Carter Codell – Class Notes

Docs: Lecture 1

Tue, 07 Jan 2020 09:53:42 -0500

Overview of Cybersecurity and Information Assurance

Some of the key issues in cybersecurity and information assurance are identify access management, real-time activity monitoring, auditing, and vulnerability management. Cybersecurity security should support the mission on the organization, have explicit responsibilies, require a comprehensive and integrated approach, be periodically reassessed, and be constrained by societal factors.

Common threats:

Errors and omissions
Fraud and theft
Employee sabotage
Loss of physical and infrastructure support
Malicious hackers
Industrial espionage
Malicious code
Foreign government espionage
Threats to personal privacy

Some controls for these threats:

Management	Operational	Technical
policies	personnel / user issues	identification and authentication
program management	preparing for contingencies and disaster	logical access control
risk management	incident reporting and handling	audit trails
life cycle planning	security awareness training	cryptography
assurance	security considerations in support and operations
	physical and environmental security

Management Controls

Policies - program policies, issue-specific and system-specific policies, cost considerations, interdependencies
Program Management - structure of a computer security program, system-level computer security programs, interdependencies, cost considerations
Risk Management - risk assessment, risk mitigation, uncertainty analysis, interdependcies, cost considerations
Life Cycle Planning - benefetis of integrating security in the system life cycle planning, overview of the information security life cycle, computer security act issues for Federal systems
Assurance - accreditation, planning, design and implementation, operational assurance

Operational Controls

Personnel / User Issues - staffing, user administration
Preparing for Contingencies and Disasters - Buiness Plan, BCP, DRP
Incident Reporting and Handling - benefits of an incident handling capability, technical support for incident handling, incident response plans and procedures
Security Awareness Training - behavior, accountability, awareness, training, education, implementation
Security Considerations: Support and Operations - user support, software support, configuration management, backups, media controls, documentation, maintenance
Physical and Environmental Security - physical access controls, fire safety factors, interception of data, mobile and portable systems, failure of supporting utilities, structural collapse, plumbing leaks

Technical Controls

Identification and Authenication - identification, authenication, passwords, dual factor
Logical Access Control - access criteria, access control policies
Audit Trails - benefits, audit trails and logs, audit trail reviews
Cryptography - basic cryptographic technologies, interdependencies

Docs: Risk Assessment Handbook - Chapter 1

Tue, 07 Jan 2020 09:39:28 -0500

Introduction

The Need for an Information Security Program

As more critical and personal information is stored, transmitted, and processed on information systems, more information security regulations are being developed and applied. Since 1995 there has been a surge of new legislation including the Gramm Leach Bliley Act (GLBA) and the Sarbanes-Oxley Act. All of these regulations call for the implementation of an adequate set of information security practices.

The U.S. Federal Government has decided to step in and police agencies and corporations in certain industries. To avoid fines and jail, affected agencies and corporations have to implement minimum security practices.

While these regulations have different requirements, one similarity is that each require the organization to perform an information security risk assessment.

Elements of an Information Security Program

There are a multitude of threats and safeguards, but the answer to threats is not to enact every countermeasure available. An organization should take a risk-based approach to determining the security controls that reduce their threat to a reasonable level. Reasonable is set by guidelines and regulations as well as how much risk an organization is will to accept. Controls can be identified as administrative, physical, and technical. An information security program is a set of controls and its objective is to protect organizational assets from security threats.

Common Core Information Security Practices

A high-level analysis of the core information security practices described above shows a considerable amount of overlap. This overlap defines “information security core practices”.

Unanimous Core Security Practices

Security Responsibility – Security responsibility should be assigned to an individual or entity with the proper authority, visibility, and expertise to perform the job adequately.
Risk Management – The organization's management needs to have an understanding of the risk to its assets and have an approach for addressing those risks.
Risk Assessment – An organization needs a periodic and objective analysis of the effectiveness of the current security controls that protect an organization's assets.
Network Security – An organization must ensure the confidentiality, integrity, and availability of information assets and resources while in transit, processing, or storage.
Security Awareness Training – An effective security awareness training program should be developed and administered to all those who will be given access to the organization's facilities or information systems.
Incident Management – The organization should have a process in place that identifies security incidents in progress or evidence of such incidents in the past. Incident management includes identification, investigation, and reporting.

Majority Core Security Practices

Information Security Policies – The basis of any information security program is the definition of security.
Access Control – Mechanisms must be in place to ensure that only authorized individuals will have access to sensitive information and resources.
Physical Security – Mechanisms must be in place to physically protect organizational equipment, locations, and employees.
BCP and DRP – Business continuity planning and disaster recovery planning ensures that the organization has identified its critical processes and assets, developed a plan for minimizing the loss in the event of a disaster, and periodically tests the plan.
Secure Development Life Cycle – The best way to ensure that an information system or information system component enforces its security policy is to design it securely from the start.
Accountability – The security-relevant actions of users must be recorded and reviewed by security personnel.
Secure Media Handling – Sensitive information stored on media must be handled appropriately to ensure that unauthorized users do not gain access to the data stored on the media.
Oversight of Third Parties – Many organizations allow other service organizations to access or process their sensitive information.

Security Risk Assessment

The security risk assessment measures the strength of the overall security program and provides the information necessary to make planned improvements based on information security risks.

