Tweet
Tweet

Slide 1

Slide 1 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and Trust I: 1. Introduction Dusko Pavlovic UHM ICS 355 Fall 2014

Slide 2

Slide 2 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Outline Announcements What is security? Structure of the course

Slide 3

Slide 3 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Outline Announcements What is security? Structure of the course

Slide 4

Slide 4 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Contacts ◮ Dusko Pavlovic ◮ email: [email protected] ◮ office: 311B ◮ hours: TW 4:30pm, F 9am

Slide 5

Slide 5 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Contacts ◮ Depeng Li ◮ email: [email protected] ◮ office: 314D

Slide 6

Slide 6 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Contacts ◮ Nancy Mogire ◮ email: [email protected] ◮ office: 311A ◮ hours: TW 4:30pm, F 9am

Slide 7

Slide 7 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Credits 3 ◮ class participation and presentations: 25% ◮ 3 homework assignments: 25% ◮ midterm exam: 25% ◮ final exam: 25%

Slide 8

Slide 8 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Course web page asecolab.org/courses/ICS355/

Slide 9

Slide 9 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Readings ◮ Dorothy Denning, Cryptography and Data Security Chapters 4–5. Addison-Wesley 1983 ◮ Dieter Gollmann, Computer Security not Part Three. Wiley 2011 ◮ Matt Bishop, Computer Security: Art and Science Parts 1–3. Addison-Wesley 2005

Slide 10

Slide 10 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course What shall we study? ◮ What do you expect from the course?

Slide 11

Slide 11 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course What shall we study? ◮ What do you expect from the course? ◮ Why security?

Slide 12

Slide 12 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course We study Computer Science . . . in modern CS security is the main problem Paradigm shifts in computation

Slide 13

Slide 13 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course What shall we study? ◮ What is security?

Slide 14

Slide 14 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Outline Announcements What is security? Security requirements Security types and properties Security, networks and protocols Honesty and trust Security and Privacy Phases and implementations of security Security is a process Structure of the course

Slide 15

Slide 15 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home The Flintstone family owned a cave house.

Slide 16

Slide 16 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home Their house was lively and functional.

Slide 17

Slide 17 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home For safety from the storms

Slide 18

Slide 18 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home For safety from the storms the house had a door.

Slide 19

Slide 19 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home For security from the thieves

Slide 20

Slide 20 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home For security from the thieves the door had a lock, and the house had a fence

Slide 21

Slide 21 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Home sweet home For security from the thieves the door had a lock, and the house had a fence and the security experts patrolled in the neighborhood.

Slide 22

Slide 22 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What do you require for a good life?

Slide 23

Slide 23 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What does a software system require?

Slide 24

Slide 24 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What does a software system require? Requirements Good things should happen Bad things should not happen Liveness Security functions no accidents no attacks Safety

Slide 25

Slide 25 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What does a software system require?

Slide 26

Slide 26 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Liveness vs Safety vs Security Liveness: A dwelling to perform the functions of life.

Slide 27

Slide 27 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Liveness vs Safety vs Security Safety: A door for protection from natural hazards.

Slide 28

Slide 28 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Liveness vs Safety vs Security Security: A lock for protection from intentional intruders.

Slide 29

Slide 29 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Liveness vs Safety vs Security ◮ car liveness (functionality): driving ◮ car safety: no accidents ◮ car security: no theft

Slide 30

Slide 30 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Liveness vs Safety vs Security ◮ car liveness (functionality): driving engine ◮ car safety: no accidents brakes ◮ car security: no theft locks

Slide 31

Slide 31 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Logical form of security requirements On a mountain ◮ positive requirements: reach the peak liveness: climb up the mountain ◮ negative requirements: do not fall safety: do not slip on ice security: do not let someone push you

Slide 32

Slide 32 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Logical form of security requirements In a crypto system ◮ positive requirements: encryption and decryption liveness: D(k , E(k , m)) = m ◮ negative requirements: only decryption with key safety: no bugs in the implementation security: if A(E(k , m)) = m then A(y) = D(k , y)

