CISSP - Domain 3 - Security Engineering

Domain 3
Security Engineering
Subramaniam Sankaran
Note
• This presentation has been prepared by
Subramaniam Sankaran, for his CISSP program
delivery.
• Please do share this material as required.
• You can reach him on
[email protected]
CISSP - Domain 3 - Security Engineering

Enterprise Security Architecture
• Simple and long term view of controls
• Provides unified vision of common security
control
• Leverage on existing technology investments
• Flexible approach towards current and future
threats and also need for core functions.

Common Security Services
• Boundary Control Service
• Access Control Service
• Integrity Service
• Cryptographic Service
• Audit and Monitoring Service

Enterprise Security Architecture
• Zachmans
• TOGAF
• ITIL
• ISO27002
• SABSA

Security Framework
• A security program, where in people, process,
procedure, guidelines, standards work in
harmony to achieve ‘CIA’.
• It is a layered protection. Every layer must
provide protection and support for adjacent
layers.
• As these programs are frame work they can be
easily tailored to technology specific
implementation.
Popular Frameworks
• BS7799 – BSI. Follow, Plan-Do-Check-Act
(Deming's cycle)
• Security Enterprise Architecture
Development. (SABSA)
• TOGAF, DoDAF (US Military) and MODAF
(British Military).

Zachman Architecture Framework
• 2D Matrix of what,when, where, how, why
and who intersecting with view points (Owner,
planner, designer, builder, implementer and
worker).
• One of the first models
• By John Zachman.

The Open Group architecture Framework
TOGAF
• TOGAF – Business, Data, Application and
Technology architectures.
• Architecture development model. Each unit’s
ADM constitutes for overall protection.
• ADM, Can also be expanded to involve two or
more inter related groups.

Sherwood Applied Business Security
Architecture
• SABSA
• Similar to Zachman model
• 2D matrix of (assets, motivation, process,
people, location and time) with (contextual,
conceptual, physical, logical, operational and
component).

Security Controls
• Control Objective for Information and Related
Technology (CobiT). ISACA and ITGI.
– Plan and organize
– Acquire and Implement.
– Deliver and Support
– Monitor and Evaluate

Security Models
• Determine the way in which the information
flow can be restricted

Security Model
• State Machine Model
– Based on states of the system
– Initial state of the system must be fixed securely.
– Every transition to an other state must be ensured
for secure transition.
– The secure system state must be ensured at all
times, including failing over to secured state.

Security Model
• Multilevel lattice Model
– A multilevel security model describes strict layers
of subjects and objects and defines clear rules that
allow or disallow interactions between them
based on the layers they are in.
– These are often described using lattices, or
discrete layers with minimal or no interfaces
between them.

Security Model
• Non Interference Model
– Considered a type of multilevel model with a high
degree of strictness, severely limiting any higher-
classified information from being shared with
lower-privileged subjects even when higher-
privileged subjects are using the system at the
same time.

Security Model
• Matrix Based Model
– While lattice-based models tend to treat similar
subjects and objects with similar restrictions,
matrix-based models focus on one-to-one
relationships between subjects and objects.
– The best known example is the organization of
subjects and objects into an access control matrix.

Security Models
• Information Flow Model
– While most models are concerned with subject-to-
object relationships, information flow models
focus on how information is allowed or not
allowed between individual objects.
– Information flow models are used to determine if
information is being properly protected
throughout a given process.

Security Model
• Bell-LaPadula Model
– One of the most secure models
– Based on Subject to Object matrix
• Simple Security Axiom – Subject at a certain security level cannot
read data at higher Security level
• *property Axiom – Subject at certain security level cannot write to
lower security level
• Strong star property Axiom – subject has read/write capabilities
can perform those function at same level, nothing higher and
nothing lower.
– Addresses confidentiality and not integrity.
– Information flow Model
Security Model
• Biba Model
– Use lattice of integrity level
– Reverses the rules of Bell-LaPadula model
• The Simple Integrity Axiom states that a subject at a given level of
integrity must not read an object at a lower integrity level (no
read down).
• The * (star) Integrity Axiom states that a subject at a given level
of integrity must not write to any object at a higher level of
integrity (no write up).
• Invocation property – Subject cannot invoke service of higher
integrity
– Information flow Model
Clark Wilson Model
• Works on
– Users
– Transformation procedures
– Constrained data item
– Unconstrained data item
– Integrity verification procedure
• Well formed transactions must be carried out to transform
one data from one state to an other state.
• Separation of duties as a part of TP can be implemented.
• Integrity Verification Procedure (IVP) ensures integrity is
maintained for all transaction.

Brewer and Nash Model
• Chinese Wall Model
• Must prevent information flow between
subject and object that would cause conflict of
interest.
• If presented portal of information, the subject
accessing one object will automatically
prevent subject from accessing competitors
object.

Graham Denning
• Deals with how objects are created and
deleted.
• How ownership if objects managed
• How access rights are managed.

Graham Denning 8 basic protection rules
• How to securely create an object.

• How to securely create a subject.
• How to securely delete an object.
• How to securely delete a subject.
• How to securely provide the read access right.
• How to securely provide the grant access right.
• How to securely provide the delete access right.
• How to securely provide the transfer access right.

System Architecture

Computer System Architecture
• Brain of the computer.
• Temporary storage location called ‘register ‘ holds the
addresses of instructions to be executed next to
improve performance.
• ALU, is considered brain of CPU, performs mathematical
and logical functions on the data.
• Control Unit, controls the execution of instructions,
fulcrum of Multi threading and time slicing.
• Intermediate Access store, holds data and program
need at that instance by control unit
Processor
Four main tasks of a simple processor
• FDES Cycle
– Fetching
• Fetching the data and instructions from man memory and store them at temporary areas
called Registers.
• CPU places the next instructions to execute in Address bus.
• The data in that ‘next’ address then moves to CPU register on data bus.
– Decoding
• Understand the instruction thus fetched.
• The commands that the CPU can understand is called instruction set
– Executing
• The data ad instructions thus fetched are executed for operations based on commands.
– Storing
• The output of the previous step if then stored in another register.
• By this time CPU starts fetching the next instruction to execute.

