Online personal notes.
狀況:適合的茶
posted by Sagittarius @ 10:03 AM
0 comments
Domain Security Models and Architecture
CPU
The CPU is made up of two parts: ALU and registers. There are two types of registers: dedicated and status. Dedicated registers are program counters that point to memory locations which hold the next instructions. Status registers hold state information.
Common Criteria works to answer two basic questions about products being evaluated: what the security mechanisms within the product do(functionality), and how sure are you of that(assurance)?
Bell-LaPadula model
A model that protects the confidentiality of the information within a system
Biba model
A model that protects the integrity of the information within a system
Clark-Wilson model
The invocation property is part of Biba security model and enforces integrity principles between subjects and objects. It ensures that subjects can only access objects through a program(access triple).
Subjects cannot acces objects directly, but rather through specified programs. This layer of protection enforces integrity. It ensures that subjects can only access objects through a program(access triple), enforces separation of duties, and requires auditing.
Brewer and Nash model
Also called the Chinese Wall model, was designed to establish access control mechanisms that can change dynamically. The system is intended to prevent conflicts of interest between users who are accessing the same system.
Trust Computer Security Evaluation Criteria(TCSEC) principles
TCSCE also know as the Orange Book, mainly addresses government and military requirements. It looks specifically at the operating system and not ohter issues like networking and databases. It focuses on confidentiality, not on integrity, availability, or authenticity.
Trusted Computing Base(TCB) is the hardware, software and firmware components that work together to implement the system security policy, creating a consistent, stable and secure environment for information processing.
The Orange Book(Trusted Computer System Evaluation Criteria- TCSEC) Secrity levels
B1 Labeled Security
B2 Structured Protection: Covert channel analysis is required for systems evaluated at levels B2 and above.
B3 Security Domains: Requires that the integrity of the reference monitor be checked to prove that is is small enough to be tested thoroughly and tamperproof.
C1 Descretionary Security Proctection
C2 Controlled Access Protection: Object reuse protection introduced.
Information Technology Security Evaluation Criteria(ITSEC)
Became official in 1995 as Europe's own standard for evaluating computing devices. Security is based on two principles: effectiveness and correctness.
Common Criteria
Five sections
Threats
Convert timing attacks manipulate system resources to access information obtained by another process.
Asynchronous attacks, time-of -check versus time-of use checks are the same and use timing based attack methods that take advantage of time intervals between legitimate activities that are vulnerable to subversion.
Buffer overflows send more information to the CPU than it can process, causing malicious code to execute.
Nonvolatile storage: sequential, real space, and virtual space. Real space is used to store instructions and data during computing. It is referred to as the computer's main storage area.
Zachman Framework for enterprise architecture
Security Modes of Operation
Dedicated Security Mode
All users have the clearance and formal need-to-know to all data processed within the system.
System-High Security Mode
All users have a security clearance or authorization to access the infromation but not necessarily a need-to-know for all the information processed on the system.
Compartmented Security Mode
All users have the clearance to access all the infromation processed by the system, but might not have the need-to-know and formal access approval.
Multilevel Security Mode
It permits tow or more classification level of information to be processed at the same time when all the users do not have the clearance or formal approval to access all the information being processed by the system.
A protection domain is also called a security domain or an execution domain. which system resources that are available to a subject.
posted by Sagittarius @ 4:36 PM
0 comments
Domain Access Control
Hybrid smart cards
A hybrid smart card has two chips embedded into a card's surface — one contact and one contactless — each with its own interface. This effectively doubles the functionality and security of every card issued.
Combi smart cards
Combi smart cards allow a single smart chip to securely interface with both contact and contactless readers. The Smart Card Alliance forecasts that the transportation and banking industries will adopt this technology first.
Characteristic of Kerberos
The user sends over his username to the authentication service(AS). The AS creates a ticket granting ticket(TGT), which is encrypted with the user's secret key. The TGT is used to communicate to the ticket that contains two instances of the same session key that is encrypted with the individual principals' secret keys. It is this second ticket that allows the two principals to obtain their session keys.