Slide 33

Slide 33 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Logical form of security requirements On the airport ◮ positive requirements: route the traffic liveness: board passengers to and from planes ◮ negative requirements: only route the traffic safety: do not leave the floor slippery security: prevent theft and terrorism

Slide 34

Slide 34 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Logical form of security requirements In a kitchen ◮ positive requirements: food liveness: prepare and eat food ◮ negative requirements: only good food safety: do not bite your tongue or swallow a fork security: resist malicious advertising and food baiting

Slide 35

Slide 35 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Logical form of security requirements So there is always the same pattern ◮ positive requirements: . . . (something you need) liveness: . . . (what you do to get it) ◮ negative requirements: . . . (avoid trouble) safety: . . . (natural hazards) security: . . . (intentional attacks)

Slide 36

Slide 36 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Logical form of security requirements This pattern is everywhere ◮ Almost anything can become a security problem ◮ Is there any system to it? ◮ What types of security problems are there? ◮ What types of security solutions?

Slide 37

Slide 37 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What do we secure and how? Security tasks and tools fall into the same types ◮ data and information: what you know ◮ objects and resources: what you have ◮ subjects and self/(id)entity: what you are

Slide 38

Slide 38 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What do we secure and how? Security tasks and tools fall into the same types ◮ data and information: what you know ◮ can copy ◮ can give away ◮ (and then still know: password, digital key. . . ) ◮ objects and resources: what you have ◮ cannot copy ◮ can give away ◮ (but not have any more: smartcard, physical key. . . ) ◮ subjects and self/(id)entity: what you are ◮ cannot copy ◮ cannot give away ◮ (you always are yourself: fingerprint, handwriting. . . )

Slide 39

Slide 39 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Three types of security tasks Security Resource security Data security what you have what you know Self security what you are

Slide 40

Slide 40 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Our data and resources are secured together Security Resource security Data security what you have what you know good things good things bad things bad things secrecy confidentiality authenticity integrity authority availability

Slide 41

Slide 41 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Our selves are secured separately Security Self security what you are good things bad things health medicine

Slide 42

Slide 42 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Remaining questions ◮ What is privacy? ◮ How is it related with security?

Slide 43

Slide 43 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Remaining questions ◮ What is privacy? ◮ How is it related with security? ◮ What is trust? ◮ How is it related with security?

Slide 44

Slide 44 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Remaining answers ◮ To answer these questions, we need to take a closer look at the security processes

Slide 45

Slide 45 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Remaining answers ◮ To answer these questions, we need to take a closer look at the security processes ◮ What kind of a process is security?

Slide 46

Slide 46 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Remaining answers ◮ To answer these questions, we need to take a closer look at the security processes ◮ What kind of a process is security? ◮ What is its space and time?

Slide 47

Slide 47 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Map of London A view of space inhabited by people

Slide 48

Slide 48 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Map of London Tube stations Display some type of interactions, abstract away the irrelevant details

Slide 49

Slide 49 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Network of London Tube Abstract space of interactions

Slide 50

Slide 50 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What is a network? Network is an abstraction of space consisting of ◮ nodes: all local actions are at the nodes ◮ (You can only enter or exit a train at stations nodes.) ◮ links: all non-local interactions are along the links ◮ (The trains only move along the rails links.)

Slide 51

Slide 51 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course What is a protocol? protocol network = program computer

Slide 52

Slide 52 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Roles and actors Protocol assigns roles to computational actors: Alice, Bob,. . .

Slide 53

Slide 53 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Honesty ◮ An actor Bob is honest if he acts according to a given protocol

Slide 54

Slide 54 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Trust ◮ Trust is Alice’s belief that Bob is honest ◮ i.e. that he will act according to a specified protocol

Slide 55

Slide 55 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Trust Examples ◮ shopping: Bob will deliver goods ◮ marketing: Bob will pay for goods ◮ access control: Bob will not abuse resources ◮ key infrastructure: Bob’s keys are not compromised