Control Unit
• Controls and monitors the hardware attached
to it and ensures instructions given to it are
used.
• Controls the input and output of the data, and
ensures signals go to right place at right time.
• Controls FDES cycle or F-E cycle

Intermediate Access Store
• Holds data and instructions needed by CPU at
that instant.
• CPU reads data and instructions from
secondary storage like hard disk and keep
them temporarily in ALU.
• When data and instruction is loaded on to the
main memory, the CPU fetches the part of it
for executing using FDES cycle.

Registers
• General registers – Holds variables and temporary execution steps of
ALU.
• Special Registers
– program counter
• memory address of next instructions to be fetched.
– stack pointer
• A stack pointer is a small register that stores the address of the last program request in a
stack.
• A stack is a specialized buffer which stores data from the top down.
• As new requests come in, they "push down" the older ones. The most recently entered
request always resides at the top of the stack, and the program always takes requests
from the top.
– program status word
• User mode
• Privileged mode (Kernel Mode)

Types of systems
• Multitasking
– One task running whilst other wait
– Multiprogramming
– Time sharing
• Multiprocessing
– Two or more CPU’s within the system
• Multithreading
– Threads
– Reference monitor
– Quantum
– Scheduling

Storage
• Primary
– Memory, cache or registers.
– Near to CPU
– Faster than secondary
– Eg – RAM, ROM, SDRAM
• Secondary
– Slower
– But permanent retention
• Virtual Memory
– Paging
– Reduces performance
• Firmware
– Stores microcode for devices.
– EEPROM

How I/O devices work?
• The device drivers for each I/O will be
allocated a address in memory location.
• This address of memory location is the same
as execution of current program.
• Every I/O request will make CPU to look out
for instructions to processes any requests
related to that I/O in the same address range
of program or user.

Operating system
• Software that controls operation of computer
the moment it is turned on or booted.
• System Kernel is the code of OS providing
access to system resources including hardware
and processes.
• Kernel Portion interacts with hardware.
• Kernel receives request from other programs
and fulfills the request upon validation.

Capability based security
• Reference object along with access rights, like set of
access rights whilst opening a file for reading or
writing for executing.
• Object themselves have references on access. Means
a read only file cannot be opened for writing.
• Based on principle of least privileges. Means if the
file it self is marked for read, write and execute, the
reference can be made to the file for reading, though
writing is also allowed.

Hierarchical protection domains
• Protection rings.
• Computer operating systems provide different levels of access to
resources.
• A protection ring is one of two or more hierarchical levels or layers of
privilege within the architecture of a computer system.
• This is generally hardware-enforced by some CPU architectures that
provide different CPU modes at the hardware or microcode level.
• Rings are arranged in a hierarchy from most privileged (most trusted,
usually numbered zero) to least privileged (least trusted, usually with the
highest ring number).
• On most operating systems, Ring 0 is the level with the most privileges
and interacts most directly with the physical hardware such as the CPU
and memory.

Protection rings

Security Modes of Operation

Notes
• Security modes refer to information systems security
modes of operations used in mandatory access control
(MAC) systems. Often, these systems contain information
at various levels of security classification.
• The mode of operation is determined by:
– The type of users who will be directly or indirectly accessing
the system.
– The type of data, including classification levels, compartments,
and categories, that are processed on the system.
– The type of levels of users, their need to know, and formal
access approvals that the users will have.

Non Disclosure agreement
• The is a contractual obligation between two or more
parties that outlines confidential materials, knowledge
or information that parties wish to share with one and
another but ensures restricted to the parties involved
and not be access by any other third parties.
• It could be between organizations, individuals, or
between individual and organizations.
• Types
– Unilateral NDA, one party binds the other one
– Bilateral NDA, mutual binding

Need to Know
• Irrespective of an individual has all approvals
to access information, he will let to know only
if he has to know the information.
• Aim is to prevent information leakage without
legitimate access.

Security Modes of operations
• Dedicated Security Mode
– Signed NDA for ALL information on the system.
– Proper clearance for ALL information on the
system.
– Formal access approval for ALL information on the
system.
– A valid need to know for ALL information on the
system.

• System high Security mode
system.
– Formal access approval for ALL information on the
system.
– A valid need to know for SOME information on the
system.

• Compartmented Security Mode
system.
– Formal access approval for SOME information they
will access on the system.
system.

Security Modes of Operations
• Multilevel security mode
– Proper clearance for SOME information on the
system.
– Formal access approval for SOME information on
the system.
system.

Summary
Modes Signed NDA for Proper Formal access A valid need to
clearance for approval for know for
ALL ALL ALL ALL
Dedicated information on information on information on information on
security mode
the system. the system. the system. the system.
System high ALL ALL ALL SOME
information on information on information on information on
security mode the system the system the system the system
Compartmente ALL ALL SOME SOME
d security information on information on information on information on
mode the system the system the system the system
ALL SOME SOME SOME
Multilevel
security mode information on information on information on information on
the system the system the system the system

Criteria

Trust and Assurance
• Trust give you a confidence that the system is
protected.
• Assurance carries a rating and provides
assurance after thorough testing.
• It is like knowing what are the protections in
place and how the product was built
considering the protection.

Trusted Computer System Evaluation Criteria
TCSEC
(The Orange Book)
• National Computer Security Centre (NCSC)

