Slashdot Mirror

← Back to Stories (view on slashdot.org)

Computer Security Criteria

Posted by michael on from the more-than-just-published-exploits dept.

Rolf Marvin Bøe Lindgren writes: "For most human endeavors that involve some sort of risk, there are powerful, recognized public interest groups or even government-appointed organizations that investigate and analyze dangers, prescribe guidelines, determine criteria for acceptable risk, etc. This does not seem to be the case for software! I work for a ship classification company. The purpose of such companies are, very simply put, to determine how safe seagoing vessels are, for instance in order that insurance companies can decide insurance premiums. There are, needless to say, numerous conventions and special interest groups to determine safety at sea. That is, as far as I know (and I would very much like to be proven wrong), except the computer systems that the ships use. there are restrictions, laws and regulations involved in just about any object that goes into a ship except the computer system. Everybody seems to know, for instance, that UNIX is safer that Windows, but there are no safety, reliability or security criteria established by any recognized authority that can be used to defend one computer system over another."

"Now, I could ask Slashdot how to go about to form a recognized body, but I have access to competence in that particular matter. What I would rather like to know, is this:

  • What might a set of safety criteria be like (I am just now most interested in criteria for computer systems that would address such issues as vulnerability to worms, viruses and crackers)?
  • How should one go about to find competent and interested people who would like to be part of a body like I describe, or consultants to one?

4 of 285 comments (clear)

  1. Most secure by Geekboy(Wizard) · · Score: 5, Insightful

    The most secure method is to apply the KISS method. (keep it simple, stupid) The fewer lines of code, the fewer places an attacker can gain access. Use lots of encryption, (check on theoretical attacks mostly), and use physical safeguards for the system. You possibly want to use OpenBSD, because of the history behind it (4 years with no remote exploits on a default installation), but choose your base carefully. Encrypt all communications (ESP networking) and make sure you have double and triple safeguards. Better be paranoid, than exploited.

  2. Security by AlaskanUnderachiever · · Score: 5, Insightful

    Well I know everyone's going to shoot this one down but I personally see a huge amount of time, effort and expense wasted on my own company's systems to protect them from the "scourge of the internet" when, upon detailed inspection, there is no good reason that 95% of these boxes NEED connectivity. Before you go about inspecting the various methods of combating the madness (firewalls, routers, off the wall OS, tying up the PHB, etc.) ask yourself "do our critical systems need connectivity and if so, to what degree?"

    --
    Find out about my new childrens book: SS Death Camp Criminal Batallion Go To Monte Carlo For The Massacre
  3. Naive or troll? by drew_kime · · Score: 5, Insightful

    Computer security in no way affects human life directly.

    "Reboot the air traffic control system."

    "How long has the reactor control system been down?"

    "Try to get the GPS working again before we enter the harbor in this fog."

    Any of these sound like non-life threatening situations? And you did notice the questioner is specifically concerned with the third type of situation I mentioned, didn't you?

    --
    Nope, no sig
  4. Re:Not what he's asking.... by bluebomber · · Score: 5, Insightful
    It sounded more like he's asking about general classifications of software systems in terms of security. Maybe he's looking for a scale like the following. (I'm pulling this out of my ass, a real classifcation committee would have much better rules, and they would spend longer than five minutes putting such a list together.)

    1 - Non Secure

    This describes a public terminal (e.g. what you might see in a shopping mall or your local university computer cluster) that is running MSDOS. The keyboard and mouse aren't even locked down.

    2 - Half-Assed Security

    This describes a public terminal that is securely bolted to the desktop and is locked shut. A log-on prompt appears, but is easily bypassed (e.g. Windows 95, or a Linux box that is bootable via an accessible CDROM or floppy drive). [Alternative: the logon prompt appears but passwords are available by shoulder-surfing, e.g. "employee only" terminals in retail stores.]

    Levels 1 and 2 are a black hat's paradise.

    3 - Almost Secure(tm)

    This describes probably 95% of the unwashed masses connected to the internet. This machine has a firewall and virus scanning installed, but the virus definition might not be up to date, and the firewall isn't what you'd describe as industrial strength. Some security patches may or may not have been applied, but are probably not completely up to date. This machine might present a challenge for your ordinary script kiddy, but an experienced cracker can probably find a way in. Configurations in this category would include most Windows installations, default Linux installations (older Red Hat, I don't think the newer ones start everything up) that start up every service under the sun, and a public web servers that are "sort of" secure but have holes in CGI scripts or are missing security patches. This also describes a lot of corporate wireless networks.

    The black hats enjoy level 3 probably more than 1 and 2, just because of the (slight) extra challenge.

    4 - Pretty Good Security(tm)

    This describes a machine that is physically locked down, but still connected to the network (generally behind an external firewall). Security patches are applied within hours of announcement. Logs are human monitored, and are written either on another machine, or on permanent media (e.g. printer or CDROM). There are no more services running on this machine than absolutely necessary (in other words, a mail server ONLY has ports 25 and 110 open).

    In practice, these don't generally get cracked. When it happens, it is usually physical security -- telling someone your password, sending your password via email, etc. A break-in might also be caused from a yet-unpublished remote exploit in one of the major services (sendmail, bind, apache, etc.) These machines are often susceptible to certain types of DOS attacks (when such attacks can't be stopped at the router/firewall).

    5 - Unbreakable security

    This descrbes a machine that is physically secure (i.e. the hdd is locked down inside a secure chassis), and has no external network connections. It is also shielded from van Eck and other eavesdropping.

    You won't get into this machine without weapons, "truth serum", or monetary inducements to certain priveleged individuals. Also worth noting is that this machine isn't really practical for everyday use...

    --
    The Daily Build