Slide 56

Slide 56 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Trust Examples ◮ shopping: Bob will deliver goods ◮ marketing: Bob will pay for goods ◮ access control: Bob will not abuse resources ◮ key infrastructure: Bob’s keys are not compromised ◮ Prisoners’ Dilemma: Bob will not defect ◮ Centipede game: . . . ◮ . . . social cooperation is possible

Slide 57

Slide 57 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Privacy Privacy is the right to be left alone (with all your possessions) Warren and Brandeis Harvard Law Review 1890

Slide 58

Slide 58 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Security vs Privacy ◮ Security is the requirement to be protected from dishonest attackers and intruders ◮ thieves, enemies, spies. . . ◮ breaking protocols ◮ — but rational, predictable ◮ Privacy is the right to be protected from honest participants ◮ government, merchants, parents, friends. . . ◮ expected to obey some explicit or implicit protocols ◮ — but curious, sometimes unreliable

Slide 59

Slide 59 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Security and privacy implementations Three phases of security ◮ prevention: security properties cannot be breached ◮ firewalls, cryptography ◮ detection: security breaches are detected ◮ intrusion detection, digital forensics ◮ deterrence: recovery, penalties, incentives ◮ legal measures (RIAA, MPAA), economics of security (cost of an attack must be higher than the expected profit of success)

Slide 60

Slide 60 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Security and privacy implementations Three phases of security ◮ prevention: security properties cannot be breached ◮ firewalls, cryptography ◮ detection: security breaches are detected ◮ intrusion detection, digital forensics ◮ deterrence: recovery, penalties, incentives ◮ legal measures (RIAA, MPAA), economics of security (cost of an attack must be higher than the expected profit of success) Security implementations are specified as policies

Slide 61

Slide 61 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Warning about terminology ◮ Security is many things to many people ◮ software engineer, government, school, beehive. . . ◮ Security terms and concepts vary from context to context ◮ Different purposes justify different concepts ◮ We fix the glossary for the purposes of this course ◮ The other usages are not less, or more correct ◮ They may be less useful, or more useful

Slide 62

Slide 62 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Warning about security ◮ Security is a process

Slide 63

Slide 63 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Warning about security ◮ Security is a process ◮ All systems become insecure eventually

Slide 64

Slide 64 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Process of Science If we have a definite theory, from which we can compute the consequences which can be compared with experiment, then in principle we can prove that theory wrong.

Slide 65

Slide 65 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Process of Science . . . But notice that we can never prove it right. Suppose that you invent a theory, calculate the consequences, and discover every time that the consequences agree with the experiment. The theory is then right? No, it is simply not proved wrong. In the future you could compute a wider range of consequences, there could be a wider range of experiments, and you might then discover that the thing is wrong.

Slide 66

Slide 66 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Process of Science That is why laws like Newton’s laws for motion of planets last such a long time. He guessed the law of gravitation, and it took several hundred years before the slight error in the motion of Mercury was observed. During all that time, the theory had not been proven wrong, and could be taken temporarily to be right.

Slide 67

Slide 67 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Process of Science We never are definitely right; we can only be sure when we are wrong. Richard Feynman Lectures on the Character of Physical Law

Slide 68

Slide 68 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course The best kept secret of Science ◮ Science does not provide persistent laws ◮ Science only provides methods to improve theories

Slide 69

Slide 69 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Religion Religion says: This is the truth about the world. ◮ You can rely upon it.

Slide 70

Slide 70 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Religion, Art Religion says: This is the truth about the world. ◮ You can rely upon it. Art says: This is a story about the world. ◮ You can relax and play with it.

Slide 71

Slide 71 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Religion, Art, and Science Religion says: This is the truth about the world. ◮ You can rely upon it. Art says: This is a story about the world. ◮ You can relax and play with it. Science says: This a theory about the world. ◮ You shouldn’t rely upon it too much. ◮ You shouldn’t relax, but work to improve it.

Slide 72

Slide 72 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Upshot Process of Science Theory Counter-evidence empiric testing inductive inference Science never settles on a theory. It loops through theories and counter-evidence forever.

Slide 73

Slide 73 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Upshot Security is like science: it never settles

Slide 74

Slide 74 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course "Richard Feynman on Security" If we have a precisely defined security claim about a system, from which we can derive the consequences which can be tested, then in principle we can prove that the system is insecure.