within NSA is responsible for evaluating
software's ad systems.
• Trusted product evaluation program evaluated
every product and provides a rating.
• Ever vendor who needs have their product
evaluated submits to NCSC for evaluation that is
published and determines when users are
Functional Requirement
• DAC
– identifies an access control mechanism that allows for controlled sharing of names, objects by names, individuals,
and/or groups. The requirements also address propagation of access rights, granularity of control, and access
control lists.
• MAC
– embodies the simple security condition and the *-property from the Bell-LaPadula security model. MAC is not
required until B1.
• Object Reuse
– addresses the threat of an attacker gathering information from reusable objects such as memory or disk memory.
This also includes the revocation of access rights from a previous owner when the reusable object is released and
the inability of a new user to read the previous contents of that reusable object.
• Label
– enables the enforcement of MAC. This also is not required until B1. Both subjects and objects have labels. Other
issues address the accurate representation of classifications and clearances, exporting of labeled information, and
labeling of human readable output and devices.
• Identification and Authentication (I&A)
– specifies that a user identify herself to the system and that the system authenticate that identity before allowing
the user to use the system. It also addresses the granularity of the authentication data, protecting authentication
data, and the associating identity with auditable actions.
• Trusted Path
– provides a communication path that is guaranteed to be between the user and the TCB. This is not required until
B2.
• Audit
– addresses the existence of an audit mechanism as well as protection of the audit data. This define what audit
Assurance requirement
• Configuration Management
– begins at B2 and increases for higher levels. This requirement addresses the identification of
configuration items, consistent mappings among all documentation and code, and tools for
generating the TCB.
• Trusted Distribution
– addresses the integrity of the mapping between masters and on-site versions of the software as
well as acceptance procedures for the customer. This is unique to level A1.
• System Architecture
– mandates modularity, minimization of complexity, and other techniques for keeping the TCB as
small and simple as possible. At level B3 the TCB must be a full reference validation mechanism.
• Design Specification and Verification
– addresses a large number of individual requirements, which vary among the evaluation classes.
• Testing
– addresses conformance with claims, resistance to penetration and correction of flaws followed by
retesting. A requirement to search for covert channels includes the use of formal methods at
higher evaluation levels.
• Product Documentation
– is divided into a Security Features User’s Guide and an administrator guide called a Trusted
Facility Manual. Internal documentation includes
CISSP - Domain design
3 - Security and test documentation.
Engineering
TCSEC – Fundamental Objectives and
requirements
• Policy
– Mandatory security policy
• Based on subjects clearance, need to know and
confidentiality of information being sought.
– Marking
• Enforce mandatory security policy must store and preserve
access control labels even if the object is exported.
– Discretionary security policy
• Enforces consistent set of rules for controlling and limiting
access based on identified individuals and need to know
principles.

requirements
• Accountability
– Identification
• The process used to recognize an individual user.
– Authentication
• The verification of an individual user's authorization to
specific categories of information.
– Auditing
• Audit information must be selectively kept and
protected so that actions affecting security can be
traced to the authenticated individual.

requirements
• Assurance Mechanisms
– Operational Assurance
• System Architecture, System Integrity, Covert Channel
Analysis, Trusted Facility Management and Trusted Recovery
– Life-cycle Assurance
• Security Testing, Design Specification and Verification,
Configuration Management and Trusted System Distribution
– Continuous Protection Assurance
• The trusted mechanisms that enforce these basic
requirements must be continuously protected against
tampering and/or unauthorized changes.

requirements
• Documentation
– User's Guide
– Trusted Facility Manual
– Test Documentation
– Design Documentation

Divisions of TCSEC
• D - least protected
• C1
• C2
• B1
• B2
• B3
• A1 – highly protected

Assurance levels
• Verified protection
• Mandatory Protection
• Discretionary protection
• Minimal Protection

D – Minimal protection
• Failed to meet the criteria.
• Least protected.

C – Discretionary protection
• C1 — Discretionary Security Protection
– Identification and authentication
– Separation of users and data
– Discretionary Access Control (DAC) capable of enforcing access
limitations on an individual basis
– Required System Documentation and user manuals
• C2 — Controlled Access Protection
– More finely grained DAC
– Individual accountability through login procedures
– Audit trails
– Object reuse
– Resource isolation

B – Mandatory protection
• B1
– Labeled Security Protection
– Informal statement of the security policy model
– Data sensitivity labels
– Mandatory Access Control (MAC) over selected subjects and objects
– Label exportation capabilities
– All discovered flaws must be removed or otherwise mitigated
– Design specifications and verification
• B2
– Structured Protection
– Security policy model clearly defined and formally documented
– DAC and MAC enforcement extended to all subjects and objects
– Covert storage channels are analyzed for occurrence and bandwidth
– Carefully structured into protection-critical and non-protection-critical elements
– Design and implementation enable more comprehensive testing and review
– Authentication mechanisms are strengthened
– Trusted facility management is provided with administrator and operator segregation
– Strict configuration management controls are imposed

B – Mandatory protection
• B3
– Security Domains
– Satisfies reference monitor requirements
– Structured to exclude code not essential to security policy enforcement
– Significant system engineering directed toward minimizing complexity
– Security administrator role defined
– Audit security-relevant events
– Automated imminent intrusion detection, notification, and response
– Trusted system recovery procedures
– Covert timing channels are analyzed for occurrence and bandwidth
– An example of such a system is the XTS-300, a precursor to the XTS-400

A-Verified Protection
– Verified Design
– Functionally identical to B3
– Formal design and verification techniques including a formal top-level specification
– Formal management and distribution procedures
– An example of such a system is Honeywell's Secure Communications Processor SCOMP, a
precursor to the XTS-400
• Beyond A1
– System Architecture demonstrates that the requirements of self-protection and
completeness for reference monitors have been implemented in the Trusted Computing
Base(TCB).
– Security Testing automatically generates test-case from the formal top-level specification
or formal lower-level specifications.
– Formal Specification and Verification is where the TCB is verified down to the source code
level, using formal verification methods where feasible.
– Trusted Design Environment is where the TCB is designed in a trusted facility with only
trusted (cleared) personnel.

ITSEC
• Structured criteria to evaluate security within products and
systems
• In use predominantly by EU.
• Product being evaluated called Target of Evaluation is subjected
to comprehensive functional and penetration testing.
• The degree of examination depends on level of confidence
required from the product.
• The evaluation levels ranges from e0 to e6. Functionality rating
ranges from F1 to F10.
• Higher the evaluation level more stringent is the examination and
testing and hence more security assurance or confidence level.

Evaluation levels 1- 3

Evaluation Levels 4 - 6

Difference
TCSEC ITSEC
• Addresses only • Addresses CIA
confidentiality • Functionality and Assurance
• Functionality and Assurance level rated separately.
level rated together.

