Cybersecurity Fundamentals
Tranquility Principle
This principle states that the classification of a subject or object does not change while it is being referenced
Principle of strong tranquility
This principle states that security levels do not change during the normal operation of the system
Principle of weak tranquility
This principle states that security levels may never change in such a way as to violate a defined security policy
(It's also desirable as it allows systems to observe the principle of least privilege)
Digital Signatures
It lets the receiver know that the data was sent by a known sender (authentication) and that the message was not altered during transit (integrity)
Multi-Touch Verification System
A system that authenticates users by performing multi-touch gestures on a device's screen
Anonymity
The state of being not identifiable within a set of subjects
(The idea of hiding the aspects of metadata)
Anonymity Set
The group of people that you’re indistinguishable from
OWASP (Open Web Application Security Project)
An organization that collects information about how popular attacks are at a given time
Authentication
The act of proving one's identity to another entity
Two Factor Authentication (2FA)
An approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are
Security Model
A model that defines essential aspects of security and their relationship with the OS and its performance
Bell-LaPadula (BLP) Security Model
A security model that provides confidentiality to a system
BLP's simple security property
This security property states that a subject at a given security level may not read an object at a higher security level (NO READ UP)
BLP's * security property
This security property states that a subject at a given security level may not write to any object at a lower security level (NO WRITE DOWN)
BLP's strong * security property
This security property states that a subject at a given security level may only write to objects with a matching security level
BLP's discretionary security property
This security property uses an access matrix to specify the discretionary access control
Biba Integrity Security Model
This security model describes a set of access control rules designed to ensure data integrity by grouping objects and subjects into ordered levels of integrity
Biba's simple integrity property
This security property states that a subject at a given level of integrity must not read data at a lower integrity level (NO READ DOWN)
Biba's * integrity property
This security property states that a subject at a given level of integrity must not write to data at a higher integrity level (NO WRITE-UP)
Biba's invocation property
This security property states that a process from below cannot request higher access, only with subjects at an equal or lower integrity level
Lipner's Security Model
This security model combines the elements of the BLP and Biba models to provide confidentiality and integrity to the system
Separation of duty
Requiring at least two different people to perform the steps if two or more steps are required to perform the duty
Separation of function
Isolating the assets of an organization from each other based on function
Auditing
Analyzing systems to determine what actions took place and who performed them
Clark-Wilson Integrity Security Model
This security model, based on the notion of a transaction, provides a foundation for specifying and analyzing an integrity policy for a computing system
(A well-formed transaction is a series of operations that transition a system from one consistent state to another consistent state)
Chinese Wall Security Model
This security model concentrates on confidentiality that helps prevent there from being conflicts of interest between different businesses and organizations
Operating System
The software that supports a computer's basic functions, such as scheduling tasks, executing applications, and controlling peripherals
MULTICS
A time-sharing operating system that allowed multiple Processes to use the same machine all at once
(This meant that no one could not make superficial assumptions about one Process not being able to access the memory or state of another)
UNIX
It's the modern successor to MULTICS and a multiuser, multitasking OS designed for flexibility and adaptability
Process Isolation
Making sure that two or more processes that are running on the same machine do not interfere with each other in any way, but still have ways of communicating with each other
Hash Value/Digest
A fixed-length code sequence outputted by a hash function
Hashing
A one-way process that maps variable-length data to a fixed-length hash
Hash Function
An algorithm that takes a piece of data as input and outputs a hash value
Weak-collision resistance property
Given an input X and a hashing function H(), it's very difficult to find another input Y on which H(X) == H(Y)
Hint: Hash functions have this resistance property
Strong-collision resistance property
Given a hashing function H() and two inputs X and Y, there exists an absolute minimum chance of H(X) == H(Y)
Hint: Hash functions have this resistance property
One-wayness property
Being able to compute hashes given the original data as input but not being able to restore it back to the original data by passing its hash value through the hashing function again
