Evaluation Criteria
TCSEC: US Based - Trusted Computer System Evaluation Criteria AKA Orange Book superseded by Common Criteria. A is higher then D. B3 is higher than B1.
A -> Verified - A1 = Configuration Management
B -> Mandatory Access Control - B1 = Labeled - B2 = Structured, B3 = Security Domains, Covert Channels
C -> Discretionary Access Control
D -> Minimal Security
ITSEC (1980s) - Europe Based - Seven Assurance (Effectiveness) levels: E0 - E6 and 10 Functionaly levels: F1 - F10
CTCPEC - Canada Based
Common Criteria - ISO around 1990 - Bridge gap between national versions - 7 Assurance Levels: EAL1 < EAL2 (structurally tested) < EAL4 (methodically designed, tested, and reviewed) < EAL6 (semi-formally verified, designed, and tested) < EAL7 (formally verified, designed, and tested)
Covert Channel Analysis: Finding channels being hidden inside of other channels - HTTP is very common for this as people are doing all sorts of things over HTTP that the system may not have been intended to do. DOD has an entire book (Light Pink Book) dedicated to this.
Security Models
Bell-LaPadula - Confidentiality Model - Simple = No read up, Star = no write down
Biba - Integrity Model - Simple = No read down, Star = no write up
Clark Wilson (1987) - Security Labels (MAC) - meets all goals of integrity. IVP (Integrity Verification Procedure) confirms integrity. Constrained Data Item is being protected, Unconstrained is not yet protected. Transformational Procedure...
Take-Grant - Create, revoke, grant, take
Brewer-Nash - Conflict of Interest
Sutherland - Inference
Goguen-Meseguer
Bobert-Kain
Low Level
Memory Management - requirements - relocation, protection, sharing, physical organization, logical organization
CPU States - Ready, Supervisor (privileged), Problem (user - processing - not really a problem), Wait
Process States - New (to be loaded into memory), Blocked (waiting for input), ready (waiting to give to cpu), running (waiting for CPU to finish)
PLC - Programmable Logic Controller - think micro controller
PSW - Program Status Word register - holds applications operating state
Rings of Protection - 0 is Security Kernel - home of the Reference Monitor
Bus Interface Unit - Managing access from Bus Resources (PCI, serial, etc) to CPU
Accreditation
NIACAP - National Information Assurance Certification and Accreditation Process - types: site, type, system
DITSCAP - Defense Information Technology Security Certification and Accreditation Process - 4 phases - replaced by DIACAP - Defense Information Assurance Certification and Accreditation Process
The Books
Neon Orange - NCSC-TG-003 - A Guide to Understanding Discretionary Access Control in Trusted Systems
Purple - Guidelines for formal Verification System
Tan - A Guide to Understanding Audit in Trusted Systems
Green - DOD 5220.22-M - DOD Password Management Guidelines
Orange - TCSEC
Light Pink - Covert Channels
Light Yellow - CSC-STD-003-85
Attacks
TOC / TOU - Time of Check / Time of Use - Asynchronous attack against the timing of when something was checked vs when it is actually used - ie. if a user had admin rights taken away, but hasn't logged off
Van Ecks Phreaking - NOT phones - early version of TEMPEST - project to sniff CRT / VGA emissions
Trusted Computing Base: all of the protection mechanisms in a computer system (hardware, firmware, software). Trusted Path - user / process <-> kernel. Trusted shell AKA sandbox.
CISC: Complex Instruction Set Computing - each instruction can perform multiple low level operations. Meant to bridge the gap between simple low level instructions (1+1 = 2) and high level programming logic / loops. Think x86
RISC: Reduced Instruction Set Computing - based on the philosophy that the CPU can be more efficient if it focuses on the simple operations (contrary to CISC) - modern development has been a balance between the two. SPARC.
No comments:
Post a Comment