Common Criteria
• From ISO. (ISO15408)
• Evaluation is carried out on a product and it is
assigned one of 7 EAL (Evaluation Assurance
Level)
• Testing and evaluation becomes more
stringent as levels increase

Evaluation Assurance levels
• EAL1 Functionally tested
• EAL2 Structurally tested
• EAL3 Methodically tested and checked
• EAL4 Methodically designed, tested, and
reviewed
• EAL5 Semi formally designed and tested
• EAL6 Semi formally verified design and tested
• EAL7 Formally verified design and tested
Protection Profiles
• Uses Protection Profiles for evaluation.
• PP is a document used as a part of Evaluation and is a
combination of threats, security objectives,
assumptions, security functional requirements (SFRs),
security assurance requirements (SARs) and rationales.
• It is implementation independent set of objectives and
requirements from a ToE.
• Contains description, rationale, functional
requirements, development assurance requirements,
and evaluation assurance requirements.
ToE
• Target of Evaluation is an IT product or system,
which is subject to an evaluation.
• TOE includes all material like documentation
and administrator guides that are delivered
with it.
• TOE might not be a full system or product as it
could be referring to only a particular module
or part of it

Security Target
• The document that identifies the security
properties of the target of evaluation.
• It may refer to one or more PPs.
• The TOE is evaluated against the SFRs
established in its ST, no more and no less. This
allows vendors to tailor the evaluation to
accurately match the intended capabilities of
their product.

Security Functional and Assurance
requirements (SFR’s & SAR’s)
• Security Functional Requirements (SFRs) – specify
individual security functions which may be provided
by a product. The Common Criteria presents a
standard catalogue of such functions
• Security Assurance Requirements (SARs) –

descriptions of the measures taken during
development and evaluation of the product to assure
compliance with the claimed security functionality.

Few attacks to review
• Maintenance Hooks.
• Time of Check to time of use attack.
(Multithreading)

Cryptography

Terms
• Cryptology
• Cryptanalysis.
• Cryptography
• Cryptogram/Cipher text
• Encryption Algorithm
• Decryption Algorithm
• Cryptographic Algorithm.
• Encryption Key.
• Decryption Key.
• Broken Algorithm
Types of Ciphers
• Stream Cipher
• Block Cipher

Worst case conditions
• The following three assumptions are always
made whilst designing a cryptosystem.
– Cryptanalyst has complete knowledge about the
cipher system.
– Cryptanalyst has obtained a considerable amount
of Cipher text
– Cryptanalyst knows certain amount of Plaintext
equivalent of CipherText.

Cover time
• Cover time is the time required for object to
be secured.
• The possible time required for breaking the
algorithm must be larger than the Cover time.

Scenario
• Briefcase and Padlock…

Context whilst decrypting
• Same words when decrypted could yield two
possible words.

Types of Cipher
• Substitution
• Transposition

Cesar Cipher
• Substitution
• Demo – XMZVH
• Demo – HSPPW
• Demo – Multiple by 2 and using Mod 26.

Substitution Ciphers
• Exercise – G WR W RWL
• Exercise – HATTPT (country)

PlayFair Cipher
• Key is 5 x 5 matrix.
• Rules
– replace Js with Is;
– write message in pairs of letters;
– do not allow identical pairs - if they occur insert Z
between them;
– if the number of letters is odd, add Z to the end.

Rules of Encryption - Playfair
• The rule for encryption is as follows.
– If the two letters lie in the same row of the key then each
letter is replaced by the one on its right in the extended
key.
– If two letters lie in the same column of the key then each
letter is replaced by the one below it in the extended key.
– If the two letters are not in the same row or column then
the first letter is replaced by the letter that is in the row of
the first letter and the column of the second letter. The
second letter is replaced by the fourth corner of the
rectangle formed by the three letters used so far.

Excercise
• GOOD BROOMS SWEEP CLEAN

Ans
• FP UT EC UW WU VE TV BV VB XG KB ND

Homophonic Coding
• More than one Cipher Character for
frequenting characters.
• A,E,N,O, R and T is represented by more than
one cipher character.

Vigenere Cipher
• Best known manual poly alphebetic.
• It was discovered by Blaise de Vigenere,
French diplomat in 1586.
• Key word does not repeat characters.

Vigenere table

One time pad
• Reinvented by Gilbert Vernam, and hence also
called as Vernam Cipher
• Features
– Must be used only once
– Pad must be distributed securely to destination.
– Pad must be same size as text or even larger.
– Pad must be made of truly random values.
– Pad must be secured at both points until used.

Running and Concealment Ciphers
• Running Cipher
– Uses non electronic and physical keys. Best
Example is ‘The Valley of Fear’, Sir Arthur Connan
Doyle.
– Need not be book based but anything in real
world.
• Concealment Cipher – Message within a
message. Eg. Every third word.

Steganography
• Security through Obscurity.
• The messages do not arouse suspicion
themselves. They are clear messages.
• Digital Steganography, every 100th pixel/bit in
an digital image could be modified in color to
deliver a message. The modification is so
subtle to be notice it.

Transposition Ciphers
• Transposing the order in which ciphers are
written
• Illustration :
– Key 5
– Use Z as filler
– Plain Text: ‘WHAT WAS THE WEATHER LIKE ON
FRIDAY’

Super Encryption
• Mix of Substitution and Transposition
• Use Key 2 for Substitution and Key 4 for
transposition.
• Ex: “Cryptography is a great subject”

Key Stream
• Stream of random characters that are mixed
with plain text to produce enciphered
message.
– Must have long periods of no repeating pattern
– Must be statistically un predictable.
– Must not be linearly related to the key
– Unbiased key stream (equal number of Zero’s and
One’s)

Symmetric Encryption
• Benefits
– Faster
– Hard to break
• Disadvantages
– Requires secure mechanism for key delivery
– Each pair requires unique key
– Provides only confidentiality no authenticity and non
repudiation.
• Consumes more processing power and hence
implemented in Hardware encryption.
SKE - Algorithms
• DES
• 3DES
• BlowFish
• IDEA
• RC4, RC5 and RC6
• AES

Asymmetric Key Encryption
• Strength
– Better Key Distribution
– Better Scalability
– Provide Authentication and non repudiation
• Weaknesses
– Works slower
– Mathematically intensive

AKE Algorithms
• RSA
• Elliptical curve Cryptosystem.
• Diffie-Hellman
• El-Gamal
• Digital Signature Algorithm
• Knapsack

Initialization Vectors
• Introduce randomness in Cipher text.
• Ensures, same text encrypted with same key
does not produce same output.

