CYB.ISP

Cybersecurity Fundamentals

Tranquility Principle

This principle states that the classification of a subject or object does not change while it is being referenced

Principle of strong tranquility

This principle states that security levels do not change during the normal operation of the system

Principle of weak tranquility

This principle states that security levels may never change in such a way as to violate a defined security policy

(It's also desirable as it allows systems to observe the principle of least privilege)

Digital Signatures

It lets the receiver know that the data was sent by a known sender (authentication) and that the message was not altered during transit (integrity)

Multi-Touch Verification System

A system that authenticates users by performing multi-touch gestures on a device's screen

Anonymity

The state of being not identifiable within a set of subjects

(The idea of hiding the aspects of metadata)

Anonymity Set

The group of people that you’re indistinguishable from

OWASP (Open Web Application Security Project)

An organization that collects information about how popular attacks are at a given time

Authentication

The act of proving one's identity to another entity

Two Factor Authentication (2FA)

An approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are

Security Model

A model that defines essential aspects of security and their relationship with the OS and its performance

Bell-LaPadula (BLP) Security Model

A security model that provides confidentiality to a system

BLP's simple security property

This security property states that a subject at a given security level may not read an object at a higher security level (NO READ UP)

BLP's * security property

This security property states that a subject at a given security level may not write to any object at a lower security level (NO WRITE DOWN)

BLP's strong * security property

This security property states that a subject at a given security level may only write to objects with a matching security level

BLP's discretionary security property

This security property uses an access matrix to specify the discretionary access control

Biba Integrity Security Model

This security model describes a set of access control rules designed to ensure data integrity by grouping objects and subjects into ordered levels of integrity

Biba's simple integrity property

This security property states that a subject at a given level of integrity must not read data at a lower integrity level (NO READ DOWN)

Biba's * integrity property

This security property states that a subject at a given level of integrity must not write to data at a higher integrity level (NO WRITE-UP)

Biba's invocation property

This security property states that a process from below cannot request higher access, only with subjects at an equal or lower integrity level

Lipner's Security Model

This security model combines the elements of the BLP and Biba models to provide confidentiality and integrity to the system

Separation of duty

Requiring at least two different people to perform the steps if two or more steps are required to perform the duty

Separation of function

Isolating the assets of an organization from each other based on function

Auditing

Analyzing systems to determine what actions took place and who performed them

Clark-Wilson Integrity Security Model

This security model, based on the notion of a transaction, provides a foundation for specifying and analyzing an integrity policy for a computing system

(A well-formed transaction is a series of operations that transition a system from one consistent state to another consistent state)

Chinese Wall Security Model

This security model concentrates on confidentiality that helps prevent there from being conflicts of interest between different businesses and organizations

Operating System

The software that supports a computer's basic functions, such as scheduling tasks, executing applications, and controlling peripherals

MULTICS

A time-sharing operating system that allowed multiple Processes to use the same machine all at once

(This meant that no one could not make superficial assumptions about one Process not being able to access the memory or state of another)

UNIX

It's the modern successor to MULTICS and a multiuser, multitasking OS designed for flexibility and adaptability

Process Isolation

Making sure that two or more processes that are running on the same machine do not interfere with each other in any way, but still have ways of communicating with each other

Hash Value/Digest

A fixed-length code sequence outputted by a hash function

Hashing

A one-way process that maps variable-length data to a fixed-length hash

Hash Function

An algorithm that takes a piece of data as input and outputs a hash value

Weak-collision resistance property

Given an input X and a hashing function H(), it's very difficult to find another input Y on which H(X) == H(Y)

Hint: Hash functions have this resistance property

Strong-collision resistance property

Given a hashing function H() and two inputs X and Y, there exists an absolute minimum chance of H(X) == H(Y)

Hint: Hash functions have this resistance property

One-wayness property

Being able to compute hashes given the original data as input but not being able to restore it back to the original data by passing its hash value through the hashing function again

