Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Two common attacks on authenticity are spoofing and relay attacks. Spoofing occurs whenever a process
or message impersonates someone falsely. For example, an email message can spoof a reply-to address or
a network packet can spoof the source IP address. A relay attack occurs when one computer attacks
another computer by transmitting all the attack transmission through a third computer, making this third
computer appear to be the source of the attack.
Confidentiality is defined according to NIST (a security standards group within the U.S. government) to be
assurance that information is not disclosed to unauthorized persons, processes or devices. Some common
attacks that are intended to damage confidentiality are shoulder surfing, network sniffing and vulnerability
scanning. Shoulder surfing is often a low tech (i.e., electronically unsophisticated) kind of attack that
steals passwords by watching or videoing someone as they type their password. A related kind of attack, is
called dumpster diving because the attacker steals information by literally sifting through garbage for
paper that contains confidential information. (A dumpster is a large garbage container.) Network sniffing
occurs any time one computer user examines someone elses network transmissions. Since much of the
Internets traffic (most email, for example) is sent in easily understood form, it is not difficult for an
attacker with sufficient intelligence and access to the right wires at the proper time to intercept someones
data. The United States, and many other countries, have declared that a company can lawfully inspect all
information on the computers owned by the company. Therefore, many companies legally inspect their
employees email. Vulnerability scanning is a kind of confidentiality attack that almost always precedes
the real attack. Vulnerability scanning software examines other computers to report on potential
configuration vulnerabilities that can be exploited. Most computer users would assume that such
information is confidential.
This is a good time for a brief aside. In this course we will spend a lot of time talking about attacks and
sometimes the tools attackers use. It is not my intention to teach anyone how to perform and attack.
However, it should be obvious that in order to secure a system you must first know how attackers work. A
second reason for talking about attack tools, is that many of these same tools are quite useful for providing
security. Security professionals talk about white hat and black hat uses. (These terms come from cowboy
movies in the early days of motion pictures. In these movies the good cowboys almost always wore large
white hats, while the bad cowboys nearly always wore black hats.) An attacker (black hat) might use a
vulnerability scanner as a way to discover how to attack a computer. However, the same vulnerability
scanner could be used for white hat purposes. A typical white hat usage would be for a companys
information technology department to use vulnerability scanners on company computers for the purpose of
mitigating the vulnerabilities that are discovered.
NIST defines availability as timely, reliable access to data and information services for authorized users.
Note the importance of the words timely and reliable. I have found websites in the U.S. to take an
extraordinarily long time to access from my office in China. They are not timely, so not truly available.
Similarly, my campus recently had a problem with student email servers. Since they were unreliable,
students mostly used free email accounts they configured at Google, Yahoo or Hotmail. The reliable
availability of email is critical to a university student.
Easily the most common attack on availability is called Denial of Service (DoS). A DoS attack is any
attack designed specifically to target computer(s) so that it(they) cannot perform as their user intends.
Often this happens by overwhelming the target (victim) computer with too much work or using up all of the
memory or disk space on the target. Its not hard to imagine how a novice attacker with a little
programming knowledge could mount a DoS attack by writing a program that transmits enormous numbers
of email messages to one user. If the attacker runs this program on several different computers
simultaneously, then a Distributed Denial of Service (DDOS) results because the attack is distributed to
many different sources.
Every security system can be viewed as a barrier to protect assets. Like a door lock prevents unwanted
entry, security barriers are designed to block attacks to some asset(s). But not every attempt to access the
assets should be blocked. The person with the key can unlock the door. So the security system (barrier)
must allow some attempts to access the assets to be successful and others must be unsuccessful (we say
they are blocked when they are unsuccessful). This means that there are two different ways that any
security system can fail. The obvious type of failure occurs when a security system fails to block an attack.
This is called a false negative. The terms negative and positive are used here to refer whether or not
the security system has detected a potential attack. If the security system detects an attack, that is called a
positive and if the security system believes there is no attack, that is called a negative. A false negative
means that the security system did not detect a potential attack, but it should have..
The second, and less obvious, type of security system failure is called a false positive. False positives
occur whenever a security system detects a potential attack when it should not. When a policeman arrests
the wrong person for a crime, this is a false positive. When a firewall blocks a message that should be
allowed passage, this is also a false positive. So security systems can fail to provide proper security by
being too weak (i.e., false negatives), or by being too strong (i.e., false positives) or both.
The final topic of this lecture is the key to all real security -- TRUST. No matter how advanced our
technology becomes, security still ultimately relies upon sufficient trust. We trust that our computers are
properly configured when they ship from Apple or Dell. We trust that our Internet providers are protecting
our transmissions confidentiality, integrity and availability. We trust that no criminal has a key to our
apartment. We trust that our web browser is actually connecting to the correct computer for the URL just
typed. Trust is essential.