Beruflich Dokumente
Kultur Dokumente
S.S. Yau
What is a risk
Vulnerability
Threat (attacker)
Information System
At Risk
Concepts revisit
A threat is a potential occurrence that can have an
undesirable effect on the system assets or resources
A vulnerability is a weakness that makes a threat to possibly
occur
A risk is a possible future negative event that may affect the
successful operations of a system
A risk is not necessarily an ongoing problem, but it may become one
S.S. Yau
What is the threat and where does the threat come from?
S.S. Yau
Technology
Process
Network
People
CSE494/598, Fall 2005
Cost/Benefit Analysis
After identifying possible risks, a cost/benefit analysis
needs to be performed due to the following reasons:
Infeasible or sometimes impossible to implement a perfect
secure systems
Cost/benefit analysis helps identify risks which will most
likely happen, and will cause severe damages if happens
Some risks always there (residual risk), but highly unlikely
to become a problem; or even if they become problems,
they can easily be contained and solved. These risks are
treated as acceptable risks in a system.
Results of a cost/benefit analysis can help allocate limited
system resources to most needed areas
S.S. Yau
Risk Analysis
A process to systematically identify assets, threats, and
(potential) vulnerabilities in a system, and address three
fundamental questions:
What am I trying to protect?
What is threatening my system?
How much time, effort, and money am I willing to spend?
S.S. Yau
Cons:
Problems associated with unreliability and inaccuracy of data
Probability can rarely be precise and can, in some cases,
promote complacency
Very time consuming, costly to do correctly
S.S. Yau
Cons:
More subjective to person defining classes of
impacts and likelihood of compromise
Depends on history experience and expertise
S.S. Yau
Controls
Countermeasures for vulnerabilities
Deterrent controls reduce likelihood of a deliberate
attack
Preventative controls protect vulnerabilities and make
an attack unsuccessful or reduce its impact
Corrective controls reduce the effect of an attack
Detective controls discover attacks and trigger
preventative or corrective controls
Recovery controls restore lost computer resources or
capabilities to recover from security violations
S.S. Yau
10
Risk Management
Concerned with preventing risks from becoming problems
How you deal with risks identified in the risk analysis
Old philosophy: risk avoidance
Do whatever you can to avoid risks
S.S. Yau
11
Examples
Choices for risk
Risk acceptance
Deductibles on car
insurance
Risk reduction
Risk transfer
S.S. Yau
Car insurance
covering theft
CSE494/598, Fall 2005
Hacker break-in
risk
Minimal security
(e. g., you just delete
all the spam emails
after you get them)
Strong security
mechanisms (firewall,
encryption, etc.)
Rely on ISP to
provide security
guarantees
12
13
14
15
System
Characterization
Vulnerability
Identification
Results
Documentation
Control
Recommendation
Control Analysis
Likelihood
Determination
S.S. Yau
System
Monitoring
Impact Analysis
Risk
Determination
16
Homework #2
Case study
Given a supermarket like Walmart with 10 to 20 POS
adjuncts, where each register has one POS adjunct
installed for credit card authorization.
Generate a risk management report for this scenario
following the risk management process we introduce
during the lecture
Due Monday, October 10 before class, submitted
through myASU digital dropbox
S.S. Yau
17
18
CFAC
(5) Yes/No
Register
(6) Yes/No
POSA
(2) Display
Sale Info
(3) User CC
information
USER
S.S. Yau
19