Computer security is field of computer science that deals with the protection of computer systems and information from harm, theft, and unauthorized use.
The basic securement requirements are collected inside the CIA Paradigm:
Confidentiality: information can be accessed only by authorized entities. This means that sensitive data should be protected from unauthorized access, ensuring that only those with the proper credentials or permissions can view or retrieve the information.
Integrity: information can be modified only by authorized entities, and only in the way such entities are entitled to modify it. This ensures that data remains accurate, complete, and unaltered throughout its lifecycle. Any unauthorized modifications or tampering attempts should be detected and prevented.
Availability: information must be available to all the parties who have a right to access it, within specified time constraints. This means that the system should be operational and accessible whenever it is needed, ensuring that authorized users can access the information without any disruptions or delays.
WARNING
It’s possible to see that the given definition of availability conflicts with the other two requirements, and this is the main reason why security is an engineering problem.
The security problem is a trade-off between the three requirements, and the goal is to find the best trade-off for the specific system. The CIA Paradigm is the basic framework to frame the security problem.
The basic concepts to frame the security problem are: vulnerabilities, exploits, assets, threats, and risks.
flowchart TD
V[Vulnerability]
E[Exploit]
A[Asset]
T[Threat]
TA[Threat Agent]
R[Risk]
AT[Attack]
S[Security]
V -- 1 or more --> E --> TA
A --> T
TA --> T
E --> AT
A --> R
V --> R
T --> R
R --> S
Vulnerability and Exploits
Definition
A vulnerability is a weakness in the system that can be exploited to violate the CIA constraints.
An example of a software vulnerability is the lack of a check on the size of an attachment.
Definition
An exploit is a specific way to use one or more vulnerabilities to accomplish a specific objective that violates the constraints.
An example of an software exploit is a large attachment leveraging the missing check.
Example
Take in consideration the following code that checks if a number passed as a command line parameter (argv[1]) is equal to 0:
int i;unsigned short s;i = atoi(argv[1]); // parse command line parameter as intif (i == 0) { // check printf("Invalid number: value must be > 0\n"); return -1;}s = i;if (s == 0) { // security check printf("Access GRANTED!\n");}
In order to fine the possible exploit, we can compile the code with the following command gcc -o ex1 ex1.c and try to run it:
$ ./ex1 0Invalid number: value must be > 0$ ./ex1 10 # valid number$ ./ex1 65536 # exploit = the number "65536"Access GRANTED!
The vulnerability is that we check the input on int i with if (i == 0), but int i is guaranteed to be encoded in at least 32 bit (standard C), while unsigned short s can be encoded in 16 bits only. Then we (implicitly) convert an int to an unsigned short and do our “authentication check” on s.
Assets and Threats
Definition
An asset is anything that has value to the organization.
Examples of assets are hardware (e.g., laptops, computers, phones), software (e.g., applications, operating system, db), data (e.g., data stored in a db), and reputation (think about social media).
Definition
A threat is anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset.
Examples of threats are denial of service (e.g., software or hardware unavailable), identity theft (e.g., unauthorized access to software/data), and data leak (e.g., unauthorized release of data).
Attacks and Threat Agents
Definition
An attack is an intentional use of one or more exploits with the objective of compromising a system’s CIA.
Examples of attacks are attaching a “malicious” PDF file to an email and picking a lock to enter a building.
Definition
A threat agent is whoever or whatever is capable of exploiting a vulnerability.
Examples of threat agents are malicious software or individual attaching a file and thief trying to enter a building.
Mass media has perpetuated false myths and controversies surrounding certain terms. For instance, the term “hacker” originally referred to someone with advanced knowledge of computers and networks, and a strong desire to learn. However, the mass media often portrays hackers as malicious individuals, known as black hats. It is important to differentiate between black hats and white hats.
A black hat is an hacker who uses their knowledge for malicious purposes, causing harm to others. On the other hand, a white hat is a security professional who possesses the skills to identify vulnerabilities, develop exploits, create attack-detection methods, devise countermeasures against attacks, and engineer security solutions. These professionals, also known as “ethical hackers,” play a crucial role in ensuring the security of systems and networks.
Risk
Definition
Risk is a statistical and economical evaluation of the exposure to damage because of the presence of vulnerabilities and threats. The risk is calculated as the product of the asset, vulnerabilities, and threats.
The product between the and is the controllable variable of the risk, because it’s possible to reduce the amount of goods that can be damaged and the amount of vulnerabilities of the system. The is the independent variable of the risk, because it’s not possible to control the amount of threats that can be generated.
Definition
Security is the balance between the reduction of vulnerabilities and damage containment and the cost.
The general costs associated with security can be distinguished in direct costs and indirect costs. The direct costs are related to the management of the system, the operational costs associated with the system, and the equipment needed to secure the system. The indirect costs (more relevant in this context) are related to the usability, the performance, the privacy, and the productivity of the system.
It is crucial to comprehend that an increased financial investment does not necessarily equate to enhanced security. Merely allocating more resources to the problem does not guarantee its resolution. For instance, an exorbitantly priced but improperly configured firewall is akin to having no firewall at all. Similarly, implementing a convoluted authentication mechanism that hampers the login process may inadvertently lead users to resort to insecure practices, such as jotting down passwords on sticky notes.
To establish a robust security framework, it is imperative to define boundaries within the system and identify specific components that can be deemed secure. These secure elements then become trusted entities within the overall system architecture.