Access to Database Servers – Enforce SSL/TLS on Remote Connections and Restrict IP – Check for Database Dumps in Public Locations – Encrypt Your Application Files and Backups – Web Application Firewall and Malware Scanner Should be used – Always keep the Software Updated
Security Checklist for a Database Administrator • Ensure that the database RDBMS version is a vendor supported product version. • Monitor the RDBMS software on a regular basis to detect unauthorized modifications. • Ensure that all directories and file permissions created by the installation of a RDBMS are protected in accordance with security evaluation specifications if available or, if not, vendor recommendations. • Ensure that end user accounts are not granted permissions to change directory or file permissions associated with the database software.
Security checklist
Database Security Program Design
Database Security Program Design
IT System Security Processes Chapter-6
Identification of risk
Organizational Assets Used in Systems
Threat Identification
Prioritizing System Vulnerabilities
Prepare for Selecting Security Controls
Initial Security Control Baseline
Apply Scoping Guidance
Apply Scoping Guidance The application of appropriate scoping guidance to the initial baseline • – Apply Security Objective-related Considerations • – Apply Common Control-related Considerations • – System Component Allocation-related Considerations • – Apply Scalability-related Considerations • – Document the Decisions in the Security Plan
Analyzing System Environment A brief description of the technical system is provided which includes any environmental or technical factors that raise special security concerns, such as: – The system is connected to the Internet; – It is located in a harsh or overseas environment; – Software is rapidly implemented; – The software resides on an open network used by the general public or with overseas access; – The application is processed at a facility outside of the organization's control; or – The general support mainframe has dial-up lines.
Planning for security in the system lifecycle Few basic phases of IT system lifecycle – Initiation Phase – Development/Acquisition Phase – Implementation Phase – Operation/Maintenance Phase
Applying Operational Controls • Personnel Security • Physical and Environmental Protection

More Related Content

PPTX
Cryptography_system analysis module.pptx
TedaTechTips
 
PPT
Chapter Last.ppt
miki304759
 
PPT
OS Security 2009
Deborah Obasogie
 
PDF
CSI-503 - 10. Security & Protection (Operating System)
ghayour abbas
 
PPTX
Securing Networks and Operating Systems.pptx
lionbitme
 
PPTX
Security & protection in operating system
Abou Bakr Ashraf
 
PDF
Computer Security 3rd Edition Dieter Gollmann
mlxqtaoc385
 
PPTX
Protection and security of operating system
Abdullah Khosa
 
Cryptography_system analysis module.pptx
TedaTechTips
 
Chapter Last.ppt
miki304759
 
OS Security 2009
Deborah Obasogie
 
CSI-503 - 10. Security & Protection (Operating System)
ghayour abbas
 
Securing Networks and Operating Systems.pptx
lionbitme
 
Security & protection in operating system
Abou Bakr Ashraf
 
Computer Security 3rd Edition Dieter Gollmann
mlxqtaoc385
 
Protection and security of operating system
Abdullah Khosa
 

Similar to System Security Sem 2(Module 1).pptx (20)

PPTX
Software Security and Trusted Systems.pptx
fovoni
 
PPT
Protection and Security in Operating Systems
vampugani
 
PPTX
Lecturesocial media ppt social media ppt social media ppt 5.pptx
1230200206
 
PPT
3. security architecture and models
7wounders
 
PDF
Virtualizacion y sistemas operativos por microsoft. Contempla seguridad
AJ florez
 
PPTX
Security & Protection in Operating System
Meghaj Mallick
 
PPT
3 securityarchitectureandmodels-120331064706-phpapp01
wardell henley
 
PPTX
Operating System & Application Security
Sunipa Bera
 
PPT
Computer Securityyyyyyyy - Chapter 1.ppt
SolomonSB
 
PDF
Ch14 security
Welly Dian Astika
 
PPTX
Cryptography and network Security--MOD-1.pptx
MrsPrajnaUR
 
PDF
Dieter_Gollmann_Wiley_Computer_Security.pdf
238Tanisha
 
PDF
Object Oriented Secure Modeling using SELinux Trusted Operating System
Eswar Publications
 
PPTX
Protection and security
mbadhi
 
PDF
OPERATING SYSTEM SECURITY
RohitK71
 
PPTX
Security issues in os
DevAdnani
 
DOCX
FIDO AUTHENTICATIONDEFINITION· Acronym FIDO stands for Fast I
ChereCheek752
 
ODP
Portakal Teknoloji Otc Lyon Part 1
bora.gungoren
 
DOCX
CSEC630 individaul assign
Ronald Jackson, Jr
 
PPTX
Chapter 3 security part i auditing operating systems and networks
Tommy Zul Hidayat
 