Secure Domain
A domain that is managed by the same group using the same security policy.
Attribute Valuse Pairs
are constructs that outline how cummunication will take place between cummunicationg entities. The more AVPs that are present in a protocol, the more functionality and capabilities that protocol has. Diameter has many more AVPs than RADIUS, which is why it can authenticate devices in many different ways and have more functionality through its peer to peer mode.
Kerberos
is made up of a KDC, a realm of principals(users, services, applications, devices), an authenticaion service, tickets, and a ticket granting service.
Access Control Models
Descretionary(DAC)
A system that uses discretionary access control(DAC) enables the owner of the resource to specify which subjects can access specific resources. This model is called discretionary because the control of access is based on the discretion of the owner. The system compares the subject's security token (permissions and rights) to the ACL on the resource. Data owners decide who has access to resources.
Mandatory(MAC)
The operating system makes the final decision and can override the data owner's wishes. The system makes access decisions by comparing the subject's clearance and need-to-know level to that of the security label. Access decisions are based on security labels.
Sensitivity Labels
When MAC is being used, every subject and object must have a sensitivity label, also called a security label.
Role-Based
Also called nondiscretionary access control, uses a centrally administrated set of controls to determine how subjects and objects interact. Access decisions are based on subject's role.
Type II error means that the system has authenticated a person who shuld not be allowed into the environment.
Type I error means that the system did not successfully authenticate someone who is authorized to access the environment.
Hybrid administration is a common access control method used today. It combines the centralized and decentralized approaches. Individual users may be able to dictate who can access their shares and local files, but the IT administration would control access to file servers, network printers, and network devices.
posted by Sagittarius @ 11:30 AM
0 comments
Domain Telecommunications and Networking Security
Proxy firewall - Circuit
State inspection firewall
Firewall Architecture Characteristics
Dual-homed
Screened host
Screened subnet
posted by Sagittarius @ 4:15 PM
0 comments
Domain Business Continuity Planning
The phases of a continuty plan
Maximun Tolerable Downtime(MTD)
Maximun elapsed time required to complete recovery of application data
The first step in planning disaster response procedure is identify a team.
An incremental backup takes longer to resotre than a differential and removes the archive attribute. A full backup removes the archive attribute and must be restored before an incremental or differential backup.
65 precent of businesses would fail if they were forced to shut down operations for a one-week time period.
Senior executives have key responsibilities within disaster recover:
Disk-Shadowing
A system that writes to two different disk for redundancy.
A disaster is defined as an event that affects a business for one day or longer.
posted by Sagittarius @ 10:52 AM
0 comments
Domain Crytography
Weaknesses:
Algorithms:
Weaknesses:
Algorithms:
Link encryption happens at lower layers and encrypts headers and trailers of the packet. It would be considered the more secured encryption method acorss a single link.
End-to-end encryption happens at higher layers and does not encrypt headers and trailers.
Public key Infrastructure(PKI)
is a hybrid system of symmetric and asymmetric key algorithms and methods.
Message Integrity
Digital Signature
is a hash value that has been encrypted with the sender's private key. Provides authentication(knowing who really sent the message), integrity(because a hashing algorithm is onvolved), and nonrepudiation(sender cannot deny sending the message). Accountability(?)
One-way hasing
Creates a fingerprint of the message so it can more easily identify and monitor the message to see if it has been altered. It takes a variable-length string(the message) and generates a fixed-length value(message digest). It provide integrity of a message.
Message Authentication Code(MAC)
A user would like to send a message and allow only one other person to verify the integrity of the message.
One-time pad
are basically stream ciphers considered impossible to break if implemented and maintained properly. A stream algorithm generates a keystream that is XORed to the plaintext. A one-time pad is made up of random values(just like a key stream), which is used to XOR to plaintext data.
Data Encryption Standard(DES)
Key size of 64 bits
(8 bits used for parity, resulting in an effective key length of 56 bits)->DEA
Replace by the Rijndael algorithm as the Advanced Encryption Standard(AES) BY NIST
How Does DES Work?