The Role of the Security Risk Assessment

There are four stages of the security risk management process:

Security Risk Assessment – This is an objective analysis of the effectiveness of the current security controls that protect an organization's assets and a determination of the probability of losses to those assets.
Test and Review – Security testing is the examination of the security controls against the security requirements.
Risk Mitigations – Risks to an organziation's assets are reduced through the implementation of new security controls or the improvement of existing controls.
Operational Security – The implementation and operation of most security controls are performed by operational personnel.

Definition of a Security Risk Assessment

An objective analysis of the effectiveness of the current security controls that protect an organization's assets and a determination of the probability of losses to those assets.

The Need for a Security Risk Assessment

Checks and Balances
Periodic Review
Risk-Based Spending
Requirement

A security risk assessment can provide some additional, secondary benefits:

the transfer of knowledge from the security assessment team to the organziation's staff,
increased communications regarding security among buiness units,
increased security awareness within the organization, and
the results of the security risk assessment may be used as a measure of the security posture.

Gap Assessment - a review of what exists against an interpretation of what the regulation or guideline requires. Performed at the beginning of the organization's compliance pursuit with a standard or regulation.
Compliance Audit - an objective review of the organization's compliance with a security standard.
Security Audit - a verification that the security controls that have been specified are properly implemented.
Vulnerability Scanning - the testing of the external or internal interfaces of a system in order to identify obvious vulnerabilities.
Penetration Testing - a service provided by an objective team who attempt to penetrate the defenses of an organization in order to demonstrate the effectiveness of the current controls.
Ad Hoc Testing - a search for less obvois vulnerabilities.
Social Engineering - an assessment of the security training, policies, and procedures of the organization by attempting to gain unauthorized access through the human element.
Wardialing - attempting to gain access to information systems through unprotecting modems.

Docs: Information Security Risk Assessment Basics

Fri, 17 Jan 2020 09:11:12 -0500

Value of Assets

The value of assets can be classified as

High - Extremely grave injury accrues to organization if the information is compromised; could cause loss of life, imprisonment, major financial loss, or require legal action for correction.
Medium - Serious injury accrues to organization if the information is compromised; could cause significnt financial loss or require legal action for correction.
Low - Injury accrues to organization if the information is compromised; would cause only minor financial loss or require only administrative action for correction.

With this definition of value, Risk is defined as Value times Probability of Failure

Probability of Failure

There are 5 levels of control effectiveness (inverse of probability failure):

Control objective documented in a security policy (lowest)
Security control documented as procedures
Procedures have been implemented
Procedures and security controls are tested and reviewed
Procedures and security controls are fully integrated into a comprehensive program (strongest)

Docs: Project Definition

Mon, 13 Jan 2020 22:48:10 -0500

Creating a risk assessment project requires knowledge of the budget, objective, scope, and level of rigor of analysis expected.

Success cannot be achieved until the meaning of success is defined. For a risk assessment project, success is defined as achieving customer satisfaction, quality technical work, and project completion within budget.

Customer

The customer is primarily the project sponsor. The secondary customers include any other stakeholders in the process, including:

security officer or security team
business unit managers
compliance officer legal department
risk assessment method
risk assessment team
objective review
security professionals
technicians, operators, and administrators

Quality

The quality of work is very important, since most customers will view the success of the project based on the final report.

Quality Expected in Any Report:

grammatically correct
visually pleasing
addresses its intended audience

Quality Expected in Technical Reports:

technically accurate
describes approach
clearly presented conclusions

Quality Expected in Security Risk Assessment Reports:

clear and accurate indentification of risk
adequate and relevant evidence
clear and relevant recommendations
clear compliance results

Budget

The budget helps define the rigor of the risk assessment. A $250,000 risk assessment will need more rigor than a $50,000 risk assessment. Some factors include the organization size, geographic separation, complexity, and threat environment

Objective

The objective needs to be set at the beginning of the project. Example – “accurate analysis of the effectiveness of current security control that protect an organization's assets.

Limiting the Scope

The boundaries of a security risk assessment are determined by the sponsor of the security risk assessment. Identifying the security risk assessment boundaries is essential for the security risk assessment team to ensure that neither underscoping nor overscoping occurs.

Security Controls and Assets

Group controls by Management-Operational-Technical (MOT). Group assets by Tangible and Intangible.

Identifying System Boundaries

There are many ways to set the boundary for a risk assessment such as physical (workstations, firewalls) or logical (don't assess functions from another assessment).

Specifying the Rigor

The rigor should be based on the maturity of the security program. The risk assessment could last 1 week to 6 months.

Project Description

Set the scope, boundaries, and rigor. Have a statement of work that specifies the work to be performed, including threats, assets, controls, and tasks of the security risk assessment. The “service” can/should be described as

an objective analysis of the effectiveness of the current security controls that protect an organization's assets and a determination of the probability if losses to those assets. Such analysis shall consist of an identification of tangible and intangible assets under protection, an identification of the threats to and vulneravility likelihood, the impact of the threat to the identified assets, and recommendations for security controls to mitigate the risks.