Software Security and Trusted Systems.pptx
fovoni
 
Protection and Security in Operating Systems
vampugani
 
Lecturesocial media ppt social media ppt social media ppt 5.pptx
1230200206
 
3. security architecture and models
7wounders
 
Virtualizacion y sistemas operativos por microsoft. Contempla seguridad
AJ florez
 
Security & Protection in Operating System
Meghaj Mallick
 
3 securityarchitectureandmodels-120331064706-phpapp01
wardell henley
 
Operating System & Application Security
Sunipa Bera
 
Computer Securityyyyyyyy - Chapter 1.ppt
SolomonSB
 
Ch14 security
Welly Dian Astika
 
Cryptography and network Security--MOD-1.pptx
MrsPrajnaUR
 
Dieter_Gollmann_Wiley_Computer_Security.pdf
238Tanisha
 
Object Oriented Secure Modeling using SELinux Trusted Operating System
Eswar Publications
 
Protection and security
mbadhi
 
OPERATING SYSTEM SECURITY
RohitK71
 
Security issues in os
DevAdnani
 
FIDO AUTHENTICATIONDEFINITION· Acronym FIDO stands for Fast I
ChereCheek752
 
Portakal Teknoloji Otc Lyon Part 1
bora.gungoren
 
CSEC630 individaul assign
Ronald Jackson, Jr
 
Chapter 3 security part i auditing operating systems and networks
Tommy Zul Hidayat
 
Ad

Recently uploaded (20)

PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
PPTX
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
PDF
PPT on Performance Review to get promotions
prashant593122
 
PPTX
Welding lecture in detail for understanding
sahilpoonia10
 
PDF
Arduino robotics embedded978-1-4302-3184-4.pdf
AbdullahEmam4
 
PDF
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
PDF
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
PPTX
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PPTX
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PPTX
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PPT
Project quality management in manufacturing
BarMusaTetik
 
PDF
July 2025 - Top 10 Read Articles in International Journal of Software Enginee...
sebastianku31
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
PPT on Performance Review to get promotions
prashant593122
 
Welding lecture in detail for understanding
sahilpoonia10
 
Arduino robotics embedded978-1-4302-3184-4.pdf
AbdullahEmam4
 
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
Sustainable Sites - Green Building Construction
mhdumerali
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
Project quality management in manufacturing
BarMusaTetik
 
July 2025 - Top 10 Read Articles in International Journal of Software Enginee...
sebastianku31
 
