University of London / MSc Computer Science: Information security(前半)
November 12, 2023
ロンドン大学で MSc Computer Science: Information security モジュールを履修中。
講義内容に関して記録した個人的なスタディノートです。
全 12 週のうち 1〜5 週目の内容を記録します。(1 週目開始:2023 年 10 月 9 日 / 5 週目終了:2023 年 11 月 12 日)
モジュール概要 #
Content
Information security is about protecting information (and information systems) against unauthorised access and tampering. Avoiding security breaches has a high priority for organisations storing and handling confidential data. Large amounts of confidential information are stored in today’s information systems. Breaches of security can have dire consequences for the organisations running these systems, therefore it is very important to manage the risks associated with security-related issues. In recent years the topic of information security has played a bigger and bigger role. Consequently, everyone involved in the management of information systems should have at least some basic knowledge of it.
Aims
The main aim of this module is to provide broad coverage of the field of information security. This course covers the technical as well as the management side of security information systems. Despite being an essential part of security, technical methods such as cryptography are not enough to guarantee a high level of security. They have to be embedded into a wider context in order to make them more effective. Users of technology have to understand the underlying principles and follow certain policies to avoid security breaches. This module introduces the fundamental approaches to security engineering and includes a detailed look at some important applications.
Weeks
講義は Week 10 まで。Week 11, 12 は最終課題を作成する期間。
- Week1: Overview of information security
- Week2: Security policies
- Week3: Social engineering
- Week4: Basic cryptography
- Week5: Identity management
- Week6: Access control mechanisms
- Week7: Assurance and trust
- Week8: Network intruders and intrusion detection
- Week9: Firewalls and malicious software
- Week10: Economics of information security (a case study)
参考文書 #
Essential reading
- ‘Biometric recognition and authentication systems: Understanding biometric recognition technologies, and how to build secure authentication systems’, National Cyber Security Centre (2019).
- ‘Common criteria for information technology security evaluation, Part 1: introduction and general model - version 3.1 revision 5’, Common criteria (2017).
- Death, D. Information Security Handbook. (Birmingham: Packt Publishing, 2017).
- Jansen, F., J. Sánchez-Monedero and L. Dencik ‘Biometric identity systems in law enforcement and the politics of (voice) recognition: The case of SiiP’, Big Data & Society 8(2) 2021.
- Krissler, J. ‘Jan Krissler World Famous Hackers Who Hack Fingerprint’, Jan Krissler (2016).
- Vacca, J.R. Computer and Information Security Handbook. (Cambridge, MA: Morgan Kaufmann, 2017) 3rd edition.
Week 1: Overview of information security #
メモ
- 情報セキュリティに関する導入的な内容だった。
- セキュリティの教科書に書いてあるような入門的な内容しか出てこなかったため、講義内容記録はさくっと済ませる。
- ラボの実習内容は、Google Dorks(Google 検索を利用した漏洩情報の収集)と Nmap を使ったポートスキャニングの手順について。
レクチャー内容
- Introduction to information security
- Lecture 1: Threats, attacks and vulnerabilities
- Lecture 2: Confidentiality, integrity, availability
- Lecture 3: Security lapse case studies
- Issues in information security
- Lecture 4: Administrative issues
- Lecture 5: Risk assessment and management
- Lecture 6: Quantitative versus qualitative assessment
- Labs
- Exploits and Port scanning with NMAP
Threats, attacks and vulnerabilities
Three key terms used in information security are:
- Threats: Security violations that “might” occur.
- Attacks: Actions that result in “actual” security violations.
- Vulnerabilities: Weaknesses that make attacks “possible”.
Confidentiality, integrity, availability
- Confidentiality: is the principle of restricting access to information.
- Integrity: is about preventing improper or unauthorised changes to data.
- Availability: is about ensuring information is accessible by authorised persons and stored on systems that are kept continually operational.