Hint: Hash functions have this security property

Collision

When different data inputs result in the same hash after being processed by a hashing function

Encryption

A way of translating data from plaintext (unencrypted) to ciphertext (encrypted)

Symmetric (Private Key) Encryption

A type of encryption where only one key (a secret key) is used to both encrypt and decrypt electronic data

Asymmetric (Public Key) Encryption

A process that uses a pair of related keys (one public key and one private key) to encrypt and decrypt a message and protect it from unauthorized access or use

Pseudonymity

The use of pseudonyms as IDs that link all interactions with each other

CIA Triad

A threat model used for finding vulnerabilities and methods for creating solutions

Confidentiality

Ensures that there's no unauthorized disclosure of data (enforced through encryption)

Integrity

Ensures that there's no unauthorized modification of data (enforced through hashes)

Availability

Ensures that there's no unauthorized withholding of data (enforced through redundancy)

Virtualization

A process that allows for more efficient utilization of physical computer hardware by using software to create an abstraction layer over computer hardware that allows the hardware elements of a single computer to be divided into multiple virtual computers

(This technology drives the cloud computing economics)

Abstraction Layer

A generalization of a conceptual model or algorithm, away from the specific implementation / A way of hiding the working details of a subsystem

Reference Monitor

A secure, always used and fully testable module that controls all access to data objects and devices by verifying the nature of the request against a table of allowable access types and security policies for each process in the system

Custom Reference Monitor

Used to make decisions that's adapted to our system's security policies and adopted access control model

Virtual Machine (VM)

A computer resource that uses software instead of a physical computer to run programs and deploy applications

Virtual Guest Machine (Guest VM)

A virtual machine that is installed, executed and hosted on the local physical machine

Physical Host Machine

Hypervisor/Virtual Machine Monitor (VMM)

A software that creates and runs VMs by allowing one host computer to support multiple guest VMs by virtually sharing its resources, such as memory and processing

Type 1 Hypervisor (Type 1 VMM)

In this type of hypervisor, VM resources are scheduled directly to the hardware by the hypervisor

(This type of hypervisor is on bare metal)

Type 2 Hypervisor (Type 2 VMM)

In this type of hypervisor, VM resources are scheduled against a host operating system, which is then executed against the hardware

(This type of hypervisor is hosted)

Security Design Principles

Principles that help make systems as free of Vulnerabilities and impervious to attacks and breaches

Principle of Open Design

A security design principle that states that your system shouldn't rely on the secrecy of your implementations, meaning that people should be able to comment on your code

Principle of Sweeping Simplification/Keep It Simple Stupid!

A security design principle that states that your system's designs and interactions should be easy and simple

Principle of Design for Iterations

A security design principle that states that you design your software to ensure you can change parts of it in the future, in case you need to

Principle of Least Astonishment

A security design principle that states that you create something that follows what the user would expect to happen in a given situation

Principle of Minimizing Secrets

A security design principle that states that you minimize the size, quantity and complexity of what is to be protected, and limit externally facing points of attack

Principle of Least Privilege

A security design principle that states that an entity should have exactly the permissions they need in order to fulfill their tasks

Principle of Complete Mediation

A security design principle that states that all access to objects should be checked to ensure that access is allowed

Principle of Least Common Mechanism

A security design principle that states that mechanisms used to access resources should not be shared

Principle of Fail-Safe Defaults

A security design principle that states that if some part of the system fails, it should default in a way that has the appropriate security guarantee for whatever it is you want to have happen, in order not to have your system compromised

(The idea is to "fail-close" in a way that does not compromise the system and its data rather than "fail-open", where the method of failing allows the attacker to achieve some objective)

Principle of Economy of Mechanisms

A security design principle that states that security mechanisms should be as simple as possible while still having the security properties that you need

Security Policy

A series of rules that must be followed in order to ensure the safety of an organization and its system

Inclusive Security Policies

These security policies specify a list of all the things that you're allowed to do and anything not mentioned is automatically disallowed