Electronic Code Book(ECB) Mode
This mode is usually used for small amounts of data like encrypting and protecting encryption keys. It is uese for challenge-response encryption operations and some key managements tasks. It is also used to encrypt personal identification number(PINs) in ATM machines for financial institutions.
Cypher Block Chaining(CBC) Mode
Ciphertext from the pervious block of data is used in encrypting the next block of data.
Advanced Encryption Standard(AES)
The AES was to be a symmetric block cypher algorithm supporting keys sizes of 128, 192, and 256 bits keys.
Rijndael was NIST's choice in replacing DES. It is a block cipher with a variable block length and key length.
Pretty Good Privacy (PGP)
It was the first widespread public key encryption program. It uses passphrases. The passphrase is used to encrypt the user's private key that is stored on her hard drive. PGP does not have a central leader, like a CA, certain standardized functionality is harder to accomplish. PGP is considered a cryptosystem. PGP is web of trust structure and using session key.
S-HTTP is a technology that protects each message that is sent between two computers.
HTTPS protects the communication channel between two computers, messages and all.
SSL works on transport layer. It protects a communication channel instead of individual messages. The client creates a session key and encrypts it with a public key and need PKI(CA).
Secure Electronic Transaction (SET) is a security technology proposed by Visa and MasterCard.
Cookie
Secure Shell (SSH) functions as a type of tunneling mechnism that provides terminal-like access to remote computers.
Internet Protocol Security(IPSec)
is a method of setting up a secure channel for protected data exchange between two divices. IPSec uses two basic security protocols: Authentication header(AH) and the Encapsulating Security Payload(ESP). It provide integrity and system authentication.
Transport mode:
Where the payload of message is protected.
Tunnel mode:
Where the payload and the routing and header information is also protected.
Zero knowledge proof means that someone can tell you something without telling you more information than you need to know. In cryptography it means to prove that you have a specific key without sharing that key or showing it to anyone.
Concealment ciphers disguise messages within the text or body of a message, such as using every other word in a sentence to form a different message.
posted by Sagittarius @ 11:55 PM
0 comments
Domain Operations Security
Due dilligence is going through the necessary steps to know what a company or individual's actural risks are.
Due care is carrying out responsible actions to reduce those risks.
A user should have a need-to-know to access particular resources; least privilege should be implemented to ensure she only accesses the resources she has a need-to-know.
Three primary types of recovery procedures for computers:
1. System reboot - Restarts in a controlled manner.
2. Emergency reboot - Restarts when normal procedures cannot be initiated.
3. System cold start - User administered-restart due to the system being unable to properly recover.
Fingerprinting
Network mapping tools perform fingerprinting functions within networks. The responses received from ping commands and port scans can help provide useful information to the requestor, such as clarifying what type of device it is connected to. The attacker can also learn about what operating system software and applications are running.
Port scanning is used by attackers to identify open ports in a victim's network
Configuration management is a process to control the changes that take place while a system or application is being developed. This control takes place throughout the life time of the system or application, so any changes to it in production also fall under configuration management. Configuration management does not ensure that changes take place, but controls the changes to make sure they are carried out properly.
Change management policy
1. Request a change
2. Approve a change
3. Document a change
4. Test a change
5. Implement a change
6. Report a change to management
Deviation from standards
Performing at a different level than the standard set baseline of security and functionality
Juggernaut and Hunt are two programs used to accomplish session hijacking.
Authorization creep violates both the least privilege and need-to-know concepts.
Slamming is when a user's telephone service provider has been chnaged without that user's consent.
Cramming is adding on charges that are bogus in nature that the user did not request or receive.
The basic features and architecture of a system are the focus of operational assurance.
Tursted recovery refers to the right procedures following a system failure and can be classified as either a system reboot, emergency system restart, or a cold start. Trusted recovery is carried out so that even if a system fails for one reason or another, it is not put into an insecure state.
posted by Sagittarius @ 11:44 PM
0 comments
Domain Physical Security
Fire type
Portable extinguishers should be placed within 50 feet of electrical equipment and be inspected quarterly.
