Principles Of Information Security
Summary
Firsts from Computing Pioneers
- First vision for a network of computers
- JCR Licklider, 1963
- First computer to computer communication
- “The day the infant internet uttered its first words”, 1969
- First e-mail
- Ray Tomlinson, 1971
Terminologies
When to release info?
- Privacy
- Individual right to relase information that they own
- Security
- How do systems respect user’s privacy
- Protection
- Authentication
- How do systems respect user’s privacy
Comprehensive set of security concerns
- Unauthorized information release
- Unauthorized information modification
- Unauthorized denial of use
- First mention of DOS attacks
Goal of Secure System
- “Prevent all violations”
- Negative statement
- Like saying “My code has no bugs”
- At best, false sense of security
Levels of Protection
- Unprotected
- MSDOS
- All or Nothing
- IBM’s VM-370
- Most time-sharing systems
- Controlled Sharing
- ACLs for files
- User Programmed Sharing Controls
- Unix-like semantics for files
- Strings on Info
- “Top Secret”
- Need to deal with dynamics of use
Design Principles
- Economy of Mechanisms
- easy to verify
- Fail-safe Defaults
- Explicitly allow access
- Default should not be no access
- Explicitly allow access
- Complete Mediation
- Don’t take shortcuts
- Caching password is a bad idea
- Open Design
- publish design
- protect keys
- Separation of Privilege
- two keys to open vault
- Least Privilege
- “need to know” based controls
- Least Common Mechanism
- library vs in-kernel
- Psychological Acceptability
- good UX