DES
• One of the early encryption algorithms.
• In 1974 IBM submitted 128 bit algorithm called lucifer.
• This was later changed by NSA to use 64-bit key, 56 for
key and 8 for parity and was called DEA.
• This was a very powerful and popular algorithm and
eventually withdrawn because of its popularity without
an attack.
• 1998 this algorithm was broken.
• Was replaced by AES.

DES
• Symmetric Algorithm.
• Works on 64-bit blocks.
• 16 rounds of Confusion and diffusion.

Modes of DES

Electronic Code Block
• Block of data is subjected to same algorithm
and key.
• For given block of data output is always same.
• Used for small amount of data. Like Database,
PIN etc.

Cipher Block Chaining
• Output of one block is fed as input to next
block.
• It is basically XORed to next block before
encryption.
• The IV’s are also added to first block.

Cipher Feedback Mode
• Used in mailing encrypted stuffs.
• The output of first block is given as IV to next
block and IV is given to first block as well.

Output feedback mode
• Key stream is fed to next block.
• Avoid intermediate errors.
• Used for encrypted video’s and Audio.

Counter Mode
• No chaining involved.
• IV is incremented every time fed to a block.

Triple DES
• 3 DES uses 48 rounds of computation.
• Performance heavier.
• Modes
– DES-EEE3
– DES-EDE3
– DES-EEE2
– DES-EDE2

AES
• Symmetric Block Cipher
• Key Length – 128(10), 192(12), 256(14).

IDEA
International Data Encryption algorithm
• Block Cipher and works on 16 bit blocks
• Each block undergoes 8 rounds
• 128 bit key.
• Used in PGP, and harder to break as the key
size is 128.
• Much popular in 1996 and later not suggested
as there were faster algorithms.

Fiestal Network or Cipher
• Horst Fiestal, German IBM Cryptographer
• Advantage of having encryption and
decryption operations very similar or even
identical in some cases. They require only
reversal of key schedule.
• Key schedule is, in some cases, the key is
divided into many sub keys and used in
successive rounds of encryption.

Blow Fish
• Bruce Schneier
• Replacement for aging DES at 1993.
• 64 bit blocks
• 32-448 bit keys
• 16 rounds of application to a block
• Free for usage

RC4
• 1987, Ron Rivest
• Symmetric and Variable Key size
• Used in SSL and WEP.
• The algorithm leaked to Internet unanimously.

RC2
• Block Cipher
• Requested by Lotus and approved by NSA.
• 40 bit key
• Released to Internet anonymously like RC4.
• 16 rounds of computation.

Diffie-Hellman Algorithms
• Works on PKI
• Assuming two entities (A and B) wanted to
communicate. Their public key is exchanged before
out set of communication.
• k = d-h(pvA+pbB) = d-h(pvB+pbA)
• A and B then start communication, k(message).
• Susceptible to Man in Middle attack.
• El Gamal is derived from d-h algorithm but is the
slowest in performance.
RSA
• Named after its inventors, Ron Rivest, Adi
Shamir, Leonard Adleman.
• Default standard for digital signatures, key
exchange and encryption
• Provides, encryption and digital signature in
one direction and decryption and signature
generation in reverse direction.

RSA Illustration
• Choose p = 3 and q = 11
• Compute n = p * q = 3 * 11 = 33
• Compute φ(n) = (p - 1) * (q - 1) = 2 * 10 = 20
• Choose e such that 1 < e < φ(n) and e and n are coprime. Let e =
7
• Compute a value for d such that (d * e) % φ(n) = 1. One solution
is d = 3 (because(3 * 7) % 20 = 1)
• Public key is (e, n) => (7, 33)
• Private key is (d, n) => (3, 33)
• The encryption of m = 2 is c = 2 pow 7 % 33 = 29
• The decryption of c = 29 is m = 29 pow 3 % 33 = 2

Elliptic curve cryptosystem
• Works very similar to RSA.
• Based on elliptical curve. There are few points in the curve
that can be grouped together.
• These points in the group are used for encryption and
decryption formula.
• The mathematical operations of ECC is defined over the
elliptic curve y2 = x3 + ax + b, where 4a3 + 27b2 ≠ 0.
• Used in scenario's where processing power is very limited like
handheld devices.
• Provides same protection with small keys as that of with large
keys.

Integrity

Message Integrity protection
• Integrity protection is required to detect any
unintentional or intentional modification of
messages in transit.
– Spike in power supply
– Attenuation of media
– Physical damage
– Intruder (Man in the middle attack)

One way Hash
• Variable length message is sent through
hashing algorithm to produce fixed hash value.
• This is just one way function.
• Hash is just integrity protection is as well
called Message Digest.
• To evade MIM attack, we need Message
authentication code (MAC). This is integrity +
authentication.

Types of MAC
• H-MAC
• CBC-MAC
• CMAC

Hash MAC (HMAC)
• MAC = Hashing Algorithm (message +
Symmetric key)
• MAC + Message is then sent to recipient.
• MIM attack is challenged or evaded because
of lack of symmetric key with the attacker
(hopefully).

CBC-MAC and CMAC
• Message is sent through symmetric block
cipher in CBC mode.
• The output of final block is appended to the
message and sent across.
• CMAC is a variation of CBC-MAC but works on
AES or 3DES.
• CMAC creates sub keys to work with blocks of
data

Characteristic of a Hashing Algorithm
• Hash value must be computed over complete
message.
• Should be a one way functions, the messages
are not disclosed.
• Given message and its hash value computing
another message with same hash value must be
impossible. If it is produced it is called collision.
• Resistant to birthday attacks.