Ad

System Security Sem 2(Module 1).pptx

  • 1. IT System Security-BCSC-0603 ASHEESH TIWARI DEPT. CEA GLA UNIVERSITY MATHURA UNIT-I
  • 2. Introduction to IT system security • IT system security covers everything from prevention, detection and response to improper access from within and outside an organization, to protect information and systems. • As the critical importance of IT systems grows daily, so does the volume of targeted attacks, internal fraud and other security risks from which IT systems need to be defended. • Elements of IT system security – Vulnerability – Threat – Risk – Exposure – Countermeasure or Safeguard – The Relation Between the Security Elements
  • 3. Goals of IT System Security • IT security generally is comprised of five main goals: Integrity: guaranteeing that the data are those that they are believed to be Confidentiality: ensuring that only authorized individuals have access to the resources being exchanged Availability: guaranteeing the system's proper operation Non-repudiation: guaranteeing that an operation cannot be denied Authentication: ensuring that only authorized individuals have access to the resources
  • 4. Elements of IT System Security • Vulnerability • Threat • Risk • Exposure
  • 5. Threats to IT systems
  • 6. Threats to IT systems
  • 7. Threats to IT systems
  • 8. Technical controls in IT system security
  • 9. Technical controls in IT system security
  • 10. Technical controls in IT system security
  • 12. System security risk management The process of risk assessment involves following activities: – determining the assessment's scope and methodology – collecting and analyzing data – interpreting the risk analysis results System security risk management
  • 14. Introduction of Changing Threats – Basics of Operating Systems & changing threats • Operating systems are the software that provides access to the various hardware resources (e.g. CPU, memory, and devices) that comprise a computer system. • Any program that is being run on a computer system has instructions executed by that computer’s CPU, but these programs may also require the use of other peripheral resources of these complex systems. – Formal security mechanisms in operating system • With the developments in technology and the advent of cloud, there have been increasing trends of operating systems being deployed onto storage resources and shared public computation in cloud data centers. • This, in turn, has attracted attacks against collocated operating systems and their hosting platforms and hence rendering the protection of data and availability of services ineffective.
  • 15. Why OS is Hard to Secure? – OS not able to find themselves prone attacks • The software required to interface these peripheral devices and network of devices could operate in privileged mode within the operating system. • This way, they could access resources, such as processor memory, directly. An attacker is able to gain full control of the operating system, via a crafted USB device, owing to the vulnerabilities within USB device drivers in the operating system. – Multiple peripherals can be externally connected through interfaces, such as integral devices – Unlike USB driver and hardware devices developed by the hardware manufacturers, etc.
  • 16. Securing Operating Systems How to secure operating system and its models: – Trust Model – Threat Model There have been consistent goals for a secure operating system established for almost every community: • Ensuring that the operating system is able to separate users and access to resources by following a defined policy. • Ensuring that a trusted execution path is followed. “Trusted” means that there are no vulnerabilities that might affect the operating system’s ability to separate users and access to resources, such as memory, files, I/O and processes.
  • 17. Trust Model • For an operating system, its trust model is synonymous with the system’s trusted computing base (TCB). • Ideally, a system TCB should consist of the minimal amount of software necessary to enforce the security goals correctly. • The software that must be trusted includes the software that defines the security goals and the software that enforces the security goals (i.e., the operating system’s security mechanism). • Further, software that bootstraps this software must also be trusted. • Thus, an ideal TCB would consist of a bootstrapping mechanism that enables the security goals to be loaded and subsequently enforced for lifetime of the system.
  • 18. Trust Model • The secure operating system developer must prove that their systems have a viable trust model. This requires that: 1. The system TCB must mediate all security-sensitive operations. 2. Verification of the correctness of the TCB software and its data. 3. Verification that the software’s execution cannot be tampered by processes outside the TCB.
  • 19. Threat Model • A threat model defines a set of operations that an attacker may use to compromise a system. • In this threat model, we assume a powerful attacker who is capable of injecting operations from the network and maybe in control of some of the running software on the system. • Key Security Features • – Access control • – Network protection • There are principles that are well established to ensure secure control access and its proper practical implementation: • It has to be ensured that there exists a trusted mechanism to first decide and then enforce the rights of the user (requesting access to a resource) along with designated rights of the resource requested.
  • 20. Threat Model • When these rights are being enforced, it has to be made sure that there are no vulnerabilities present in the enforcement capability. It must be free from any modifications or tampering done beforehand. This concept is referred to as the Trusted Computing Base. • A trusted path must be followed while the enforcement happens. This minimizes the possibility of interruption of execution path by malicious processes or users. This concept is known as the Trusted Path.
  • 21. Key Security Features • Access control • Operating system, at its core, has the ability to administer control over access to system information and resources. • This is done in order to mitigate threats as well as minimize the possibility of any accidental damage by the users. • The need to prevent a poorly implemented application, that can access the private data of users stored in the memory, is as important as the need to prevent inadvertent download of malware through a browser and installing unwanted spying software. • In layman’s terms, access is the ability to read from, write to, or execute a file, operating systems, such as Microsoft Windows, provide richer access operations that provides the option to acquire ownership of or even delete a data type.