Docs: Information Security Risk Assessment Basics

Mon, 13 Jan 2020 22:48:00 -0500

The risk assessment process:

Project Definition

Project scope

Budget
Objective
Assets
Controls
Boundaries

Project Preperation

Team preperation

Select team
Introduce team

Project preperation

Obtain permission
Review business mission
Identify crital applications
Map assets
Identify threats
Determine expected controls

Data Gathering

Administration

Policy reivew
Procedure review
Training review
Organization review
Interviews
Observation

Technical

Design review
Configuration review
Architectural review
Security testing

Physical

Policy review
Procedure review
Observation
Inspection

Risk Analysis

Determine risk

Asset valuation
Threat and vulnerability mapping
Calculate risk
Create risk statements
Obtain team consensus

Risk Mitigation

Safeguard selection

Safeguard cost
Safeguard effectiveness
Solution sets

Recommendations

Risk recommendation

Risk acceptance
Risk mitigation
Risk assignment

Documentation

Executive summary
Report
Appendices
Presentation

Phase 1: Project Definition is discussed more in Chapter 3. Phase 2: Project Preparation is discussed more in Chapter 4. Phase 3: Data Gathering is discussed more in Chapter 5.

Phase 4: Risk Analysis

The risk analysis phase involves a review of the data gathered and an analysis of the resulting risk to the organization. Several elements of the risk analysis phase are considered key concepts within security risk assessments: assets, threats, vulnerabilities, and security risk.

Assets are the information and resources that have value to an organization. Assets are to risk assessments because the enumeration of assets helps to scope the risk assessment and the valuation of assets helps to determine the countermeasures deployed.

Threat agents cause threats to happen. Threats help scope the vulnerabilities of the system being assessed. Threat agents could be nature, employees, malicious hackers, industrial spies, foreign government spies. Threats could be errors/omissions, fraud/theft, sabotage, loss of physical and infrastructure support, espionage, malicious code, disclosure.

A vulnerability is a flaw or oversight in an existing control that may allow a threat agent to exploit it. Vulnerabilities are important elements of a securit risk assesment because they are instrumental in determining existing and residual risk.

Security risk is the loss potential to an organization's assets that will likely occur if a threat is able to exploit a vulnerability. Security risk can be either quantitative or qualitative. Quantitative means the risk calculation relies on specific formulas. This means the calculation is objective and is terms of dollars, but the calculations are complex and accurate values are difficult to obtain. Qualitativee means the risk calculation relies on subjective measuring. This may be easy to understand, but may not be trusted by some in management.

Phase 5: Risk Mitigation

The risk mitigation phase depends on safeguard selection and residual risk.

A safeguard is a technique, activity, or technology employed to reduce the risk to the organization;s assets. A safeguard may prevent, detect, or minimize the potential loss to an organization's assets. Safeguards are classified as preventative (deter attacks from happening), detective (indicate that an attack has happened), or corrective (correct the damaage caused by an attack).

Residual security risk is the risk that remains after implementation of recommended safeguards. This risk is defined as static (the risk always exists) or dynamic (the risk may be reduced through the controls).

Phase 6: Risk Reporting and Resolution

The final report should provide clear information for executive, management, and technical personnel.

Risk resolution is the decision by senior management of how to resolve the risk resented to them.

Risk reduction - the reduction of risk to an acceptable level through the adoption of additional controls of the improvement of existing controls.
Risk acceptance - the deliberate decision by senior management to accept an identified risk based on business objectives
Risk transference - the contractual transfer of risk to another organization through outsourcing or insurance.

Docs: Ethics in the Technical Workplace

Sat, 11 Jan 2020 13:38:45 -0500

Values come from personal ethics (family, culture, faith), social ethics (constitutional, legal, utilitarian, caring sources), and conservation ethics (protect and preserve the ecosystem in which we live).

The Golden Rule is an example of personal ethics. For social ethics, here is an ordering for making ethical decisions: issues involving rights > laws > utility > care. Conservation ethics are about sustainability and the health of humans and their community.

Resolving Ethical Dilemmas

Personal - How does my upbringing in a family, culture, and faith guide my decision? How can I do unto others as I would have them do unto me?
Social - What rights or laws are involved in my decision? What is the best for the majority? How can I demonstrate caring by being tolerant and compassionate?
Conservation - How will my decision affect the ecosystem? Will my choice be ecologically sustainable in the long term?

When you Disagree with the Company

Persuasion through cost and benefits, seak legal advice, mediation, memos to file, and whistleblowing.

Docs: The Technical Writing Process Today

Sat, 11 Jan 2020 12:37:00 -0500

There are some stages of technical writing: planning and researching; organizing and drafting; improving the style; designing; revising and editing;

Stage 1: Planning and Researching

Defining the rhetorical situation - identify the document's subject, purpose, readers, and context of use.
Defining the purpose - spend extra time sharpening the purpose into a one-sentence statement that will guide your research and drafting of the document.
Researching your subject - use electronic, print, and empirical sources, collect information on your subject.

Ask yourself the five-W questions in the scope of your document. Is the document going to be informational or persuasive? Finish the sentence: “The purpose of my document is …”

Stage 2: Organizing and Drafting

Organizing the content - using common genres to shape your ideas into documents that will be familiar to the readers.
Drafting the content - generating and composing the content of your document by including facts, data, reasoning, and examples.

A genre is a common pattern for a document that readers will find familiar. Example: reports usually have methodology, results, discussion, and recommendations.

Some techniques for drafting include: freewriting, logical mapping, and outlining.

Stage 3: Improving the Style

Plain style - This style stresses clarity and accuracy. By simply paying attention to where words appear in a sentence and in paragraphy, you can make your ideas clearer and easier to understand.
Persuasive style - Using persiasion strategies, you can motivate readers by appealing to their values and emotions. You can use similes, analogies, metaphors, and tone and pace to add visual quality, change your readers’ perspective, and add energy to your work.