Few Hashing Algorithms
• MD2, 128 bit, slower than MD4 and MD5.
• MD4, 128 bit
• MD5, 128 bit, complex than MD4.
• MD6, 256 bit, immensely fast and resistant against deferential cryptanalysis.
• HAVAL, 128, 160, 192, 224 and 256 bits, as well specifies rounds to generate
HASH value.
• SHA, 160 bit, based on DSA.
• SHA-1, SHA-256, SHA-384,SHA-512 – uses variable length of key as
mentioned.
• Tiger – developed by Ross Andersson (Security Engineering) and Eli Biham.
Works on 64 bit system. Produces 192 bits hash value. Built on design not
based on SHA-1 and MD4, hence not susceptible to same type of attacks.

Basis for Birthday attack
• In probability, in a set of n randomly chosen
people, some pair will share same birthday.
• Based on the principles of pigeon hole, the
probability reaches 100% when number of
people reach 367 (One more than 366, days
for leap year), and 99% for number of people
reach 57 and 50% for 23 people.

Birthday attack
• If n is number of bits in hash value 2^n then
number of hash values that it can generate.
• For a given finding another message
generating the same hash value is 2^(n/2).
• To prevent the breaking of algorithm using
brute force attack, we must ensure the hash
length to large.

Digital signatures
• Signing the generated one way hash with
private key is Digital signature.
• The Digital signatures produce, Integrity,
repudiation, Authentication and
Confidentiality when the complete message is
encrypted and digitally signed.

Digital Signature Standard
• Standard developed by NSA, that mandates
using Encryption and Hashing algorithm to
secure the communication.
• DSA, RSA, and ECDSA for Encryption
• SHA for Hashing.

Digital Certificates
• Digital Certificates are used for identification.
• It is like a passport in digital world.
• Bind Pair of electronic keys used for encryption
and signing information.
• Helps in Non repudiation.
• Along with encryption it offers complete security
suite.
• Digital certificate is issued by Certificate Authority
(CA).
What it contains
• A Digital Certificate typically contains the:
– Owner's public key
– Owner's name
– Expiration date of the public key
– Name of the issuer (the CA that issued the Digital
Certificate
– Serial number of the Digital Certificate
– Digital signature of the issuer

Standard
• The most widely used standard for digital
certificate is X.509.
• Any application complying with this standard
can read and write these certificates.

What are Digital certificates used for?
• It is used in variety of electronic transactions

including
– Emails
– Groupware
– Internet banking.
– eCommerce

Scenario
• Online Shopping

Types of certificates
• Server Certificate - Enables web server to operate in
secure mode. It encrypts all transaction between
server and web browser.
– Scenario – Online Shopping
• Developer Certificate – provides customer with
information and assurance while downloading
software from Internet.
• Personal Certificate – used by users when they
exchange messages with other users and online
services.
Registration Authority
• Verifies the identity of the requestor.
• Initiates registration of the Certificate.
• Is a middle man and forwards the request to
CA for certificate issuance after complete
verification.

Certificate Authority
• CA issues certificate with users public key and
identity.
• Users private key is kept secret by end user
and it is only public key in digital certificate.
• CA’s is obligated to verify and confirm the user
before the certificate is issued.
• There are few commercial providers for CA,
like Verisign.

CA Heirarchy
• Single Tier
– Only one CA
– Both Root and issuing CA.
– Root CA is the trust CA for PKI
– Any application or systems in PKI trust root CA
and as well certificates issued by root CA.
– Issuing CA will issue certificate to end entities.
– Usually both these roles are done by two or more
separate servers.
Two Tier
• There is a root CA and multiple issuing CA’s.
• Root CA is offline and the issuing CA’s work in
issuing the certificates.
• The certificate of root CA is well protected as
it is offline. Hence cannot be compromised.
• Issuing CA could be geographically disbursed
and ensures better performance and
scalability.

Three Tier
• Specifically the difference between a Two Tier Hierarchy is that
second tier is placed between the Root CA and the issuing CA.
• The placement of this CA can be for a couple different reasons.
The first reason would be to use the second tier CA as a Policy CA.
• In other words the Policy CA is configured to issue certificates to
the Issuing CA that is restricted in what type of certificates it
issues.
• The Policy CA can also just be used as an administrative boundary.
• In other words, you only issue certain certificates from
subordinates of the Policy CA, and perform a certain level of
verification before issuing certificates, but the policy is only
enforced from an administrative not technical perspective.

Getting Certificate from CA

Certificate Chaining

Authority Information Access
• When a client or application is validating a certificate it needs to not only
validate the certificate that is being used but also the entire chain of the
certificate.
• In other words, the application or client needs a certificate from each CA in
the chain beginning with the issuing CA and ending with the Root CA.
• If the application or client does not have access to the certificates in the
chain, locally the application or client needs a place from which to obtain
the certificates.
• This location is called the Authority Information Access or AIA.
• The AIA location is the repository where the CA certificate is stored so that
it can be downloaded by clients or applications validating a certificate.
• The AIA location is included in the AIA extension of a certificate.

Certificate revocation list
• Certificate Revocation List (CRL) is one of two common methods when using a
public key infrastructure for maintaining access to servers in a network.
• The other, newer method, which has superseded CRL in some cases, is Online
Certificate Status Protocol (OCSP).
• The CRL is exactly what its name implies: a list of subscribers paired with digital
certificate status. The list enumerates revoked certificates along with the
reason(s) for revocation. The dates of certificate issue, and the entities that
issued them, are also included.
• In addition, each list contains a proposed date for the next release.
• When a potential user attempts to access a server, the server allows or denies
access based on the CRL entry for that particular user.
• The main limitation of CRL is the fact that updates must be frequently
downloaded to keep the list current. OCSP overcomes this limitation by
checking certificate status in real time.

CRL Distribution Point
• A CRL Distribution Point (CDP) is where clients or
applications that are validating a certificate download the
certificate revocation list (CRL) to obtain revocation
status.
• CA’s periodically publish CRLs to allow clients and
applications to determine if a certificate has been
revoked.
• CRLs contain the serial number of the certificate that has
been revoked, a timestamp indicating when the certificate
was revoked, as well as the reason for revocation.