Week 2: Security policies #
メモ
- セキュリティポリシーの話から入り、主にセキュリティモデルに関する内容だった。特に Bell-La Pauda モデルと、Clark-Wilson モデルについて。
- CISSP 取得の際に勉強した内容以上のものは出てこなかったため、講義内容記録はさくっと済ませる。
- ラボの実習内容は、Linux のセキュリティポリシーについて。
レクチャー内容
- Introduction to security policies
- Lecture 1: Introduction security policies
- Lecture 2: Formal models
- More on formal models
- Lecture 3: Bell-La Pauda model
- Lecture 4: Clark-Wilson integrity model
- Lecture 5: Concrete rules
- Labs
- Security Policies in Linux
Formal models
Formal models use classification to define what is being accessed (the objects) and who does the accessing (the subjects).
- Formal models enforce access to information using one of these access control models:
- Mandatory Access Control (MAC)
- Discretionary Access Control (DAC)
- With MAC:
- A system-wide policy controls access.
- Users have no say in this policy.
- MAC is used where security is an absolute priority, such as in the military or intelligence services.
- With DAC:
- Each object is owned by a user.
- The user (owner) grants data object access permissions to other users.
- DAC is in common use:
- UNIX operating system
- Relational database management systems such as SQL, MySQL and Oracle
- Many proprietary software systems
- A big difference between DAC and MAC systems is that:
- A DAC system can have as many owners as there are objects.
- However, a MAC system has only one owner - the system itself.
- Hence the key cultural difference between DAC and MAC is that there is:
- Inherent trust in any DAC system in subjects who are object owners.
- No trust in any subject in a MAC information system.
Week 3: Social engineering #
メモ
- ソーシャルエンジニアリングに関する内容だった。
- CISSP 取得の際に勉強した内容以上のものは出てこなかったため、講義内容記録はさくっと済ませる。
- ラボの実習内容は、メールの送信元アドレスの偽装方法について。
レクチャー内容
- Overview of social engineering
- Lecture 1: Overview of social engineering
- Lecture 2: Common methods in social engineering
- Lecture 3: Social engineering life cycle
- Prevention strategies
- Lecture 4: Warning signs of an attack
- Lecture 5: How to prevent attacks
- Lecture 6: Training staff
- Labs
- Email spoofing with Python
Week 4: Basic cryptography #
メモ
- 暗号化に関する内容だった。
- CISSP 取得の際に勉強した内容以上のものは出てこなかったため、講義内容記録はさくっと済ませる。
- ラボの実習内容は、簡易的なランサムウェアの実装について。
レクチャー内容
- Introduction to cryptography
- Lecture 1: Introduction to cryptography
- Lecture 2: Basic definitions
- Lecture 3: Common algorithms
- Encryption techniques
- Lecture 4: Ciphers
- Lecture 5: DES
- Lecture 6: RSA
- Lecture 7: AES
- Labs
- Cryptography in practice - ransomware
Cryptography, Cryptanalysis, Cryptology
- “Cryptography” is the art and science of using encoding to keep information secure.
- “Cryptanalysis” is the art and science of breaking a code.
- “Cryptology” is the collective term for both cryptography and cryptanalysis.
[Plaintext] [Plaintext]
"The cat sat on the mat." "The cat sat on the mat."
| ^
v |
[Encryption Function E] -> [Ciphertext] -> [Decryption Function D]
^ "fjls7D(?asdljILAKhidD" ^
| |
[Encryption Key] [Decryption Key]
"S8dL9?£HK$il7" "S8dL9?£HK$il7"
Week 5: Identity management #
メモ
- 生体認証に関する内容だった。
- CISSP 取得の際に勉強した内容以上のものは出てこなかったため、講義内容記録はさくっと済ませる。
- ラボの実習内容は、ステガノグラフィ(のうち画像にメッセージを隠す方法)の仕組みと実装について。
レクチャー内容
- Introduction to identity recognition
- Lecture 1: Introduction to biometrics
- Lecture 2: Determining the quality
- Lecture 3: Traditional approaches with handwritten signatures
- Modern techniques
- Lecture 4: Fingerprints and iris codes
- Lecture 5: Face and voice recognition
- Lecture 6: Disadvantages of biometric identification
- Labs
- Hiding in Plain Sight