  • 22. Key Security Features • There are principles that are well established to ensure secure control access and its proper practical implementation: • It has to be ensured that there exists a trusted mechanism to first decide and then enforce the rights of the user (requesting access to a resource) along with designated rights of the resource requested. • When these rights are being enforced, it has to be made sure that there are no vulnerabilities present in the enforcement capability. It must be free from any modifications or tampering done beforehand. This concept is referred to as the Trusted Computing Base. • A trusted path must be followed while the enforcement happens. This minimizes the possibility of interruption of execution path by malicious processes or users. This concept is known as the Trusted Path.
  • 23. Network protection • With most users finding it mandatory to communicate with each other and while accessing applications and data, most of the operating systems are deployed in highly networked environments. • Before the advent of the more sophisticated operating systems, network that connected the users were believed to be trustworthy as the files that were being shared. • These networks connected organizations on trusted or in-house networks. Nowadays, we have devices that are highly mobile being connected over untrusted and public networks (for e.g., the Internet). • So, to counter this problem, operating systems adapted and the developers started to embed security features (such as firewalls, network encryption and network access protection) onto their • operating systems.
  • 24. Malware protection • Users’ requirements to access and exchange application and files have been increasing. • This has led to an increase in the means of exchange including social media platforms, web portals and messaging systems. • Most of the cyber security attacks have had been a result of a malicious file being received from an email or a website. • Application Verification and Control • For example, this mechanism is implemented by Apple iOS. Apple’s operating system enforces all applications from the app store. • There is no provision to install applications from external sources. The application on the Apple app store are signed by Apple after verifying their integrity from a security perspective.
  • 25. Application Separation: Sandboxing • The technique of sandboxing is used to provide a form of isolation to an application to ensure that the functionality of the application is “boxed-in” (limited), such that the ability of the application to access other running applications, or the memory or network resources of other applications. • This method can be applied using different approaches. • A hypervisor is sought which provides a “container” to separate out and execute multiple operating systems on a common platform. • Whole operating system is virtualized and run on a hypervisor which summaries the hardware environment for the platform. • While this approach protects applications on the same hardware irrespective of the operating system, it does not offer any protection to other applications in the same operating system.
  • 26. Application Execution • There is a possibility of application being exploited by attackers using the user supplied input. • Buffer overrun is the most common form of attacks in the which the input supplied by user end up to be written directly to the operating systems and application memory (normally used to store application execution code, temporary and global data) without any prior verification of its integrity. • The attacker, using this vulnerability of data going in without any check, takes control of the application execution by supplying sufficient data and manipulating the stack pointer. • The attacker, rather than simply execute the application, executes the data and code they have written to the memory within the application context.
  • 27. Physical Theft • Operating systems have found protection using following ways: • Operating systems can now encrypt individual data files and also the data stored in the memory. • Applications and data can be protected from other users and processes in case an individual gains • access to device for a short period. • Data on devices is protected against subsequent copying in case the device gets stolen. This is done by • encrypting all the data present on the device.
  • 28. Server Operating System Security Guidelines
  • 29. Server Operating System Security Guidelines – Installation & Configuration • System Administrators verify that already installed Servers & guidance for new server setup and general topics required for setting up a server in secure environment. The installation should be carried out from the original media, supplied by the vendor. – OS Hardening Patches: One of the most important tasks of the System Administrator (SA) is to keep the most current patches for the OS and application software installed on a server. Many of these patches fix security vulnerabilities that are well known to intruders. • Service packs are used to patch a wide range of vulnerabilities and bugs. • The latest service pack that has been tested to work in one’s environment should always be applied after installing the operating system.
  • 30. Server Operating System Security Guidelines • Hotfixes are released more frequently than service packs and are meant to patch a more specific problem. • Not all hotfixes may be needed for a particular system. Before installing these fixes on critical systems or installing them on a large number of devices, hotfixes should be tested to ensure that there is no conflict with other third party drivers. • Disabling unwanted services and protocols • Only required network services should be installed in the server. • There are many default services with the standard OS software. Depending upon the role of server one should load only required network services, like on a mail server DNS service is not required.
  • 31. Server Operating System Security Guidelines • Each network protocol should be configured for security settings, like in case of TCP/IP protocol only essential ports should be enabled. • For example, on MS Windows NT Server disable inbound and outbound traffic to the external connections for TCP and UDP ports 135, 137, 139 and UDP port 138. • Blocking these ports prevents potential intruders from gathering useful information such as computer names, usernames, and services running on those computers. • Security scanner tools like NMAP, NESSUS should be run to know which ports or services are currently open or running on the server.
  • 32. Workstation Operating System Security Guidelines • The word "workstation" is used in this module to mean the combination of the hardware, operating system, application software, and network connection. • Planning and executing the deployment of workstation. • Configuring workstation to help make them less vulnerable to attack. • Maintaining the integrity of deployed workstation. • Improving user awareness of security issues.
