A wiki is a collaborative web site that collects and organizes content, created and revised by its users. The most well-known example is Wikipedia. Wikis are a way to grow a knowledge base around a particular content area, be it best practices in a particular field or how to use a specific piece of hardware/software. A hallmark of Web 2.0 is that it improves as more people use it and this approach underlies wiki-based learning. It is based on the idea that within any enterprise, a great deal of knowledge exists among the members. Sharing this knowledge and information can raise the organization’s intelligence level, be it a university, an association, a corporation or club.
How basic discretion steps can help in countermeasures?
1
Copyright © 2012, Elsevier Inc.
All Rights Reserved
Chapter
7
Discretion
Cyber Attacks
Protecting National Infrastructure, 1st ed.
2
• Proprietary information will be exposed if discovered
by hackers
• National infrastructure protection initiatives most
prevent leaks
– Best approach: Avoid vulnerabilities in the first place
– More practically: Include a customized program focused
mainly on the most critical information
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Introduction
3
• A trusted computing base (TCB) is the totality of
hardware, software, processes, and individuals
considered essential to system security
• A national infrastructure security protection program
will include
– Mandatory controls
– Discretionary policy
• A smaller, less complext TCB is easier to protect
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Trusted Computing Base
4
Fig. 7.1 – Size comparison issues in a
trusted computing base
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
5
• Managing discretion is critical; questions about the
following should be asked when information is being
considered for
disclosure
– Assistance
– Fixes
– Limits
– Legality
– Damage
– Need
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Trusted Computing Base
6
• Security through obscurity is often maligned and
misunderstood by security experts
– Long-term hiding of vulnerabilities
– Long-term suppression of information
• Security through obscurity is not recommended for
long-term protection, but it is an excellent
complementary control
– E.g., there’s no need to publish a system’s architecture
– E.g., revealing a flaw before it’s fixed can lead to rushed
work and an unnecessary complication of the situation
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Security Through Obscurity
7
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.2 – Knowledge lifecycle for
security through obscurity
8
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.3 – Vulnerability disclosure
lifecycle
9
• Information sharing may be inadvertent, secretive, or
willful
• Government most aggressive promoting information
sharing
• Government requests information from industry for
the following reasons
– Government assistance to industry
– Government situational awareness
– Politics
• Government and industry have conflicting
motivations
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Information Sharing
10
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.4 – Inverse value of information
sharing for government and industry
11
• Adversaries regularly scout ahead and plan before an
attack
• Reconnaissance planning levels
– Level #1: Broad, wide-reaching collection from a variety of
sources
– Level #2: Targeted collection, often involving automation
– Level #3: Directly accessing the target
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Information Reconnaissance
12
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.5 – Three stages of
reconnaissance for cyber security
13
• At each stage of reconnaissance, security engineers
can introduce information obscurity
• The specific types of information that should be
obscured are
– Attributes
– Protections
– Vulnerabilities
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Information Reconnaissance
14
• Layering methods of obscurity and discretion adds
depth to defensive security program
• Even with layered obscurity, asset information can
find a way out
– Public speaking
– Approved external site
– Search for leakage
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Obscurity Layers
15
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.6 – Obscurity layers to protect
asset information
16
• Governments have been successful at protecting
information by compartmentalizing information and
individuals
– Information is classified
– Groups of individuals are granted clearance
• Compartmentalization defines boundaries, which
helps guides decisions
• Private companies can benefit from this model
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Organizational Compartments
17
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.7 – Using clearances and
classifications to control information
disclosure
18
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
Fig. 7.8 – Example commercial mapping
of clearances and classifications
19
• To implement a national discretion program will
require
– TCB definition
– Reduced emphasis on information sharing
– Coexistence with hacking community
– Obscurity layered model
– Commercial information protection models
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n
National Discretion Program