Perimeter intrusion and detection assessment sytems(PIDAS) consist of boundary fencing with motion detectors.
Seismic system is sensitive to sounds and vibrations and detects the changes in the noise level of an area it is placed within.
Somke-activated detectors use photoelectric optical detectors to detect changes in light intensity.
A passive infrared system measures any changes in heat waves for a specified area.
Lighting is an important part of physical security.
posted by Sagittarius @ 7:05 PM
0 comments
Confidentiality deals with Disclosure
Integrity deals with Modification, Alteration
Availability deals with Destruction
Core Prinicples of Security
1. Principle of Least Privelege
2. Know thy system
3. Prevention is Ideal, Detection is must
4. Defense in depth.
Principle of Least Privelege ==> Seperation of Duty ==> Job Rotation
Trusted Computing Base
Security Kernel implements Reference Monitor rules. Security Kernel comprises of the hardware, software, and firmware. Reference Monitor check all access. Reference Monitor holds all.
TCSEC was developed by DoD
ITSEC was developed by Europe
Control Types
- Policies, standards, guidelines, personnel screening, and security awareness training are Directive Controls
- Firewall, encryptio, identification, and authentication are Preventive Controls
- Log review, auditing, and integrity checkers are Detective Controls
- Instruction Manuals and audit trails are Corrective Controls
Law and Ethics
HIPAA : Regulatory Law : Deals with Medical : aka Kennedy-Kassebaum Act
GLBA : Regulatory Law : Deals with Finance : aka Financial Modernization Act
FOIA : Freedom of Information Act makes federal information readily available to public.
DMCA : Digital Millennium Copyright Act brings US into complaince with Article 20 of Berne Convention
CFAA Computer Fraud and Abuse Act is the "root" law - criminalizes an attack on any computer connected to the internet.
U.S. National Information Infrstructure Protection Act of 1996 is an ammendment to U.S. Computer Fraud and Privacy Act of 1986 and addresses CIA.
Evidence Life Cycle comprises of the following:
1. Collection and identification.
2. Storage, preservation, and transporation
3. Presentation in the court
4. Return to victim or owner
Trade Secret is the most appropriate protection level granted to proprietary source code.
Copyright is used to protect expression of ideas.
Civil Law aka Tort Law requires preponderance of evidence.
The Foreign Corrupt Practices Act voilations are investigated by SEC
The Economic Espionage and Protection of Proprietary Economic Information Act of 1996 voilations are investigated by FBI
posted by Sagittarius @ 6:48 PM
0 comments
1. 在股票上漲時買進股票
1.分析大盤漲跌驅勢
2.訂立3比1的獲利或停損計劃
3.在最佳時機買進最棒的股票
4.及時出脫持股落袋為安
5.管理最佳投資組合
posted by Sagittarius @ 11:28 PM
0 comments
每年一度的電腦大拜拜,大家都人手一台照相機拍Show girl。這幾年電腦show的重點不外乎是mp3 player, notebook, digital camera, LCD monitor, smart phone, 沒什麼特別。反到是digital camera的盛行,沒有洗照片的花費,降低拍照的門檻。 這是在三館用Olympus Mju II和Fujifilm Superia X-tra 400拍的。台下一大堆人拿dslr,有人自帶小椅子取得高點拍照的位置,真是奇觀。
posted by Sagittarius @ 1:18 PM
0 comments
這是Olympus出的傻瓜相機,輕巧、方便又便宜。由於現在大家流行數位相機,所以你可以用便宜的價格買到這些仍用底片的相機。
Mju II 的優點是定焦大光圈,加上底片銀鹽的品質還是比數位的image好太多;缺點是要買底片和沖掃底片,花費較貴,並且無法隨拍隨看。
1997 Debut
Aperture f2.8-f11
Shutter speed 4 Sec-1/1000 Sec
108mm×59mm×43mm
140g
posted by Sagittarius @ 7:19 PM
0 comments
Peninsula Hotel
posted by Sagittarius @ 2:27 PM
0 comments
IT risk and goverance professional. CISA, CISSP, PMP, ISO 20000 and ISO 27001 auditor.
