A few notes on the basics of IT Security:
Introduction to Security
Security is concerned with preserving the value of resources.
The value of data is determined by its contribution to the goals of the one who owns that data. This is the same as the costs to the enterprise of loosing that data
The cost of security must be weighed risk of that data being compromised.
risk = (likelihood of data loss) x (cost of loss of data)
Security and Value
Security consists of:
- Identifying a resource that has value.
- Maintaining that resource.
- Preventing misuse of that resource.
The identification of value is a business decision.
Integrity of Data
Maintaining data integrity is the process of ensuring that data is in a state which is consistent with expectations, the domain modelled by the system (accuracy), other data and itself. Data integrity is primarily concerned with software measures and procedural measures.
Examples of measures:
- Data validation.
- Making sure that users know if changes to the data are permanent or temporary.
- Protecting data from concurrency issues.
- Atomic transactions.
Safety of Data
The main method for keeping data safe is reliable storage of that data. Reliability is enhanced by redundancy. A backup is a relatively cheap, easy way to ensure that data can be recovered to a specified state following loss or corruption of that data.
Backups can be full or incremental.
The rules of a worthwhile backup:
- Have a backup
- Be able to identify the backup
- Be able to restore the backup
- Keep the backup secure
Of course, a backup will not be used if users are unaware of data corruption or loss.
Safety of Systems
Disaster recovery is the restoration of a system (rather than just the data) following the system’s failure.
- A backup of data
- Duplicate hardware / software environment
- Defined and tested procedures for recreating the lost environment
Preventing Misuse of Data
Actions on data are initiated by an agent. Validity of an action is often determined by the identity of an agent. The identification of an agent is often termed authentication.
In order to verify the identity of the agent, the system can request that the information provide information about:
- Something the agent knows: e.g. a password.
- Something the agent has: e.g. an identity card.
- Something the agent is: biometrics.
Authorisation is the process of allowing / disallowing an authenticated agent (often a user) to perform a certain action.
The action may be as simple as allowing the agent to read the data:
- Privacy: ensuring that only authorised agents can read the data.
- Access: ensuring that all authorised agents can read the data.
An often overlooked mechanism that could be used to ensure only appropriate actions are taken on data is to enforce rules that require two or more trusted individuals to authorise action on a resource.
For example, a safe that can only be opened if both key-holders are present.
One possibility rarely implemented is to have an operator initiate a request for change that must be approved by a business manager who has has no ability to initiate the request herself.