Exclusive Security Policies

These security policies specify a list of all the things that you're not allowed to do and anything not mentioned is automatically allowed

(This type of security policy requires you to update the policy more frequently since there's always a new technology that comes out)

Security Mechanism

Something that enforces a security policy, either in whole or part

Mechanisms based on prevention

This type of security mechanism ensures that an aspect of a security policy cannot be violated

Mechanisms based on detection

This type of security mechanism determines whether a security policy has been violated

Mechanisms based on recovery

This type of security mechanism ensures that you're able to revert back to a secure state after a security policy has been violated

Information Flow Control

Controlling the flow of data in order to ensure its confidentiality by monitoring the shared data

Data Labels

These labels indicate the permitted information flows and specified set of policies for each piece of data

Data Confidentiality Constraints

This type of data labelling specifies a set of policies, such as who may read a given piece of data

Label example: {Alice: Bob, Eve; Charlie: Bob, Eve}
• Alice and Charlie conjointly own a given set of data
• Bob and Eve are permitted to read it

Data Integrity Constraints

This type of data labelling specifies a set of policies, such as who may modify a given piece of data

Label Example: {Alice ? Bob}
• Alice owns the given set of data
• Bob is permitted to modify it

Password

A secret string of characters that allows access to a computer system or service

One-Time Password (OTP)

A password that is valid for only one login session or transaction, on a computer system or other digital device

Software OTP

An OTP generated by the company and sent to your mobile phone or PC

• An event-based OTP (The moving factor is triggered by an event)

Hardware OTP

An OTP generated by a security device/token

• A time-based OTP (The moving factor is time)

Password Salt

Adding a random value to a plaintext password before putting it through the hashing process

Kerberos

A protocol used to authenticate people on a network based on tickets

Digital Certificates

An electronic document used to prove the ownership of a Public key

Threat Model

This model helps you understand what can go wrong within a system and the potential vulnerabilities, threats, breaches and attacks

Threat Matrix

A threat modelling tool that allows us to model and subjectively categorize potential threats by applying a structured ranking process

Threat Tree

A threat modelling tool that can be used to calculate risk for any asset

Attack Tree

A threat modelling tool to visualize the security posture of a system and organize ideas about how attackers might attack

Access Control

A series of mechanisms to specify what users do, which resources they can access, and what operations they can perform on a system, as well as identifying users by verifying various login credentials

Access Control: Identification

An access control function method of establishing the subject's identity while being non-descriptive of their position or task

Access Control: Authentication

An access control function method of providing the claimed identity of an entity that has previously identified itself

Access Control: Authorization

An access control function process that determines what level of clearance and access the authenticated user has within the system and the data that they requested to log into or gain access

Access Control Mechanism

Takes as input security policies (What a subject is allowed to do and with what it may interact with) and attempted actions, and outputs an accept or reject response for that action

Access Control Form (ACF)

A method of access control used to request and change access responsibilities of entities within a system

Discretionary Access Control (DAC)

This method of access control is at the discretion of the owner of the resource

Mandatory Access Control (MAC)

This method of access control is based on a security labelling system, meaning users have security clearances and resources have security labels that contain data classifications

(This model is used in environments where information classification and confidentiality are very important)

Non-Discretionary Role-Based Access Control (RBAC)

This method of access control uses a centrally administered set of controls to determine how subjects and objects interact

(It is the best know access control form for an organization that has a high turnover)

Content Dependent Access Control (CDAC)

This method of access control makes decisions based on the type of content contained in an object

(Access control decisions are content-dependent)

Control Based Access Control (CBAC)

This method of access control makes decisions based on the context of a subject's request to an object

(This method of access control requires more information about the subject in order to make a decision, such as their identity, the object that they're requesting access to, etc.)

Access Control: Constrained User Interfaces (CUI)

A method of enforcing access control by constraining the user interface used to get access

(This can be done by not allowing certain types of access on the interface, or not including the ability to request certain types of access or objects)