  • 33. OS and Application S/W Hardening • OS media should be procured only from an authorised vendor of the manufacturer. • To patch up the vulnerabilities and loopholes of the OS, install all the latest service packs, security patches, hot-fixes, OS updates, etc. as available and applicable for this version at the time of installation. • These patches/updates etc. are available from the vendors as well as from their websites. • Initially, all the ports should be closed/disabled and may be enabled/opened as and when required. • Turn off all network services that are not needed. • Define how long the computer or application can be used. Create a mandatory automated logoff policy based on inactivity or time of day. • Disable application features that expose vulnerability through configuration changes. • Control access to settings, control panels and run functions. Define who has access to applications by location, time of day or time period.
  • 35. Threats of Mobile Operating Systems • Some major threats & vulnerabilities of mobile OS • – Malware Trojans Virus Worm Spyware • – Vulnerabilities Device-Hardware Vulnerabilities Software Vulnerabilities
  • 36. Threats of Mobile Operating Systems
  • 37. Threats of Mobile Operating Systems • • Some major attacks of mobile OS • – Hardware-based attacks • – Device-independent attacks • – Software-based attacks • – User-based attacks • JTAG (Joint Test Action Group) Attacks • Forensic Analysis • Phishing Attacks • QR Code Based Attacks • SSL Proxy Attacks
  • 39. What is Endpoint Security • Security is top of mind for today’s CIO/CISO and endpoints are the new target. • Criminals are targeting employees and using their devices to gain access to networks. • Compromise is inevitable but a breach can be prevented. Anti-virus solutions are important but they no longer offer complete protection to the organization. • The terms Endpoint Security or Endpoint Protection are generally used to refer to corporate products that include a range of security features. These typically include: • Malware removal based on existing signature files and heuristic algorithms • Built-in antispyware protection • Ingress/Egress firewall • IPS/IDS sensors and warning systems • Application control and user management • Data input/output control, including portable devices
  • 40. Endpoint Security • Endpoint security products may contain features and functionality such as: • Data loss prevention • Insider threat protection • Disk, endpoint, and email encryption • Application whitelisting or control • Network access control • Data classification • Endpoint detection and response • Privileged user control
  • 41. Critical Components of Endpoint Security • Endpoint encryption fully encrypts your enterprise data on endpoints, including laptops, mobile devices, and other endpoints, as well as in individual folders, files, and removable storage devices like CDs and USB drives. • Application control prevents the execution of unauthorized applications on endpoints, a core component of comprehensive endpoint security measures. • Application control solves the challenge of employees downloading unauthorized or dangerous applications on mobile devices, which could create network vulnerabilities and lead to unauthorized access.
  • 42. Endpoint security perspectives: Consumer versus corporate there is no central administration: • Signature and application updates are received from the developer's control servers via the Internet. • Endpoint security apps are configured on each computer. • Alert and log entries are only available on the affected computer. Centralized administration allows: • Single sign-on web interface for configuring endpoints. • All log entries and alerts to be sent to one location, the controlling server. • Downloading of signature and application updates once, then the server application pushes the files out to all endpoints.
  • 43. Pillars of Endpoint Security • Four Pillars of Endpoint Security include: • Endpoint hardening - protect the endpoint from attack • Endpoint resiliency - make the endpoint auto-healing • Network prioritization - guard network bandwidth • Network resiliency - make the network auto-healing There are four tenets of security: identity, authentication, access control, and authorization. • Identity - how principals, such as users, are represented. • Authentication - how identity is established. For example, a user in possession of a smartcard provisioned with a trusted X.509 certificate, plus knowledge of the smartcard PIN, will use the card to authenticate, thereby establishing his or her identity within the system. • Access control - the ability of the system to selectively allow or deny principals to perform actions on protected objects. Access control enforces authorization rules. • Authorization - the process by which access control rules are expressed.
  • 44. • Endpoint Hardening: The goal of the first pillar - endpoint hardening - is to ensure that network assets are using the latest technologies to defend against threats. Typical threats include unsafe email attachments, worm-like viruses that propagate over the network, and related threats to your web browsers. The following technologies can aid in endpoint hardening: • Antivirus and anti-malware software • Mandatory integrity levels • Auditing of network resource access
  • 45. Endpoint Resiliency • The goal of endpoint resiliency is to ensure that health information on devices and applications is continuously gathered and monitored. That way failed devices or applications can be automatically repaired, thus allowing operations to continue. The following technologies can make endpoints more resilient: • Network access control (NAC), including products such as Cisco NAC and Microsoft Network Access Protection • Configuration baselining, including the use of government standards such as Security Content Automation Protocol (SCAP) • Patching • Antivirus and anti-malware software • Centralized policy and confirmation management, including products such as Microsoft System Center and VMware vCenter
  • 46. Network Prioritization • The goal of network prioritization is to ensure that the available infrastructure can always meet application bandwidth needs. This consideration applies not only at well-known peak demand times, but also when there are unexpected surges on network loads and distributed external and internal attacks. Network Resiliency • The goal of network resiliency is to allow for seamless asset failover. Techniques in this area ideally afford reconfiguring the network in real-time as performance degrades. • This pillar is similar to endpoint resiliency in that the goal is to facilitate network self-healing in order to minimize the management burden.