Stage 4: Designing

Make the important ideas stand out.

Stage 5: Revising and Editing

Revising - During revising, you are tring to “re-vision” the document to see if it meets your original goals.
Substantive editing - The content of your document should be complete and organized in a way that is familiar to your readers.
Copyediting - Copyediting makes the document easier to read and more persuasive.
Proofreading - In the technical workplace, quality is taken very seriously.

Docs: Communicating in the Workplace

Sat, 11 Jan 2020 12:20:15 -0500

What is Technical Communication

Technical communication is hard to define but it has many qualities:

interactive and adaptable
reader oriented (easy to read)
produced collaboratively
visual
bound ethically and politically
international and cross-cultural

Technical communication puts much more emphasis on managing information and taking action than do most other forms of writing. It is important to think about communication in the shoes of the other person. What would they want to read/hear/see and how would they want it?

Computers, the Internet, and instant forms of communicatino have had an enormous impact on communication in the technical workplace. Technical communication is defined as a process of managing technical information in ways that allow people to take action. It is a blend of action, words, and images. Readers expect technical documents to use writing, visuals, and design to commnuicate effectively.

Docs: Introduction

Tue, 07 Jan 2020 13:37:00 -0500

Modules

Attacks against the networking stack
Security of core Internet services
TLS and the global PKI
Privacy and anonymity
Web security
Malware and malware detection

Concepts

Confidentiality - Data must only be released to authorized principals. Temploral aspect, relation to difficulty or work factor.
Integrity - Data must not be modified (in an undetectable manner)
Availability - Data and resources must be accessible when required.
Authenticity - Data must be bound to identity. Authentication enables the ability to make trust decisions.
Non-repudiation - Non-repudiation prevents denial of authorship of a message. Not always a desirable property.

Access Control

Access control frameworks allow one to specify security policies that describe who can interact with what. Requires authentication as a building block for authorization.

Principals: Participants in a system Subjects: Entities that operate on behalf of principals Objects: Resources acted upon by subjects

Authentication

Verification of a claim of identity made by a subject on behalf of a principal. Involves credentials: something you know; something you have; something you are.
Desirable properties: unforgeable, unguessable, revocable.
Discretionary access control (DAC): users control what access is given
Manatory access control (MAC): a central authority sets the access
Role-based access control (RBAC): users are assigned roles and access is given on role

Access Control Matrices are very verbose way of describing access control

There are some models including abstract and contrete: access control lists (ACLs), Bell-LaPadula (no read up, no write down), Biba (no write up, no read down)

Covert channels can be used to leak information in collusion wiht an authorized user.

Side channels allow inadvertent information leakage (timing, power, RF emissions, sound)

Non-interference: Any sequence of low inputs will produce the same low ouputs, regardless of any high inputs.

Information Flow

Information flow control (IFC) makes it theoretically possible to verify non-interference.

Docs: Unconditional Security

Tue, 07 Jan 2020 11:40:48 -0500

I still need to figure out how to set up MathJax, so the math on this page is ugly (\LaTeX).

The Encrpytion Problem

Alice wants to send a message to Bob over a communication channel. Alice wants to encrypt her plaintext message (m) to generate ciphertext (c). To encryption, Alice will provide the encryption scheme her plaintext message and her key. Bob will take the ciphertext (c) and decrypt it with his key to produce the original message (m).

Eve is an eavesdropper and can observe messages sent over the communication channel. Eve does not know the key and should not be able to learn (m).

Kerckhoff's Principle

A cryptographic system should be designed to be secure, even if all its details, except for the key, are publicly known.

Not following this principle is called “security by obscurity”.

Motivation

It is unrealistic to assume that the design details remain secret.
Pairwise-shared keys are easier to protect, generate, and replace.
The design details can be discussed and analyzed in public.
What would it even mean formally if the specification is unknown?

A Mathematical View of the Encryption Problem

Definitions

(K) is the key space.
(M) is the plaintext space.
(C) is the ciphertext space.
An encryption scheme is a pair (Enc,Dec), where
- Enc : (K \times M \to C) is an encryption algorithm
- Dec : (K \times M \to C) is an decryption algorithm
Correctness - for every (k), (m), Dec((k), Enc((k), (m))) = (m)

Some Bad Ciphers

Shift Cipher

(M) is the set of words in the alphabet and (K) is the set of numbers mod the length of the alphabet. To encrypt the key would be added to each character in the message mod the length of the alphabet. To decrypt the key would be subtracted from each character in the message mod the length of the alphabet.

In the Caesar Cipher, (k = 3).

Security of the Shift Cipher

The keyspace is very small, just try all the possible keys.

Substitution Cipher

(M) is the set of words in the alphabet and (K) is a set of permutations of numbers mod the length of the alphabet. To encrypt, just apply the permutation. To decrpyt, just apply the inverse of the permutation.

Security of the Substitution Cipher

Use statistical patterns (e.g. frequency tables) to make informed guesses about parts of the permutation.

Other Bad Ciphers

Vigenere cipher
Enigma

Perfectly Secure Encryption: Constructions and Limitations

The definition of security is not trivial. The key (k) must be chosen uniformly at random. The adversary, Eve, will know the ciphertext (c).

Eve should not learn (k).
Eve should not learn any information about (m) (i.e. Eve knowing the ciphertext should not change the probability distribution of the plaintext).