Hint: Hash functions have this security property
Collision
When different data inputs result in the same hash after being processed by a hashing function
Encryption
A way of translating data from plaintext (unencrypted) to ciphertext (encrypted)
Symmetric (Private Key) Encryption
A type of encryption where only one key (a secret key) is used to both encrypt and decrypt electronic data
Asymmetric (Public Key) Encryption
A process that uses a pair of related keys (one public key and one private key) to encrypt and decrypt a message and protect it from unauthorized access or use
Pseudonymity
The use of pseudonyms as IDs that link all interactions with each other
CIA Triad
A threat model used for finding vulnerabilities and methods for creating solutions
Confidentiality
Ensures that there's no unauthorized disclosure of data (enforced through encryption)
Integrity
Ensures that there's no unauthorized modification of data (enforced through hashes)
Availability
Ensures that there's no unauthorized withholding of data (enforced through redundancy)
Virtualization
A process that allows for more efficient utilization of physical computer hardware by using software to create an abstraction layer over computer hardware that allows the hardware elements of a single computer to be divided into multiple virtual computers
(This technology drives the cloud computing economics)
Abstraction Layer
A generalization of a conceptual model or algorithm, away from the specific implementation / A way of hiding the working details of a subsystem
Reference Monitor
A secure, always used and fully testable module that controls all access to data objects and devices by verifying the nature of the request against a table of allowable access types and security policies for each process in the system
Custom Reference Monitor
Used to make decisions that's adapted to our system's security policies and adopted access control model
Virtual Machine (VM)
A computer resource that uses software instead of a physical computer to run programs and deploy applications
Virtual Guest Machine (Guest VM)
A virtual machine that is installed, executed and hosted on the local physical machine
Physical Host Machine
Hypervisor/Virtual Machine Monitor (VMM)
A software that creates and runs VMs by allowing one host computer to support multiple guest VMs by virtually sharing its resources, such as memory and processing
Type 1 Hypervisor (Type 1 VMM)
In this type of hypervisor, VM resources are scheduled directly to the hardware by the hypervisor
(This type of hypervisor is on bare metal)
Type 2 Hypervisor (Type 2 VMM)
In this type of hypervisor, VM resources are scheduled against a host operating system, which is then executed against the hardware
(This type of hypervisor is hosted)
Security Design Principles
Principles that help make systems as free of Vulnerabilities and impervious to attacks and breaches
Principle of Open Design
A security design principle that states that your system shouldn't rely on the secrecy of your implementations, meaning that people should be able to comment on your code
Principle of Sweeping Simplification/Keep It Simple Stupid!
A security design principle that states that your system's designs and interactions should be easy and simple
Principle of Design for Iterations
A security design principle that states that you design your software to ensure you can change parts of it in the future, in case you need to
Principle of Least Astonishment
A security design principle that states that you create something that follows what the user would expect to happen in a given situation
Principle of Minimizing Secrets
A security design principle that states that you minimize the size, quantity and complexity of what is to be protected, and limit externally facing points of attack
Principle of Least Privilege
A security design principle that states that an entity should have exactly the permissions they need in order to fulfill their tasks
Principle of Complete Mediation
A security design principle that states that all access to objects should be checked to ensure that access is allowed
Principle of Least Common Mechanism
A security design principle that states that mechanisms used to access resources should not be shared
Principle of Fail-Safe Defaults
A security design principle that states that if some part of the system fails, it should default in a way that has the appropriate security guarantee for whatever it is you want to have happen, in order not to have your system compromised
(The idea is to "fail-close" in a way that does not compromise the system and its data rather than "fail-open", where the method of failing allows the attacker to achieve some objective)
Principle of Economy of Mechanisms
A security design principle that states that security mechanisms should be as simple as possible while still having the security properties that you need
Security Policy
A series of rules that must be followed in order to ensure the safety of an organization and its system
Inclusive Security Policies
These security policies specify a list of all the things that you're allowed to do and anything not mentioned is automatically disallowed
Exclusive Security Policies