  • 47. Endpoint Security in BYOD • Four Pillars of Endpoint Security in Bring your own device (BYOD) • Endpoint hardening - technologies like platform attestation allow server-side resources to extract high-assurance security claims from mobile devices. • This helps to keep sensitive data off malware and rootkit infested devices and can also be used to enforce client attributes, such as the use of hardware-based disk encryption. • The latest generation of mobile devices supports a variety of high- integrity security features, including TPMs, SIMs, and other hardened cryptographic and data protection features. • Endpoint reliability -Enforcing patching and platform updates is key to maintaining endpoint reliability; technologies exist to do this across all platforms.
  • 48. Endpoint Security in BYOD • Network prioritization - link encryption is a must-have. All web applications should enforce Transport Layer Security (TLS); all clients support it. Bandwidth waste is on unencrypted or untrusted requests is avoided. • Network reliability - many of the same proven security technologies and practices apply equally across traditional enterprise computing assets: routers, servers, laptops, and desktops. • They need to be utilized and they’re constantly increasing in sophistication. This applies whether the assets are mobile, private cloud, or public cloud.
  • 49. Endpoint Encryption Defining endpoint encryption and its difference modes – Disk Encryption: Endpoint encryption (which typically includes disk encryption and removable media encryption) protects this data, rendering it unreadable to unauthorized users. Endpoint encryption describes the differences between disk encryption and file encryption, details how disk encryption and removable media encryption work, and addresses recovery mechanisms. – Removable Media Encryption: Removable media encryption software provides the ability to encrypt files on removable storage devices. When a user copies files of a system onto a removable storage device, each file is encrypted to a password, a shared key or a certificate. At the same time, utilities for Windows or Mac systems can be copied (if permitted by policy) allowing authorized access to data without the endpoint client installed on a machine.
  • 50. Driver influence endpoint security • Explaining the business drivers that influence the endpoint security – Correct and reliable operation – Service-level agreements – IT asset value – Protection of the business asset value or brand image – Legal and regulatory compliance – Contractual obligation – Financial loss and liability – Critical infrastructure – Safety and survival
  • 51. Driver influence endpoint security • Explaining the IT drivers that influence the endpoint security – Internal threats and threat agents – External threats and threat agents – IT service management commitments – IT environment complexity – Business environment complexity – Audit and traceability – IT vulnerabilities: Configuration – IT vulnerabilities: Flaws – IT vulnerabilities: Exploits – End User Complexity – Fast-Growing Web Threats – VPN Security Challenges
  • 52. Challenges of Endpoint Security – Complacency and Risk • IT management bandwidth • More flexible and mobile workforce • Lack of integration • Fast moving security threats – Business Challenges • Lack of IT resources • No in-house expertise • Ad-hoc PC management • Focus on more important tasks • – The Threats Keep Coming
  • 53. Endpoint Security Solutions General aspects covered by an Endpoint Solution – Personal Firewall – Wireless Security – Port Control – Data Encryption – USB and Storage Device Security – Application Control – Integrity and Remediation – Client Self-Defense – Alerts Monitoring
  • 55. Gartner’s Magic Quadrant Endpoint protection platforms capabilities & things include in EPP – Antimalware – Personal firewall – Port and device control EPP solutions also often include: • Vulnerability assessment • Application control and application sandboxing • Memory protection • Behavioral monitoring of application code • Endpoint detection and remediation technology • Full-disk and file encryption, also known as mobile data protection • Endpoint data loss prevention (DLP) • Enterprise mobility management (EMM), typically in a parallel non - integrated product
  • 56. Quadrant Descriptions Explaining the quadrant descriptions – Leaders – Challengers – Visionaries – Niche Players
  • 57. Evaluation Criteria Definitions – Ability to Execute Product/Service, Overall Viability, Sales Execution/Pricing Market Responsiveness/Record Marketing Execution Customer Experience Operations Completeness of Vision Market Understanding Marketing Strategy Sales Strategy Offering (Product) Strategy Business Model Innovation
  • 58. Vendor Strengths and Limitations • Bitdefender: Bitdefender still generates the majority of its revenue from consumer sales, but the gap between consumer sales and enterprise sales narrowed in 2015. • The company is investing heavily into its sales operations in Europe and the U.S. Updates to the enterprise offering included improvements in security event feeds from endpoints to the management console, formulating better insights into the presence of malware, unwanted applications, advanced threats and remediation. Strengths • Bitdefender provides very good malware detection capabilities, including a sandboxed application emulation environment, automatic unknown file analysis and continuous behavior monitoring, resulting in very good public test scores. Limitations Bitdefender does not offer full feature parity between Windows, OS X and Linux. The Windows offering supports anti-malware, firewall, content control and device control. OS X and Linux have only anti- malware capabilities.
  • 59. Vendor Strengths and Limitations Check Point Software Technologies • Check Point Software Technologies is a well-known network security company. Its venture into the EPP market, starting with the 2004 acquisition of ZoneAlarm, continues to suffer from poor marketing and channel execution. Strengths • Endpoint's URL filtering capability enables an off-LAN URL filtering security policy synchronized with a firewall blade policy. Limitations • Check Point's application control capabilities (which it calls "program control") remain largely unchanged for this year. Application control capabilities continue to rely on URL filtering, anti-bot and anti-malware for restricting unapproved and suspicious applications.
  • 62. Application Server Security Overview • Security is a system issue, not a single-product issue. Each component of system application affects the security of the entire system. • Web Browsers • Firewalls • Load Balancers • Virtual Private Networks (VPNs)