Probability Theory

The Probability Space contains a universe (U) and probability functions (\forall u \in U), assign (0 \leq Pr[u] \leq 1) such that (\sum_{u \in U} Pr[u] = 1). For Random Variables, (Pr[X = x] = \sum_{u: X(u)=x} Pr[u]).

Two random variables are independent if for all (x,y), (Pr[X=x, Y=y] = Pr[X=x] * Pr[Y=y])

Conditional probability is defined as (Pr[X=x | Y=y] \frac{Pr[X=x, Y=y]}{Pr[Y=y]})

Events: An event is a subset of the universe. We define (Pr[E] = \sum_{{e \in E}}Pr[u]). Alternatively, we can think of events as binary random variables: either the event happens or it doesn't.

Any two events (E_1 , E_2) are Union Bound if (Pr[E_1 \cup E_2] = Pr[E_1] + Pr[E_2] - Pr[E_1 \cap E_2] \leq Pr[E_1] + Pr[E_2])

Back to Crypto

Perfect Secrecy

An encryption scheme is perfectly secret if for every (m \in M) and (c \in C), then (Pr[ M=m ] = Pr[ M=m | C=c])

This means that Eve does not learn anything about plaintext when given the ciphertext.

Another way to state perfect secrecy is (Pr[ Enc(K, m) = c] = Pr[ Enc(K, m’) = c]). Or a third way: the plaintext and the ciphertext are independent.

(|K| \le |M|) means that exhaustive search over keys will reveal something about the plaintext. The opposite of this statement must be true to have perfect secrecy.

Abstract Algebra

A group ((G, +)) consists of a set (G) and one operation (+ : G \times G \to G). Groups are abstract ways to lump things together (e.g., the integers can be grouped over the addition operator). Some properties of groups are associative, commutative, identity, and inverses.

(Z_{n} = {0, \dots, n-1}) and (Z^{t}_{n}) is the set of vectors of length (t).

When Encryption is Not Enough

For man-in-the-middle attacks, encryption is not enough. The attacker can modify the ciphertext before passing it along to Bob.

Message Authentication Code (MAC)

Message space (M), key space (K), tag space (T). MAC (K \cross M \to T).

Alice computes the tag and send the message and tag to Bob. Bob receives these and verifies the integrity of the message. Eve “wins” if her edited message and her key produce the same tag as Alice's message and key.

(\epsilon)-security: (Pr[\text{Eve wins}] \leq \epsilon)

Fields

A field consists of a set and two operations usually addition and multiplication. There are infinite fields (rational, reals, complex; not the integers) and finite fields ((Z_{p}) where (p) is a prime number).

MAC Construction

Let (p) be a prime number. The message and tag spaces are (Z_{p}) The key space is (Z_p \times \Z_p)

Define (MAC(k,m) = x \dot m + y | k=(x,y)).

Construction is not very practical: the key must be twice as big as the message and it can only be used one to authenticate a single message.

Better MAC Construction

[ K = Z_p \times Z_p \
M = Z_{p}^{d} for any d \gre 1 \
T = Z_p \
\
For k=(x,y) and m = (m_1 \cdots m_d)\
MAC(k,m) = \sum_{i=1}^{d} m_{i}x^{i} + y ]

Construction is still not very practical since the key can only be used one to authenticate a single message.

Encrypt then Authenticate

The MAC is sent as cleartext, so you don't want to give any info about plaintext when sending the tag.

Message space (M), share space (S). Number of parties (n)

[ Share : M \to S^n \text{randomized algorithm}\
Rec : S^n \to M ]

Correctness should hold : (Pr[Rec(Share(m)) = m] = 1) The secret sharing algorithm should have perfect secrecy.

Construction

Message space (M = Z_p) and Share space (S = Z_p) with (n) parties.

(Share(m)): choose (s_1, …, s_{n-1}) uniformly at random. Set (s_n = m - (s_1 + … + s_{n-1})

(Rec(s_1, …, s_n) = s_1 + … + s_n)

This scheme has perfect secrecy (see powerpoint for proof).

Still have (n) parties with one share per party, but now also threshold (t). Any (t+1) can recover the message. Any (t) don't learn anything about the message.

Construction (Shamir Secret Sharing):

Number of parties (n) and threshold (t < n).
Message space (M = Z_p) and Share space (S = Z_p) with (n) parties.

(Share(m)):

Choose (t) random coefficients (c_1, …, c_t) and set (c_0 = m).
Define polynomial (p(x) = \sum^t_{j=0} c_jx^j
Output (s_i = p(i))

\Recover( { (i, s_i) } )) through a Lagrange Interpolation (see powerpoint).

The threshold secret sharing scheme using Shamir Secret Sharing has perfect secrecy.

Multiparty Computation

Each of (n) parties holds a private input (x_i). They wish to jointly compute some function (f(x_1, …, x_n)). They don't want to reveal their inputs to each other. They can communicate via private point-to-point channels. We want to have correctness (all parties get the correct output at the end of the protocol) and perfect secrecy (no parties can figure out what another party's private input is).

Each party (i) sees their own inputs (x_i), the randomness of parties (i \in S), and all protocol message received by party (i). We want the “view” (what each party sees) to depend on their input and the final output (to have perfect secrecy).

Multiparty Computation for Addition

Each party (i) secret-shares its input (x_i) using additive secret sharing to get shres (x_{i,j}) such that (\sum^n_{j=1} x_{i,j} = x_i) Send (x_{i,j) to party (j).

