What are we defending against?
The castle shown about is used to defense against enemy attack. What about in the Information Security world? Who is the enemy?
You may say the enemy is the hacker. While this is true, the exact term used should be threats. Threat by itself is a subjective word. Threat can be remote, threat can be big or it can be small.
In the Information Security world, 3 terms are used together:
- Risk
- Threat
- Vulnerability
In fact there is a formula for these 3 terms:
Risk = Threat X Vulnerability
For example, when you kept your front door unlock it is a vulnerability but you live in a safe neighborhood your threat is low and thus your risk will not be high. On the other hand if you keep your front door unlock and you live in a high crime area then your risk is very high.
Note: Security is all about mitigation of risk. We can never be 100% secure. The objective of information security is to mitigate all know risk factor to the minimal.
Defense in Depth
Defense in Depth is a security best practice.I have heard the late CEO of Apple Inc Steve Jobs had a security guard to stay within a few feet of his laptop all the time when he is speaking at conferences. I am sure his laptop is both password protected and encrypted, adding another layer of defense will not hurt.
There are 4 kinds of Defense in Depth:
- Uniform Protection
- Protected Enclaves
- Information Centric
- Vector-Oriented
The easiest and most common form is uniform protection where all the resources or data are treated as equally important. With this approach, it is more vulnerable for malicious insider because everything is being treated as equal, an development engineer can gain access to the data in the HR department.
Protected Enclaves
With this approach, resources/data are segmented. It enforces the principle of least privilege so that user can only access what they need to access. So in this case a development engineer cannot gain access to the data in the HR department. The Pentagon has a classify network and a non classify network. One time I was there for on site support and since I did not have security clearance, I have to step out of the room when we debug the classify network and tell the guy that has security clearance to type in the debug command and he will have to ready the output for me. That was quite an experience debugging the classify network.
Information Centric
Data or asset are tagged with different values. We can envision an onion which has different layers. The most important asset will be in the center where more protection is deployed. Each layer has it own security implemented with this defense in depth concept.
image source: http://www.sentrillion.com/images/img_defense-in-depth.jpg
Vector-Oriented
This approach identify attack vector where the threat can be present. Similar to the Information centric approach but the emphasis is on the attach vector such as thumb drives, smartphone that can take pictures.
Role-base Access Control
While this is not usually looked at as a defense in depth model but in principle this is form having multiple ways of gaining access. With the data/resource segmented, after a user is logged into the system with the proper credential, the user is assigned a role and this role can be in a form of a access token is to determine what resource the user is able to access giving an additional level of access control. Microsoft's Kerberos and OpenStack uses this Role-base Access Control.
Related Post:
Information Security Basics Part 1: Security Models
Information Security Basics Part 3: Cryptography
Information Security Basics Part 4: Public Key Infrastructure (PKI)
nice blog
ReplyDeletemyTectra Profile | Trainingindustry.com
myTectra | Instagram
myTectra | Youtube
Security testing is must. Everybody wants security at every level of his working. as explained above failures are happened but if we test time to time then it will improve. So it depend on us how much we are serious about this.
DeleteMUSTI Dynamic Prevention of Invalid Object Initialization Attacks Project For CSE
Shape of the Cloak Formal Analysis of Clock Skew Based Intrusion Detection System in Controller Area Networks Project For CSE
Statistics Enhanced Direct Batch Growth Self Organizing Mapping for Efficient Dos Attack Detection Project For CSE
A Hand based Multi bio metrics via Deep Hashing Network and Bio metric Graph Matching. Project For CSE
A New Reversible Data Hiding in Encrypted Image Based on Multi Secret Sharing and Light weight Cryptographic Algorithms. Project For CSE
Achieving Maximum Distance Separable Private Information Retrieval Capacity With Linear Codes Project For CSE
I got nice blog
ReplyDeletesap partner companies in bangalore
sap implementation companies in bangalore
sap partners in india
aws staffing
jquery interview questions
sql interview questions
Nice blog
ReplyDeleteuipath training in bangalore
angular4 interview questions
python interview questions
artificial intelligence interview questions
python online training
artificial intelligence online training
talend training
docker training
Excellent blog
ReplyDeletepython interview questions
git interview questions
django interview questions
sap grc interview questions and answers
advanced excel training in bangalore
zend framework interview questions
apache kafka interview questions
DevOps training in chennai
ReplyDeletebest DevOps training institute in chennai
DevOps training center in chennai
DevOps training
The blog you have shared is more informative... Thanks for your valid blog.