  • 63. SSL Keys and Certificates • When an SSL session is negotiated, the following steps take place: • The server sends the client its public key. • The client creates a bulk encryption key, often a 128 bit RC4 key, using a specified encryption suite. • The client encrypts the bulk key with the server's public key, and sends the encrypted bulk key to the server. • The server decrypts the bulk encryption key using the server’s private key. • This set of operations is called key exchange. After key exchange has taken place, the client and the server use the bulk encryption key to encrypt all exchanged data.
  • 64. Web Traffic Security Approaches
  • 65. SSL (Secure Socket Layer) • transport layer security service • originally developed by Netscape • version 3 designed with public input • subsequently became Internet standard known as TLS (Transport Layer Security) • uses TCP to provide a reliable end-to-end service • SSL has two layers of protocols
  • 67. SSL Architecture SSL connection a transient, peer-to-peer, communications link associated with 1 SSL session SSL session an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections
  • 68. SSL Architecture  Session state is defined by  Session Identifier  Peer Certificate  Compression methods  Cipher Spec  Master Secret  Is Resumable  Connection state is defined by  Server and Client Random  Server write MAC secret  Client write MAC secret  Server write key  Client write key  Initialization vectors  Sequence numbers
  • 69. SSL Record Protocol Operation
  • 70. SSL Change Cipher Spec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message • causes pending state to become current • hence updating the cipher suite in use
  • 71. SSL Alert Protocol conveys SSL-related alerts to peer entity severity • warning or fatal specific alert • fatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • warning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown compressed & encrypted like all SSL data
  • 72. SSL Handshake Protocol  allows server & client to:  authenticate each other  to negotiate encryption & MAC algorithms  to negotiate cryptographic keys to be used  comprises a series of messages in phases 1. Establish Security Capabilities 2. Server Authentication and Key Exchange 3. Client Authentication and Key Exchange 4. Finish
  • 74. Need of Security • Application Server Threats and Countermeasures – Network Eavesdropping – Unauthorized Access – Viruses, Worms, and Trojan Horses
  • 75. Introduction to Oracle Application Server • Introduction to Oracle Application Server and security objectives – Providing Basic Security Services – Supporting Standards – Ensuring Deployment and Configuration Flexibility – Minimizing Application Development and Deployment Cost – Providing Security in Depth
  • 76. Security architecture of oracle application server
  • 77. Oracle Application Server Security Best Practices – Best practices for HTTPS Use – Best Practices for Cookie Security – Best Practices for Certificates Use – Review Code and Content Against Already Known Attack – Follow Common Sense Firewall Practices – Leverage Declarative Security – Use Switched Connections in DMZ – Place Application Server in the DMZ – Secure Sockets Layer
  • 78. Web Application Server Security best practices – Use separate servers for internal and external applications – Use Separate Development Server for Testing and Debugging Apps – Audit Website activity and store logs in a secure location – Education of developers on sound security coding practices – Patching Operating System and Web Server – Use of Application Scanners
  • 79. Introduction to OWASP • Introduction to OWASP and top 10 OWASP – Insecure Data Storage – Weak Server-Side Controls – Insufficient Transport Layer Protection – Client Side Injection – Poor Authorization and Authentication – Improper Session Handling – Security Decisions via Untrusted Inputs – Side Channel Data Leakage – Broken Cryptography – Sensitive Information Disclosure
  • 80. Mobile Application Security Testing • We Can Divide Mobile Application Testing into Three Parts: – Dynamic analysis – Black box security testing – Static analysis & code review
  • 81. Identifying and protecting • Every piece of data is sensitive. Data cannot be classified as sensitive and non-sensitive. Users enter data into an application under the assumption that security will not be compromised. Considering the importance users give to data, applications should be designed to treat every little piece of user data as sensitive. Examples of personal data users prefer to keep private: • Their location • Contacts • Unique device and customer identifiers • Identity of the data subject • Identity of the phone (make of the phone) • Credit card and payment data • Phone call logs, SMS or instant messaging • Browsing history • Email
  • 82. Protecting Data • The data handled by an application should be protected from storage to transit • Access to data being stored in another field is to be taken into consideration while handling data • An important location where data leak can occur is the side channel data leakage • Data should be logged or shown in error logs • Each piece of code that handles data needs to be crafted carefully • User data should be encrypted using smart algorithms before being stored on the device • The encryption method should use a strong key • The data stored on the device should be accessible only to the application that stores the data • The data should not be given global read privileges leading to other applications residing on the device • Whenever the data is transferred to other locations, such as a server, the application should use https
  • 83. Formidable App • Creating a Formidable App • Developers creating mobile applications need to realize that the mobile application is only a part of the system that attackers target. • When an application is built, every piece of information that enters the application needs to be validated. • User input should be considered, but not enforced while making security decisions • The data stored on the device should be handled carefully to ensure that none of the information is accessible even when the device changes hands • The permissions set to the files and databases should ensure that application use is unique and should be accessible only to the owner • The user may install a malicious application accidentally. Such applications should not be able to access the files and database of the developed application
  • 84. Steps to Create a Secure and Powerful Application • The first step is to identify the data that is most critical to an application or a device – this can be done by threat modeling the data before development. • Consider all the data that the application uses, analyze the data and identify the threat level associated with the data. • Once the threat modeling is done, decide the level of security that is required to protect the data. • During the coding phase the developer writes necessary protection methods for the data. • This includes validations on both client and server sides to hashing and encryption of data. Security is embedded into the application without disturbing the business logic of the application.