Slide 75

Slide 75 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course "Richard Feynman on Security" . . . But we can never prove that it is secure. Suppose that you design a system, calculate some security claims, and discover every time that the system remains secure under all tests. The system is then secure? No, it is simply not proved insecure. In the future you could refine the security model, there could be a wider range of tests and attacks, and you might then discover that the thing is insecure.

Slide 76

Slide 76 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course "Richard Feynman on Security" We never are definitely secure; we can only be sure when we are insecure.

Slide 77

Slide 77 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Requirements Types Where? Trust Privacy Implementations Process Course Upshot Process of Security Security Attack test design Security never settles. Every security claim has a lifetime.

Slide 78

Slide 78 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Outline Announcements What is security? Structure of the course Security and Computer Science Structure of the course

Slide 79

Slide 79 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Software engineering Program dependability ◮ safety: "bad things (actions) don’t happen" ◮ liveness: "good things (actions) do happen"

Slide 80

Slide 80 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Software engineering Program dependability ◮ safety: "bad things (actions) don’t happen" ◮ liveness: "good things (actions) do happen" In sequential computation ◮ all first order constraints are dependability properties

Slide 81

Slide 81 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Security engineering: Systems Resource security (access control) ◮ authorization: "bad resource calls don’t happen" ◮ availability: "good resource calls do happen" In an operating or a computer system ◮ all resource constraints are security properties

Slide 82

Slide 82 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Security engineering: Systems Information security ◮ secrecy: "bad information flows don’t happen" ◮ authenticity: "good information flows do happen" In network computation ◮ all information flow constraints are security properties

Slide 83

Slide 83 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Security engineering: Networks Social choice (voting) and market economy ◮ neutrality: "bad data aggregations don’t happen" ◮ fairness: "good data aggregations do happen" In social data processing ◮ all aggregation constraints are security properties

Slide 84

Slide 84 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Security vs dependability processing dependability security System centralized distributed observations global local Environment neutral adversarial threats accidents attacks

Slide 85

Slide 85 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Some terminology Information security ◮ secrecy: "bad information flows don’t happen" ◮ authenticity: "good information flows do happen" In network computation ◮ all information flow constraints are security properties

Slide 86

Slide 86 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure We could also say Information security ◮ confidentiality: "bad information flows don’t . . . " ◮ integrity: "good information flows do. . . " Although not synonymous ◮ secrecy, and confidentiality ◮ authenticity and integrity are used interchangeably

Slide 87

Slide 87 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Security speak (overheard at a security conference) Speaker: Isn’t it terrifying that on the Internet we have no privacy? Charlie: You mean confidentiality. Get your terms straight. Radia: Why do security types insist on inventing their own language? Mike: It’s a denial-of-service attack. Charlie: You mean chosen cyphertext attack. . .

Slide 88

Slide 88 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Variants (a possible assignment of meanings) Bad information flows ◮ secret information: disclosure prevented ◮ e.g., by cryptography ◮ private information: disclosure when authorized ◮ information privately owned ◮ confidential information: disclosure restricted ◮ penalized when detected

Slide 89

Slide 89 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Variants (a possible assignment of meanings) Bad information flows about resources ◮ secret funds: it is secret that they exist ◮ secret ceremony, secret lover. . . ◮ confidential report: some details confidential ◮ content can be disclosed, but not the source ◮ private funds: access restricted by protocol ◮ private ceremony, private resort. . .

Slide 90

Slide 90 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Variants (a possible assignment of meanings) Good information flows ◮ authenticity of a painting, of a letter, of testimony ◮ the source of the message is who it says it is ◮ integrity of evidence, of a person ◮ the content of the message not been altered, tampered with, compromised

Slide 91

Slide 91 text

ICS 355: Introduction Dusko Pavlovic Announcements What is security? Course Security and CS Structure Structure of the course ◮ Resource security ◮ Access control ◮ Security models ◮ Channel security ◮ Machines and channels ◮ Shared machines and covert channels ◮ Information flow security ◮ Privacy and trust