Friday, July 23, 2010

CISSP - System Architecture and Design

Evaluation Criteria

TCSEC: US Based - Trusted Computer System Evaluation Criteria AKA Orange Book superseded by Common Criteria. A is higher then D. B3 is higher than B1.
A -> Verified - A1 = Configuration Management
B -> Mandatory Access Control - B1 = Labeled - B2 = Structured, B3 = Security Domains, Covert Channels
C -> Discretionary Access Control
D -> Minimal Security

ITSEC (1980s) - Europe Based - Seven Assurance (Effectiveness) levels: E0 - E6 and 10 Functionaly levels: F1 - F10

CTCPEC - Canada Based

Common Criteria - ISO around 1990 - Bridge gap between national versions - 7 Assurance Levels: EAL1 < EAL2 (structurally tested) < EAL4 (methodically designed, tested, and reviewed) < EAL6 (semi-formally verified, designed, and tested) < EAL7 (formally verified, designed, and tested)

Covert Channel Analysis: Finding channels being hidden inside of other channels - HTTP is very common for this as people are doing all sorts of things over HTTP that the system may not have been intended to do. DOD has an entire book (Light Pink Book) dedicated to this.

Security Models

Bell-LaPadula - Confidentiality Model - Simple = No read up, Star = no write down

Biba - Integrity Model - Simple = No read down, Star = no write up

Clark Wilson (1987) - Security Labels (MAC) - meets all goals of integrity. IVP (Integrity Verification Procedure) confirms integrity. Constrained Data Item is being protected, Unconstrained is not yet protected. Transformational Procedure...

Take-Grant - Create, revoke, grant, take

Brewer-Nash - Conflict of Interest

Sutherland - Inference



Low Level

Memory Management - requirements - relocation, protection, sharing, physical organization, logical organization

CPU States - Ready, Supervisor (privileged), Problem (user - processing - not really a problem), Wait

Process States - New (to be loaded into memory), Blocked (waiting for input), ready (waiting to give to cpu), running (waiting for CPU to finish)

PLC - Programmable Logic Controller - think micro controller

PSW - Program Status Word register - holds applications operating state

Rings of Protection - 0 is Security Kernel - home of the Reference Monitor

Bus Interface Unit - Managing access from Bus Resources (PCI, serial, etc) to CPU


NIACAP - National Information Assurance Certification and Accreditation Process - types: site, type, system

DITSCAP - Defense Information Technology Security Certification and Accreditation Process - 4 phases - replaced by DIACAP - Defense Information Assurance Certification and Accreditation Process

The Books

Neon Orange - NCSC-TG-003 - A Guide to Understanding Discretionary Access Control in Trusted Systems

Purple - Guidelines for formal Verification System

Tan - A Guide to Understanding Audit in Trusted Systems

Green - DOD 5220.22-M - DOD Password Management Guidelines

Orange - TCSEC

Light Pink - Covert Channels

Light Yellow - CSC-STD-003-85


TOC / TOU - Time of Check / Time of Use - Asynchronous attack against the timing of when something was checked vs when it is actually used - ie. if a user had admin rights taken away, but hasn't logged off

Van Ecks Phreaking - NOT phones - early version of TEMPEST - project to sniff CRT / VGA emissions

Trusted Computing Base: all of the protection mechanisms in a computer system (hardware, firmware, software). Trusted Path - user / process <-> kernel. Trusted shell AKA sandbox.

CISC: Complex Instruction Set Computing - each instruction can perform multiple low level operations. Meant to bridge the gap between simple low level instructions (1+1 = 2) and high level programming logic / loops. Think x86

RISC: Reduced Instruction Set Computing - based on the philosophy that the CPU can be more efficient if it focuses on the simple operations (contrary to CISC) - modern development has been a balance between the two. SPARC.

No comments:

Post a Comment