ReplyDeleteSelenium Training in Bangalore
Selenium Training in Coimbatore
Best Selenium Training Institute in Bangalore
best selenium training in coimbatore
RPA training in bangalore
Selenium Training in Bangalore
Java Training in Madurai
Oracle Training in Coimbatore
PHP Training in Coimbatore
Great Blog!!! Thanks for sharing with us... it is more useful for us..
ReplyDeletehadoop training in bangalore
big data courses in bangalore
hadoop training institutes in bangalore
Devops Training in Bangalore
Digital Marketing Courses in Bangalore
German Language Course in Madurai
Cloud Computing Courses in Coimbatore
Embedded course in Coimbatore
Really good post.Thank you for sharing.
ReplyDeleteCloud System Integrators|Cloud Services Provider|Infrastructure as a Service|Digital Marketing|Cloud Security
Nice article.
ReplyDeleteSecurity & Safety Services in Bangalore | Security Agency in Bangalore |No 1 Security Guard Company in Bangalore |Housekeeping Agency in Bangalore |Security Agency in Bangalore
Thank you for sharing.
ReplyDeleteYour blog is unique with the useful information.
Best Security Services in Bangalore | Security Agency in Bangalore |No 1 Security Guard Company in Bangalore |Best Security Company in Bangalore |Security Agency in Bangalore
Thanks for the valuable information. Are you looking for a one-stop solution to your Information/Cybersecurity needs? IARM, one of the few companies to focus exclusively on End-End Information/Cybersecurity solutions and services providers to organizations across all verticals.
ReplyDeleteTop Cyber Security Company in Chennai
Penetration Testing Provider in Chennai
Nice blog Post ! This post contains very informative and knowledgeable. oracle training in chennai
ReplyDeleteIf Oracle is your dream job, then we, Infycle, are with you to make your dream into reality. Infycle Technologies offers the best Oracle Training in Chennai, which offers various programs in Oracle such as Oracle PLSQL, Oracle DBA, etc., in the 200% hands-on practical training with specialized trainers in the field. Also, the mock interviews will be arranged for the candidates to face the interviews without any fear, and 100% placement assurance will be given here. To have the words above real, call 7502633633 to Infycle Technologies and grab a free demo to know more.Best Oracle Training Institute in Chennai
ReplyDeleteFinish the Get Big Data Certification in Chennai from Infycle Technologies, the best software training institute in Chennai which is providing professional software courses such as Data Science, Artificial Intelligence, Java, Hadoop, Selenium, Android, and iOS Development, etc with 100% hands-on practical training. Dial 7502633633 to get more info and a free demo and to grab the certification for having a peak rise in your career.
ReplyDeleteChennai's best software training institute, Infycle Technologies, offers the best Hadoop training in Chennai for students and tech professionals along with other courses such as Python, Oracle, Selenium, Java, Hadoop, iOS, and Android development with 100% hands-on training. Once the completion of training, the students will be sent for placement interviews in the core MNC's. Call 7504633633 to get more info and a free demo.Top Hadoop Training in Chennai | Infycle Technologies
ReplyDeleteInfycle Technologies, the top software training institute and placement center in Chennai offers the Best Digital Marketing Course in Chennai | Infycle Technologies for freshers, students, and tech professionals at the best offers. In addition to Digital Marketing, other in-demand courses such as DevOps, Data Science, Python, Selenium, Big Data, Java, Power BI, Oracle will also be trained with 100% practical classes. After the completion of training, the trainees will be sent for placement interviews in the top MNC's. Call 7504633633 to get more info and a free demo.
ReplyDeleteThanks you for sharing this unique useful information content with us. Really awesome work. keep on blogging.
ReplyDeleteartificial intelligence internship | best final year projects for cse | internship certificate online | internship for mba finance students | internship meaning in tamil