Anatomy of Certificates
• Subject: Provides the name of the computer, user, network device, or service
that the CA issues the certificate to. The subject name is commonly represented
by using an X.500 or Lightweight Directory Access Protocol (LDAP) format.
• Serial Number: Provides a unique identifier for each certificate that a CA issues.
• Issuer: Provides a distinguished name for the CA that issued the certificate. The
issuer name is commonly represented by using an X.500 or LDAP format.
• Valid From: Provides the date and time when the certificate becomes valid.
• Valid To: Provides the date and time when the certificate is no longer considered
valid. The date when an application or service evaluates the certificate must fall
between the Valid From and Valid To fields of the certificate for the certificate to
be considered valid.
• Public Key: Contains the public key of the key pair that is associated with the
certificate.
• Signature Algorithm: The algorithm used to sign the certificate.
• Signature Value: Bit string containing the digital signature.
Common Attacks
• Known plain text attack
• Chosen plain text attack
• Cipher only attack
• Side Channel attacks
• Brute Force Attacks
• Meet in the middle attack.
• Linear Cryptanalysis

Pretty Good Privacy
PGP
• Freeware email security program by Phil Zimmerman.
• Gives user the option for choosing various packages
for security purpose.
• Addresses four principles of security.
• Uses passphrase to encrypt the users private key.
• Work on ‘Web of Trust’ rather than any trust
certificates.
• Levels of trust is in place and can be altered by user.
• User can sign or vouch for an other user for trust.

Physical Security

Threats to Physical security
• Natural
• Supplies
• Man made
• Politically motivated
• Insider and external attack.
– Collusion – secret insider and a external agent.

What is at most priority to protect?

Architecture of Physical secure
• The physical security must be a layered one.
• If one layer is circumvented other layers will
deter the intruder.
• Requirements of physical security is subjective
on what needs to be protected and by whom
(BFSI or Grocery store etc).
• It must be methodical it involves procedure,
process, people and technology.

Goals
• Prevention through deterrence.
• Damage reduction through delaying
mechanism.
• Crime or disruption detection
• Incident assessment
• Response procedures

Steps to Roll out
• Team formation.
• Initial risk analysis must be made to identify the vulnerabilities,
hence threats and impact to business.
• This must be presented to management for approval and
getting know acceptable risk.
• Counter measures are then implemented to mitigate the risk.
• The effectiveness of this counter measure is evaluated initially
to form a baseline and periodically to ensure baseline is
improved or acceptable risk is always met
• Entire program must be driven by metrics and must be
regularly measured.

Crime Prevention through environmental
design (CPTED)
• Designing the environment to reduce crime.
• Useful not only for corporate but also for design of
cities, towns etc.
• Human behavioral measures to prevent intruder attack
rather than traditional deterrent/Prevention methods.
• Strategies
– Natural Access control, placement of doors, fences,
lightning, bollards
– Natural Surveillance
– Natural Territorial reinforcement

CPTED principles
• The environment must be divided into zones.
• Zonal classification:
– Controlled
– Restricted
– Sensitive
– Public
• Only authorized personals must at authorized
to be allowed into these zones.

Design considerations
• Number of entry/exit points must be restricted. This
must be reduced at weekends or holidays, when
minimum number of employees work.
• All visitors must sign at front desk before getting inside
the premises.
• Sidewalks and landscaping to guide all to the main
entrance. Proper lighting to guide them at night as
well.
• Landscape to force Parking in front and guide them
through proper exit.
Natural Surveillance
• Benches along the pathways, for people to sit
and watch.
• Security Guards
• Activity areas outside the buildings and closer
to entry.

Natural territorial reinforcement
• Creates physical design that makes legitimate
users sense of ownership.
• This is effected by decorative side walks, walls,
fencing, landscape, clearly marked addresses,
and flags.

Adherence
• There are regulatory requirements that needs
to be adhered to.
• Negligence could result in a legal suit against
the company.
• Company must exercise due care in securing
its employees.

Simple tips
• If the building built only to host expensive
equipments to support core functionality, it is always
better to keep the building guessing by outsiders.
• Ensure it is near to Fire station or hospital or police
station.
• Also ensure natural calamities cannot wash out the
premises. Not very close to lake or river bed.
• Could be near mountain to prevent eves dropping or
under ground to evade bombing.

Construction Material
• Decide on combustibility of the mixture to construct
the walls. Heavy timber construction material must
be used as it provides more protection from fire.
• Widows placement must be taken care. Could be
opaque or translucent. May be need to prevent UV
radiations.
• Door must have same fire rating as the walls,
prohibit forceful entry, must be secured, locked and
monitored. Must alarm for any intruder detection.

Entry Points
• Doors, Windows, service delivery access points, chimneys,
Fire Exit points, Staircase doors etc.
• Weakest item to break to gain access to the building is doors
and windows.
• Bolt, frame, Hinges and surrounding wall ceiling constitute to
the security of the door.
• Solid-core doors must be used instead of hollow-core to
withstand a massive attempts to break through.
• Bullet proof (Sandwich of bullet resistant or proof material
between steel veeners) and doors must be used if the place
demands protection against terrorist attack etc.

Mantrap
• This is used to authenticate the user using
biometrics and letting him pass through
authorized area.
• This is most widely used for secure international
conferences.
• Only one person is allowed into the room for
screening, no tailgating allowed.
• The door lock automatically to trap any potential
intruder.
Mantrap

Security on doors
• Fail – Safe/Secure – defaults to lock on power
failure. Better.
• Fail-Open - Defaults to unlock on power
failure.

Window Protection
• Windows must be properly protected with
strong frames and hinges.
• Tempered glass is more stronger than
standard glass used for homes.
• Acrylic glass stronger but toxic fumes if burnt.
• Embedded wired and Laminated glasses are
also good security prevention or deterrent
options.

DC positioning
• Must be restricted by biometric.
• Single entry for entry/exit. Emergency exit must not be used.
• Must not be accessible from frequently used areas, like pantry, restrooms
etc.
• Must not be on top floor and at the same time not at basement.
• Must be located at core of the building.
• Off operational hours must be set through alarm.
• If secured by code, code must be changed every six months or after an
employees exit.
• Portable fire extinguishers must be available at many places.
• The basement must detect water, and sound alarm.
• Smoke and fire detector must be installed and must alert the authorized
personals.