Each party (j) sums up all the shares it has and broadcasts it to the group Let the sum be (y_j).

Then everyone sums the broadcasted sums.

Docs: Risk Management Tools

Tue, 07 Jan 2020 09:38:56 -0500

Strong Security Needs the Right Tools

Inventorying is keeping track of what devices, services, applications, and other assests exist.
Risk Tracking is tracking risks and mitigrations, visualizing risks by severity, and creating reports.
Threat Analysis is assessing the risks to your organization that might arise as a result of threats.
Vulnerability Information is details on what technical vulnerabilities exist and scanning for them.
Monitoring is monitoring the environment for events and incidents.

Docs: Promoting Private Sector Cybersecurity Information Sharing

Tue, 07 Jan 2020 09:38:39 -0500

Organizations must be able to share information related to cybersecurity risks and incidents and collaborate. Sharing must be conducted in a manner that protects the privacy and civil rights of individuals and perserves business confidentiality.

The Department of Homeland Security shall encourage the formation of Information Sharing and Analysis Organizations (ISAOs). ISAOs may be organzied on the basis of sector, sub-sector, region, in response to specific threats or vulnerabilities, etc. Membership to ISAOs may be drawn from public or private sector.

ISAO Standards Organization

The Department of Homeland Security will pick a Standards Organization to identify guidelines for the creating and functioning of ISAOs.

Critical Infrastructure Protection Program

The National Cybersecurity and Communications Integration Center is a critical infrastructure protection program and can entering into voluntary agreements with ISAOs.

Privacy and Civil Liberties Protections

Agencies will ensure that appropriate protections for privacy and civil liberties are incorporated into information sharing.

Docs: Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Tue, 07 Jan 2020 09:38:17 -0500

This executive order outlines how the executive branch is like an enterprise which houses citizens’ data. Risk management should work in the executive branch as it does in an organization. Plans with be submitted to the President outlining action items, budget conerns, and recommendations.

Effective risk management requires planning so that maintenance, improvements, and modernization occur in a coordinated way with appropriate regularity.

Docs: National Cyber Strategy of the USA

Tue, 07 Jan 2020 09:37:44 -0500

The National Cyber Strategy outlines how the U.S. will

defend the homeland by protecting networks, systems, functions, and data
promote American prosperity by nurturing a secure, thriving digital economy and fostering strong domestic innovation
preserve peace and security by stengthening the United States’ ability to deter and punish those who use cyber tools for malicious purposes
expand American influence aborad to extend the key tenets of an open, interoperable, reliable, and secure Internet.

Protect the American People, the Homeland, and the American Way of Life

Objective: Mange cybersecurity risks to increase the security and resilience of the Nation's information and information systems.

Actions:

Further centralize management and oversight of Federal civilian cybersecurity
Align risk management and information technology Activities
Improve Federal supply chain risk mangement
Strengthen Federal contractor cybersecurity
Ensure the Government leads in best and innovative practices
Refine roles and responsibilities
Prioritize actions according to identified national risks
Leverage information and communications technology providers as cybersecurity enablers
Protect our democracy
Incentivize cybersecurity investments
Prioritize national research and development investments
Improve transportation and maritime cybersecurity
Improve space cybersecurity
Improve incident reporting and response
Modernize electronic surveillance and computer crime laws
Reduce threats from transnational criminal organizations in cyberspace
Improve apprehension of criminals located abroad
Strengthen partner nations’ law enforcement capacity to combat criminal cyber activity

Promote American Prosperity

Objective: Preserve U.S. influence in the technological ecosystem and the development of cyberspace as an open engine of economic growth, innovation, and efficiency.

Actions:

Incentivize an adaptable and secure technology marketplace
Prioritize innovation
Invest in next generation infrastructure
Promote the free flow of data across borders
Maintain U.S. leadership in emerging technologies
Promote full-lifecycle cybersecurity
Updata Mechanisms to review foreign investment and operation in the U.S.
Maintain a strong and balanced intellectual property protection system
Protect the confidentiality and integrity of American ideas
Build and sustain the talent pipline
Expand re-skilling and educational opportunities for America's workers
Enhance the Federal cybersecurity workforce
Use executive authority to highlight and reward talent

Preserve Peace through Strength

Objective: Identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destabilizing and contrary to national interests, while preserving U.S. overmatch in and through cyberspace.

Actions:

Encourage universal adherence to cyber norms
Lead with objective, collaborative intelligence
Impose consequences
Build a cyber deterrence initiative
Counter malign cyber influence and information operations

Advance American Influence

Objective: Preserve the long-term openness, interoperability, security, and reliability of the Internet which supports and is reinforced by U.S. interests.

Actions:

Protect and promote Internet freedom
Work with like-minded countries, industry, academia, and civil society
Promote a multi-stakeholder model of Internet governance
Promote interoperable and reliable communications infrastructure and Internet connectivity
Promote and maintain markets for U.S. ingenuity worldwide
Enhance cyber capacity building efforts

Docs: Example Page

Thu, 05 Jan 2017 00:00:00 +0000

This is a placeholder page. Replace it with your own content.

Text can be bold, italic, or ~~strikethrough~~. Links should be blue with no underlines (unless hovered over).