These security policies specify a list of all the things that you're not allowed to do and anything not mentioned is automatically allowed
(This type of security policy requires you to update the policy more frequently since there's always a new technology that comes out)
Security Mechanism
Something that enforces a security policy, either in whole or part
Mechanisms based on prevention
This type of security mechanism ensures that an aspect of a security policy cannot be violated
Mechanisms based on detection
This type of security mechanism determines whether a security policy has been violated
Mechanisms based on recovery
This type of security mechanism ensures that you're able to revert back to a secure state after a security policy has been violated
Information Flow Control
Controlling the flow of data in order to ensure its confidentiality by monitoring the shared data
Data Labels
These labels indicate the permitted information flows and specified set of policies for each piece of data
Data Confidentiality Constraints
This type of data labelling specifies a set of policies, such as who may read a given piece of data
Label example: {Alice: Bob, Eve; Charlie: Bob, Eve} • Alice and Charlie conjointly own a given set of data • Bob and Eve are permitted to read it
Data Integrity Constraints
This type of data labelling specifies a set of policies, such as who may modify a given piece of data
Label Example: {Alice ? Bob} • Alice owns the given set of data • Bob is permitted to modify it
Password
A secret string of characters that allows access to a computer system or service
One-Time Password (OTP)
A password that is valid for only one login session or transaction, on a computer system or other digital device
Software OTP
An OTP generated by the company and sent to your mobile phone or PC
• An event-based OTP (The moving factor is triggered by an event)
Hardware OTP
An OTP generated by a security device/token
• A time-based OTP (The moving factor is time)
Password Salt
Adding a random value to a plaintext password before putting it through the hashing process
Kerberos
A protocol used to authenticate people on a network based on tickets
Digital Certificates
An electronic document used to prove the ownership of a Public key
Threat Model
This model helps you understand what can go wrong within a system and the potential vulnerabilities, threats, breaches and attacks
Threat Matrix
A threat modelling tool that allows us to model and subjectively categorize potential threats by applying a structured ranking process
Threat Tree
A threat modelling tool that can be used to calculate risk for any asset
Attack Tree
A threat modelling tool to visualize the security posture of a system and organize ideas about how attackers might attack
Access Control
A series of mechanisms to specify what users do, which resources they can access, and what operations they can perform on a system, as well as identifying users by verifying various login credentials
Access Control: Identification
An access control function method of establishing the subject's identity while being non-descriptive of their position or task
Access Control: Authentication
An access control function method of providing the claimed identity of an entity that has previously identified itself
Access Control: Authorization
An access control function process that determines what level of clearance and access the authenticated user has within the system and the data that they requested to log into or gain access
Access Control Mechanism
Takes as input security policies (What a subject is allowed to do and with what it may interact with) and attempted actions, and outputs an accept or reject response for that action
Access Control Form (ACF)
A method of access control used to request and change access responsibilities of entities within a system
Discretionary Access Control (DAC)
This method of access control is at the discretion of the owner of the resource
Mandatory Access Control (MAC)
This method of access control is based on a security labelling system, meaning users have security clearances and resources have security labels that contain data classifications
(This model is used in environments where information classification and confidentiality are very important)
Non-Discretionary Role-Based Access Control (RBAC)
This method of access control uses a centrally administered set of controls to determine how subjects and objects interact
(It is the best know access control form for an organization that has a high turnover)
Content Dependent Access Control (CDAC)
This method of access control makes decisions based on the type of content contained in an object
(Access control decisions are content-dependent)
Control Based Access Control (CBAC)
This method of access control makes decisions based on the context of a subject's request to an object
(This method of access control requires more information about the subject in order to make a decision, such as their identity, the object that they're requesting access to, etc.)
Access Control: Constrained User Interfaces (CUI)
A method of enforcing access control by constraining the user interface used to get access
(This can be done by not allowing certain types of access on the interface, or not including the ability to request certain types of access or objects)