DC considerations
• The temperature within data center must be
maintained properly not too high or not too low.
• DC must receive different power supply than the
entire building to have a separation of problem.
• If more than one feeder supplies power to DC,
they both must come from a different sub station.
• DC must have UPS (Online or standby) or power
generators to provide supply incase of power
outage.
Prevent Asset theft
• Movement of the Laptop can be traced using tracking
software. This software periodically sends signal to the
tracking center.
• Data backup tapes or media’s must be protected by
using safety vaults. These are fire proof cabinets and
are used to secure the medias.
• Only authorized personals are allowed to open the
vaults and this operation is monitored.
• Usually the media is stored in a remote location and is
brought in only during Backup or restoration.
Electric Power issues
• Electro Magnetic Interference – due to
difference in magnetic field caused by supply,
neutral and ground.
• Radio Frequency Interference – anything that
radiate radio frequency energy. It is of two
types, radiated and conducted. Conducted is
taken on the wire and is more dangerous.

Power Fluctuations
• Spike - Momentary high voltage
• Surge – Prolonged High voltage.
• Fault - Momentary power outage
• Blackout – Prolonged power outage.
• Sag/Dip – Momentary low voltage
• Brownout – prolonged low voltage
• In-rush current – initial surge of current
required to start a load.
Preventive measures
• Employ surge protectors/Spike busters .
• Employ power line monitors to detect frequency and
voltage amplitude changes.
• Shut down devices orderly.
• Use voltage regulators.
• Protect critical parts and equipments with access
control.
• Protect from magnetic induction through shielded lines.
• Use shielded cable.

Climatic conditions
• When the moisture on the weather is less,
static energy is released through finger tips.
• Use Anti static bands
• Use static free carpets at DC.
• Ensure proper grounding is in place for wiring.

Ventilation
• Air conditioning must be implemented in a closed loop
mode, to ensure the air inside the building is filtered
and used rather than to get in the outside air.
• Thorough knowledge of what can contaminate the
environment to cease operations of DC must be
analyzed and preventive measures must be taken care.
• Dust must at any cost be stopped from getting in to the
DC, as it might clog and stop fans installed for cooling
the mother board from functioning.

Fire handling
• Employees must be trained on using fire safety equipment
and using right equipment at right situation.
• These extinguishers must be tested regularly.
• Fire suppressions must be strategically positioned and must
be used to suppress fire.
• Right agent must be used having to choose from Water, FM-
200 (replaced Halon) and CO2.
• Smoke Activated or Heat Activated detectors must be
installed in right places to capture the incident as early as
possible. Air ducts, or enclosures will be one of the the right
place to place the detectors.

Types of extinguishers
• Water
• Foam
• Dry Powder
• Carbon dioxide – People must be given time to
evacuate before CO2 being used.

Classes and its use

Using Water sprinkler to extinguish fire
• Must not be used in case of electrical fire
• Wet pipe, managed by temperature controlled sensors.
Not useful during freezing winter.
• Dry Pipes – Water is stored in tanks and pressurized air
in pipes. As temperature increases pressure decreases
and water is released to sprinkle.
• Preaction – Same as dry pipe, thermal fusible link has
to melt to allow water to sprinkle.
• Deluge – Release large quantities of water and hence
not used in DC’s.
Layered defense
• Perimeter security
• Facilities access control
• Locks as a delaying mechanism.
– Mechanical- Traditional
– Cipher Locks – Pin(know) + Swipe(have)
• Master Keying/Override
• Door delay
• Hostage Alarm

Key Management
• Right type of locks must be used for right
purposes.
• Master key must rest with authorized personal
and this key must be extremely secure.
• There must be a documented procedure for
key management.

Personal Access Control
• Every individual entering premises must be
authenticated.
• Piggybacking or tailgating must be stopped.

Controls in place
• Access control mechanisms.
• Physical barriers.
• Intruder detection system - perimeter or
interior sensors
• Assessment – CCTV
• Response – Security Guards
• Deterrent – Lights, signs, CPTED

Fencing
• Must be little away from vegetation
• Height of fences are critical for its purpose
– 3-4 , will deter a casual trespasser
– 6-7, will be considered hard to climb
– 8 and +, will deter a determined intruder.
• Tilted fences provide more security.
• PIDAS, uses sensors for alarming.

Few more methods
• Bollards
• Lighting
– Controlled
– Stand by
– Responsive area illumination

Closed Circuit Tele Vision
• CCTV
– Used for detecting and intruders
– Decide on Internal or external monitoring
– Decide on field or view
– Plan to place the camera depending on
illumination or the environment.
– Beneficial if attached to an IDS to alert on an
intrusion.

Components of CCTV
• Camera
• Transmitter
• Receiver
• Recorder
• Centralized monitoring system
• Multiplexers that can display from multiple
cameras.

CCTV Types
• Charged coupled devices (CCD)
– Electrical circuit receives signal from lens and converts them to
electronic signals and sent to monitor for display.
– Works at infrared range and hence captures more details beyond
human perception.
• Fixed focal length and Zoom
– Focal length related to viewing object either angular or
orientation (v or h).
– Could be a small area to be monitored (8mm lens) or wide area
(2.8 – 4.3mm lens).
– Zoom control enables the remote security guard to monitor a spot
by focusing.

Intruder Detection System
• These devices can detect
– Change in beam of light
– Sounds and Vibration
– Motion
– Different types of light
– Electrical circuit

IDS Types
• Electromagnetic System – Based or circuit
break or pressure pads.
• Photometric system or cross sectional.
• Passive Infrared Systems.
• Acoustical detection system.
• Vibration Sensors
• Wave pattern motion detector
• Proximity detector
On IDS
• Expensive
• Must have supplemental power supply
• Detect and be resistant to Tempering.
• Linked to central monitoring system.
• Have Fail-Safe protection.

Other important steps
• Employing
– Security Guards
– Dogs
• Perform regular risk assessment or evaluate
existing controls.

End of it

CISSP - Domain 3 - Security Engineering

Uploaded by

Copyright:

Available Formats

CISSP - Domain 3 - Security Engineering

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CISSP - Domain 3 - Security Engineering

Uploaded by

Copyright:

Available Formats

Domain 3