There should be whitespace between paragraphs. Vape migas chillwave sriracha poutine try-hard distillery. Tattooed shabby chic small batch, pabst art party heirloom letterpress air plant pop-up. Sustainable chia skateboard art party banjo cardigan normcore affogato vexillologist quinoa meggings man bun master cleanse shoreditch readymade. Yuccie prism four dollar toast tbh cardigan iPhone, tumblr listicle live-edge VHS. Pug lyft normcore hot chicken biodiesel, actually keffiyeh thundercats photo booth pour-over twee fam food truck microdosing banh mi. Vice activated charcoal raclette unicorn live-edge post-ironic. Heirloom vexillologist coloring book, beard deep v letterpress echo park humblebrag tilde.

90's four loko seitan photo booth gochujang freegan tumeric listicle fam ugh humblebrag. Bespoke leggings gastropub, biodiesel brunch pug fashion axe meh swag art party neutra deep v chia. Enamel pin fanny pack knausgaard tofu, artisan cronut hammock meditation occupy master cleanse chartreuse lumbersexual. Kombucha kogi viral truffaut synth distillery single-origin coffee ugh slow-carb marfa selfies. Pitchfork schlitz semiotics fanny pack, ugh artisan vegan vaporware hexagon. Polaroid fixie post-ironic venmo wolf ramps kale chips.

There should be no margin above this first sentence.

Blockquotes should be a lighter gray with a border along the left side in the secondary color.

There should be no margin below this final sentence.

First Header 2

This is a normal paragraph following a header. Knausgaard kale chips snackwave microdosing cronut copper mug swag synth bitters letterpress glossier craft beer. Mumblecore bushwick authentic gochujang vegan chambray meditation jean shorts irony. Viral farm-to-table kale chips, pork belly palo santo distillery activated charcoal aesthetic jianbing air plant woke lomo VHS organic. Tattooed locavore succulents heirloom, small batch sriracha echo park DIY af. Shaman you probably haven't heard of them copper mug, crucifix green juice vape single-origin coffee brunch actually. Mustache etsy vexillologist raclette authentic fam. Tousled beard humblebrag asymmetrical. I love turkey, I love my job, I love my friends, I love Chardonnay!

Deae legum paulatimque terra, non vos mutata tacet: dic. Vocant docuique me plumas fila quin afuerunt copia haec o neque.

On big screens, paragraphs and headings should not take up the full container width, but we want tables, code blocks and similar to take the full width.

Scenester tumeric pickled, authentic crucifix post-ironic fam freegan VHS pork belly 8-bit yuccie PBR&B. I love this life we live in.

Second Header 2

This is a blockquote following a header. Bacon ipsum dolor sit amet t-bone doner shank drumstick, pork belly porchetta chuck sausage brisket ham hock rump pig. Chuck kielbasa leberkas, pork bresaola ham hock filet mignon cow shoulder short ribs biltong.

Header 3

This is a code block following a header.

Next level leggings before they sold out, PBR&B church-key shaman echo park. Kale chips occupy godard whatever pop-up freegan pork belly selfies. Gastropub Belinda subway tile woke post-ironic seitan. Shabby chic man bun semiotics vape, chia messenger bag plaid cardigan.

Header 4

This is an unordered list following a header.
This is an unordered list following a header.
This is an unordered list following a header.

Header 5

This is an ordered list following a header.
This is an ordered list following a header.
This is an ordered list following a header.

Header 6

What	Follows
A table	A header
A table	A header
A table	A header

There's a horizontal rule above and below this.

Here is an unordered list:

Liverpool F.C.
Chelsea F.C.
Manchester United F.C.

And an ordered list:

Michael Brecker
Seamus Blake
Branford Marsalis

And an unordered task list:

Create a Hugo theme
Add task lists to it
Take a vacation

And a “mixed” task list:

Pack bags
?
Travel!

And a nested list:

Jackson 5
- Michael
- Tito
- Jackie
- Marlon
- Jermaine
TMNT
- Leonardo
- Michelangelo
- Donatello
- Raphael

Definition lists can be used with Markdown syntax. Definition headers are bold.

Name: Godzilla
Born: 1952
Birthplace: Japan
Color: Green

Tables should have bold headings and alternating shaded rows.

Artist	Album	Year
Michael Jackson	Thriller	1982
Prince	Purple Rain	1984
Beastie Boys	License to Ill	1986

If a table is too wide, it should scroll horizontally.

Artist	Album	Year	Label	Awards	Songs
Michael Jackson	Thriller	1982	Epic Records	Grammy Award for Album of the Year, American Music Award for Favorite Pop/Rock Album, American Music Award for Favorite Soul/R&B Album, Brit Award for Best Selling Album, Grammy Award for Best Engineered Album, Non-Classical	Wanna Be Startin’ Somethin’, Baby Be Mine, The Girl Is Mine, Thriller, Beat It, Billie Jean, Human Nature, P.Y.T. (Pretty Young Thing), The Lady in My Life
Prince	Purple Rain	1984	Warner Brothers Records	Grammy Award for Best Score Soundtrack for Visual Media, American Music Award for Favorite Pop/Rock Album, American Music Award for Favorite Soul/R&B Album, Brit Award for Best Soundtrack/Cast Recording, Grammy Award for Best Rock Performance by a Duo or Group with Vocal	Let's Go Crazy, Take Me With U, The Beautiful Ones, Computer Blue, Darling Nikki, When Doves Cry, I Would Die 4 U, Baby I'm a Star, Purple Rain
Beastie Boys	License to Ill	1986	Mercury Records	noawardsbutthistablecelliswide	Rhymin & Stealin, The New Style, She's Crafty, Posse in Effect, Slow Ride, Girls, (You Gotta) Fight for Your Right, No Sleep Till Brooklyn, Paul Revere, Hold It Now, Hit It, Brass Monkey, Slow and Low, Time to Get Ill

Code snippets like var foo = "bar"; can be shown inline.