  • 85. Security Testing Tools • – Qasat • – HashQ • – Android Emulator • – WebScarab • – WebSlayer
  • 87. Introduction to Database Server Security • A database can be defined as a collection of data that is saved on a computer system’s hard drive. • Databases allow any authorized user to access, enter and analyse data quickly and easily. It’s a collection of queries, tables and views. • The data stored in the databases are usually organised to model aspects that support processes that require information storage and retrieval. • These layers are: database administrator system administrator, security officer, developers and employee and security can be breached at any of these layers by an attacker.
  • 88. Importance of Database Server Security • Database servers are the foundation of virtually every Electronic Business, Financial, and Enterprise Resource Planning (ERP) system, and frequently include sensitive information from business partners and customers. • Data integrity and improper access can be compromised by many factors, including complexity, insecure password usage, misconfigurations, and unrecognized system backdoors, making imperative regular use of an adaptive database server security solution. • Database security concerns the use of a broad range of information security controls to protect databases (potentially including the data, the database applications or stored functions, the database systems, the database servers and the associated network links) against compromises of their confidentiality, integrity and availability.
  • 89. Architecture for Database Systems • Explaining the Architecture for Database Systems and it provide: – Independence of data and programs – Ease of system design – Ease of programming – Powerful query facilities – Protection of data
  • 90. Architecture for Database Systems • As new computing methods have evolved, different methods of transferring the data between the database systems and the end users have been also evolved. For database-backed up systems, there are three most common architectures as follows: • A direct link to the computer which performs all the work • A client/server (two-tier) architecture • A thin client (three-tier) architecture In general, the goals of database security are: • Confidentiality and secrecy: Data should not ever be revealed to anyone who is not authorized to access it • Authentication, accuracy and integrity: It means that data cannot be modified maliciously or corrupted intentionally. • Recoverable and availability: Systems should continue working, and the lost data could be recovered easily, efficiently and in the original form
  • 91. Database attacks,security & lifecycle • Attacks on Database • Two kinds of attack can be made to the databases; physical attack and the logical attack. Physical attacks can include forced disclosure of sensitive information like passwords, demolition of storage devices in system, complete power failure, and theft of secured information. While logical threats are intentionally or unauthorized access to sensitive information. – Insider Threat – Login Attacks
  • 93. Need of Database Server Security • Following are the database vulnerabilities – Lack of security feature maturity Login Attacks – Database Password Management – Oracle Internal Password – Oracle Listener Process password – Oracle Internal Password - “orapw” File Permission Control – Operating system back doors – Auditing – TrojanHorses Database Vulnerabilities • Risks associated with vendor-supplied software • Risks associated with administration • Risks associated with user activity
  • 94. Database Server threats & countermeasures • Following are the database vulnerabilities – SQL Injection – Network Eavesdropping – Unauthorized Server Access – Password Cracking •
  • 95. Acquiring Database and Server Security • Explaining the database acquiring and server security mechanisms – NAT and PAT – A demilitarised zone (DMZ) – Content-based firewalls – SSL connections – IPSec security
  • 96. Securing Open Source Databases • How to secure open source database and its methodology – Patches and Updates – Services – Protocols – Accounts – Files and Directories – Shares – Ports – Registry – Auditing and Logging – SQL Server Security – SQL Server Logins, Users, and Roles – SQL Server Database Objects
  • 97. Steps for Securing Database Server
  • 98. Best Practices to secure database server • Database server secure practices and planning – Strong Password Policy Execution – Discard all Default Users and Demo-test Databases – Change the Admin User Name – User Privileges Need to be Restricted – Disable Public Network Access to Database Servers – Enforce SSL/TLS on Remote Connections and Restrict IP – Check for Database Dumps in Public Locations – Encrypt Your Application Files and Backups – Web Application Firewall and Malware Scanner Should be used – Always keep the Software Updated
  • 99. Security Checklist for a Database Administrator • Ensure that the database RDBMS version is a vendor supported product version. • Monitor the RDBMS software on a regular basis to detect unauthorized modifications. • Ensure that all directories and file permissions created by the installation of a RDBMS are protected in accordance with security evaluation specifications if available or, if not, vendor recommendations. • Ensure that end user accounts are not granted permissions to change directory or file permissions associated with the database software.
  • 103. IT System Security Processes Chapter-6
  • 108. Prepare for Selecting Security Controls
  • 111. Apply Scoping Guidance The application of appropriate scoping guidance to the initial baseline • – Apply Security Objective-related Considerations • – Apply Common Control-related Considerations • – System Component Allocation-related Considerations • – Apply Scalability-related Considerations • – Document the Decisions in the Security Plan
  • 112. Analyzing System Environment A brief description of the technical system is provided which includes any environmental or technical factors that raise special security concerns, such as: – The system is connected to the Internet; – It is located in a harsh or overseas environment; – Software is rapidly implemented; – The software resides on an open network used by the general public or with overseas access; – The application is processed at a facility outside of the organization's control; or – The general support mainframe has dial-up lines.
  • 113. Planning for security in the system lifecycle Few basic phases of IT system lifecycle – Initiation Phase – Development/Acquisition Phase – Implementation Phase – Operation/Maintenance Phase
  • 114. Applying Operational Controls • Personnel Security • Physical and Environmental Protection