Security Management Models - Chap 8

Flashcards from Security Management Models Lecture Notes

Framework

High-Level Structure & Guidelines. A broad set of best practices, standards, and guidelines that provide an overall structure for cybersecurity management.

Model

Theoretical Security Concept. A theoretical concept how security should be implemented to achieve specific security objectives, such as confidentiality, integrity, or availability.

Blueprint

Detailed Implementation Plan. A specific, detailed plan for implementing security controls in an organization, based on a chosen framework and model.

ISO/IEC 27002

Offer guidance for the management of InfoSec to individuals responsible for their organization’s security programs. Focused on a broad overview of the various areas of security, providing information on 127 controls over 10 areas

ISO/IEC 27001

Provides information on how to implement ISO/IEC 27002. How to set up an information security management system (ISMS)

Security architecture models

Illustrate how InfoSec is implemented in systems.

Confidentiality-focused models

Protect data secrecy.

Integrity-focused models

Ensure data accuracy and trustworthiness.

TCSEC (Trusted Computer System Evaluation Criteria)

An older DoD standard for evaluating computer system security. Also Known As: "Orange Book" – The cornerstone of the Rainbow Series (color-coded security documents).

Trusted Computing Base (TCB)

The hardware, firmware, and software responsible for enforcing a system’s security policy.

Reference Monitor Concept

A conceptual component of TCB that manages access controls. Ensures subjects (users/processes) can only access authorized objects (files/data).

Covert Channels in TCB

Unauthorized or hidden methods of data transfer that bypass security policies.

Common Criteria (CC)

An international standard (ISO/IEC 15408) for computer security certification. Successor to TCSEC and ITSEC.

Target of Evaluation (ToE)

The system or product being evaluated.

Protection Profile (PP)

A user-generated security requirements specification.

Security Target (ST)

A document detailing the ToE’s security properties.

Security Functional Requirements (SFRs)

A catalog of security functions provided by a product.

Evaluation Assurance Level (EAL)

Grading scale for security assurance.

Access Control

The method of regulating who can access specific resources and how they can use them.

Identification

Capturing the identity of the entity requesting access (e.g., username, ID card).

Authentication

Verifying the identity using credentials (e.g., passwords, biometrics).

Authorization

Granting specific permissions and access levels based on the entity’s role.

Accountability

Logging and tracking all access activities for auditing and compliance.

Least Privilege

Users are granted the minimum access necessary for their job.

Need-to-Know

Users are only given access to specific information needed for their current task.

Separation of Duties

Significant security tasks are divided among multiple individuals to prevent fraud and insider threats.

Directive Access Control

Policies and training to guide user behavior.

Deterrent Access Control

Discourages security violations.

Preventative Access Control

Stops incidents before they happen.

Detective Access Control

Identifies security incidents when they occur.

Corrective Access Control

Responds to and mitigates security breaches.

Recovery Access Control

Restores systems to normal operations after an incident.

Compensating Access Control

Provides alternative security measures when primary controls are insufficient.

Managerial Controls

Designed by strategic planners, implemented by security administrators.

Operational (Administrative) Controls

Integrated into daily business operations.

Technical Controls

Automated security mechanisms.

Mandatory Access Control (MAC)

Enforces strict classification levels on data and users. Users have no control over access permissions.

Discretionary Access Control (DAC)

Data owners control who can access resources. Users can share or restrict access at their discretion.

Nondiscretionary Access Control (NDAC)

Controlled by a central authority, not individual users.

Role-Based Access Control (RBAC)

Access tied to job roles.

Task-Based Access Control (TBAC)

Access tied to specific tasks or projects.

Bell-LaPadula (BLP) confidentiality model

A state machine reference model that helps ensure the confidentiality of an information system by means of mandatory access controls (MACs), data classification, and security clearances. BLP security rules prevent information from being moved from a level of higher security level to a level of lower security

simple integrity property

Permits a subject to have read access to an object only if the security level of the subject is either lower or equal to the level of the object

integrity * property

Permits a subject to have write access to an object only if the security level of the subject is equal to or higher than that of the object

Clark-Wilson integrity model

Designed for the commercial environment. Built upon principles of change control rather than integrity levels.

Integrity verification procedure (IVP)

Procedure that scans data and confirms its integrity

Transformation procedure (TP)

Procedure that only allows changes to a constrained data item

Brewer-Nash model—commonly known as a Chinese Wall

Is designed to prevent a conflict of interest between two parties. Requires users to select one of two conflicting sets of data, after which they cannot access the conflicting data