Also, this should vertically align ~~with this~~ ~~and this~~.

Code can also be shown in a block element.

foo := "bar";
bar := "foo";

Code can also use syntax highlighting.

func main() {
  input := `var foo = "bar";`

  lexer := lexers.Get("javascript")
  iterator, _ := lexer.Tokenise(nil, input)
  style := styles.Get("github")
  formatter := html.New(html.WithLineNumbers())

  var buff bytes.Buffer
  formatter.Format(&buff, style, iterator)

  fmt.Println(buff.String())
}

Long, single-line code blocks should not wrap. They should horizontally scroll if they are too long. This line should be long enough to demonstrate this.

Inline code inside table cells should still be distinguishable.

Language	Code
Javascript	`var foo = "bar";`
Ruby	`foo = "bar"{`

Small images should be shown at their actual size.

Large images should always scale down and fit in the content container.

The photo above of the Spruce Picea abies shoot with foliage buds: Bjørn Erik Pedersen, CC-BY-SA.

Components

Alerts

This is an alert.

Note

This is an alert with a title.

Note

This is an alert with a title and Markdown.

This is a successful alert.

This is a warning.

Warning

This is a warning with a title.

Another Heading

Add some sections here to see how the ToC looks like. Bacon ipsum dolor sit amet t-bone doner shank drumstick, pork belly porchetta chuck sausage brisket ham hock rump pig. Chuck kielbasa leberkas, pork bresaola ham hock filet mignon cow shoulder short ribs biltong.

This Document

Inguina genus: Anaphen post: lingua violente voce suae meus aetate diversi. Orbis unam nec flammaeque status deam Silenum erat et a ferrea. Excitus rigidum ait: vestro et Herculis convicia: nitidae deseruit coniuge Proteaque adiciam eripitur? Sitim noceat signa probat quidem. Sua longis fugatis quidem genae.

Pixel Count

Tilde photo booth wayfarers cliche lomo intelligentsia man braid kombucha vaporware farm-to-table mixtape portland. PBR&B pickled cornhole ugh try-hard ethical subway tile. Fixie paleo intelligentsia pabst. Ennui waistcoat vinyl gochujang. Poutine salvia authentic affogato, chambray lumbersexual shabby chic.

Contact Info

Plaid hell of cred microdosing, succulents tilde pour-over. Offal shabby chic 3 wolf moon blue bottle raw denim normcore poutine pork belly.

External Links

Stumptown PBR&B keytar plaid street art, forage XOXO pitchfork selvage affogato green juice listicle pickled everyday carry hashtag. Organic sustainable letterpress sartorial scenester intelligentsia swag bushwick. Put a bird on it stumptown neutra locavore. IPhone typewriter messenger bag narwhal. Ennui cold-pressed seitan flannel keytar, single-origin coffee adaptogen occupy yuccie williamsburg chillwave shoreditch forage waistcoat.

This is the final element on the page and there should be no margin below this.

Carter Codell – Class Notes

Docs: Lecture 1

Overview of Cybersecurity and Information Assurance

Management Controls

Operational Controls

Technical Controls

Docs: Risk Assessment Handbook - Chapter 1

Introduction

The Need for an Information Security Program

Elements of an Information Security Program

Common Core Information Security Practices

Unanimous Core Security Practices

Majority Core Security Practices

Security Risk Assessment

The Role of the Security Risk Assessment

Definition of a Security Risk Assessment

The Need for a Security Risk Assessment

Related Activities

Docs: Information Security Risk Assessment Basics

Value of Assets

Probability of Failure

Docs: Project Definition

Customer

Quality

Budget

Objective

Limiting the Scope

Security Controls and Assets

Identifying System Boundaries

Specifying the Rigor

Project Description

Docs: Information Security Risk Assessment Basics

Phase 4: Risk Analysis

Phase 5: Risk Mitigation

Phase 6: Risk Reporting and Resolution

Docs: Ethics in the Technical Workplace

Resolving Ethical Dilemmas

When you Disagree with the Company

Docs: The Technical Writing Process Today

Stage 1: Planning and Researching

Stage 2: Organizing and Drafting

Stage 3: Improving the Style

Stage 4: Designing

Stage 5: Revising and Editing

Docs: Communicating in the Workplace

What is Technical Communication

Docs: Introduction

Modules

Concepts

Access Control

Authentication

Information Flow

Docs: Unconditional Security

The Encrpytion Problem

Kerckhoff's Principle

Kerckhoff's Principle

Motivation

A Mathematical View of the Encryption Problem

Definitions

Some Bad Ciphers

Shift Cipher

Security of the Shift Cipher

Substitution Cipher

Security of the Substitution Cipher

Other Bad Ciphers

Perfectly Secure Encryption: Constructions and Limitations

Probability Theory

Back to Crypto

Perfect Secrecy

Abstract Algebra

When Encryption is Not Enough

Message Authentication Code (MAC)

Fields

MAC Construction

Better MAC Construction

Encrypt then Authenticate

Secret Sharing

Construction

Threshold Secret Sharing

Multiparty Computation