Phân tích và Quản lý rủi ro

Chia sẻ: Ptit Ptit | Ngày: | Loại File: PPT | Số trang:50

Thêm vào BST

Báo xấu

217
lượt xem 87
download

Download Vui lòng tải xuống để xem tài liệu đầy đủ

Security is about managing risk. Without an understanding of the security risks to an organization’s information assets, too many or not enough resources might be used or used in the wrong way. Risk management also provides a basis for valuing of information assets. By identifying risk, you learn the value of particular types of information and the value of the systems that contain that information.

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Phân tích và Quản lý rủi ro

Phân tích & Quản lý rủi ro Võ Viết Minh Nhật Khoa CNTT – Trường ĐHKH
Nội dung trình bày  Mở đầu  Định nghĩa rủi ro Tính dể bị xâm hại (vulnerability)  Mối de dọa (threat)  định rủi ro cho một tổ chức  Xác  Đo lường rủi ro
Mở đầu  Security is about managing risk. Without an understanding of the security risks to an organization’s information assets, too many or not enough resources might be used or used in the wrong way.  Risk management also provides a basis for valuing of information assets. By identifying risk, you learn the value of particular types of information and the value of the systems that contain that information.
What is risk?  Risk is the underlying concept that forms the basis for what we call “security.”  Risk is the potential for loss that requires protection. If there is no risk, there is no need for security.  And yet risk is a concept that is barely understood by many who work in the security industry.
What is risk?  Example of the insurance industry how much the car repair is likely to cost?  how much the likelihood that the person will be in  an accident?  Two components of risk: The money needed for the repair => vulnerability  the likelihood of the person to get into an accident  => threat
Relationship between vulnerability and threat
Vulnerability A vulnerability is a potential avenue of attack.  Vulnerabilities may exist in computer systems and networks allowing the system to be open to a technical  attack  or in administrative procedures allowing the environment to be open to a non-  technical or social engineering attack.
Vulnerability A vulnerability is characterized by the difficulty and the level of  technical skill that is required to exploit it.  For instance, a vulnerability that is easy to exploit (due to the existence of a script to perform the attack) and that allows the attacker to gain complete control over a system is a high-value vulnerability.  On the other hand, a vulnerability that would require the attacker to invest significant resources for equipment and people and would only allow the attacker to gain access to information that was not considered particularly sensitive would be considered a low-value vulnerability. Vulnerabilities are not just related to computer systems and  networks. Physical site security, employee issues, and the security of information in transit must all be examined.
Threat A threat is an action or event that might violate the security of an information systems environment.  There are three components of threat: Targets The aspect of security that might be  attacked. Agents The people or organizations originating  the threat. Events The type of action that poses the threat. 
Targets  The targets of threat or attack are generally the security services : confidentiality, integrity, availability, and accountability. Confidentiality is targeted when the disclosure of  information to unauthorized individuals or organizations is the motivation. Exemples: government information, salary information  or medical histories. Integrity is the target when the threat wishes to  change information. Examples: bank account balance, important database 
Targets Availability (of information, applications, systems, or  infrastructure) is targeted through the performance of a denial-of-service attack. Threats to availability can be short- term or long-term. Accountability is rarely targeted. The purpose of such an  attack is to prevent an organization from reconstructing past events. Accountability may be targeted as a prelude to an attack against another target such as to prevent the identification of a database modification or to cast doubt on the security mechanisms actually in place within an organization.
Targets  Athreat may have multiple targets. For example, accountability may be the initial  target to prevent a record of the attacker’s actions from being recorded, followed by an attack against the confidentiality of critical organizational data.
Agents  The agents of threat are the people who may wish to do harm to an organization. To be a credible part of a threat, an agent must have three characteristics: Access The ability an agent has to get to the  target. Knowledge The level and type of information an  agent has about the target. Motivation The reasons an agent might have for  posing a threat to the target.
Access An agent must have access to the system, network,  facility, or information that is desired. This access may be direct (for example, the agent  has an account on the system) or indirect (for example, the agent may be able to gain access to the facility through some other means). The access that an agent has directly affects the  agent’s ability to perform the action necessary to exploit a vulnerability and therefore be a threat. A component of access is opportunity. Opportunity  may exist in any facility or network just because an employee leaves a door propped open.
Knowledge An agent must have some knowledge of the target.  The knowledge useful for an agent includes User IDs  Passwords  Locations of files  Physical access procedures  Names of employees  Access phone numbers  Network addresses  Security procedures 
Knowledge  The more familiar an agent is with the target, the more likely it is that the agent will have knowledge of existing vulnerabilities.  Agents that have detailed knowledge of existing vulnerabilities will likely also be able to acquire the knowledge necessary to exploit those vulnerabilities.
Motivation An agent requires motivation to act against the  target. Motivation is usually the key characteristic to consider regarding an agent as it may also identify the primary target. Motivations to consider include  Challenge A desire to see if something is possible and be  able to brag about it. Greed A desire for gain. This may be a desire for money,  goods, services, or information. Malicious Intent A desire to do harm to an organization or  individual.
Agents to Consider A threat occurs when an agent with access and  knowledge gains the motivation to take action. Based on the existence of all three factors, the  following agents must be considered: Employees   have the necessary access and knowledge to systems because of their jobs.  whether have the motivation to do harm to the organization.  be counted when conducting a risk analysis.
Agents to Consider Ex-employees  have the necessary knowledge to systems due to the  jobs that they held. may still have access to systems.  Motivation depending upon the circumstances of the  separation, for example, if the ex-employee bears a grudge against the organization.
Agents to Consider Hackers  are always assumed to have a motivation to do harm to  an organization. may or may not have detailed knowledge of an  organization’s systems and networks. Access may be acquired if the appropriate  vulnerabilities exist within the organization.