CS 458 / 658

Computer Security and Privacy

Module 1
Introduction to Computer Security and Privacy
Winter 2016

Instructor
Urs Hengartner
[Link]@[Link]
[Link]
Section 1: TTh 10:00 11:20 am in PAS 1229
Section 2: TTh 8:30 9:50 am in PAS 1229
Office hours: Th 3:00 4:00 pm in DC 3526 (or by appointment)

1-2

Course mechanics
Teaching assistants: Lalit Agarwal, Nabiha Asghar,

Erinn Atwater, Navid Esfahani, Jason St Jacques,

Andrew Tinits
Come to class! Not every bit of material will be on

the slides or in the text.

You will need an account in the [Link]

environment

If you dont have a [Link] account for some reason,

get one set up in MC 3017.
1-3

Course website

This course will use LEARN

Syllabus, calendar, lecture notes, additional materials,
assignments, announcements, policies, etc.
Site will be updated regularly
It is your responsibility to ensure that you are
authorized to access the site and to keep up with the
information on that site.
Feedback is encouraged!

1-4

Course Discussion

Discussion related to the course will take place on

Piazza ([Link])

General course questions, announcements

Assignment-related questions

You must keep up with any information posted on

Piazza

1-5

Additional communication
Use discussion forums in Piazza for all

communication

Use a private question for questions not of general

interest

Use email only as a last resort and then it must be

from your [Link] email address

Some communication might be sent to your

uWaterloo email address

Check your uWaterloo email account regularly or have

email forwarded to your regular account

1-6

Courtesy
Please silence cell phones and other mobile devices

before coming to class

Questions are encouraged but please refrain

from talking to your neighbours during lectures it

is distracting and disrespectful to your classmates
who are trying to listen to the lectures and to your
professor who is trying to think, talk and write at
the same time.

1-7

Courtesy

Carefully consider whether using your laptop in

class will help you learn the material and follow the
lectures
No playing games, tweeting, watching youtube

videos, updating your facebook page, or using your

laptop in any other way that might distract your
classmates.

1-8

Course syllabus

You are expected to be familiar with the contents

of the course syllabus

Available on the course home page and LEARN
If you havent read it, read it after this lecture

1-9

Plagiarism and academic offenses

We take academic offenses very seriously
Even (especially?) in fourth year
Nice explanation of plagiarism online
[Link]
student-support/ethical-behavior

Read this and understand it

Ignorance is no excuse!
Questions should be brought to instructor
Plagiarism applies to both text and code
You are free (even encouraged) to exchange ideas,

but no sharing code or text

1-10

Plagiarism (2)
Common mistakes
Excess collaboration with other students
Share ideas, but no design or code!

Using solutions from other sources (like for previous

offerings of this course, maybe written by yourself)
Asking public questions containing (partial) solutions
on Piazza

Possible penalties
First offense (for assignments; exams are harsher)
0% for that assignment, -5% on final grade

Second offense
More severe penalties, including suspension

Penalties for graduate students are more severe

More information linked to from course syllabus
1-11

Grading scheme for CS 458

Midterm (15%)
Tue, Feb 9, 2016, 7:00 8:20 pm, RCH 301/302
There is no alternate midterm.
Final (30%)
You must pass the combined, weighted midterm and
final exam mark in order to pass the course!
Assignments (315% = 45%)
Work alone
Self-tests (5%)
Blog task (5%)
Additional research survey paper for CS 658
See syllabus for more details
See syllabus for late and reappraisal policies,

academic integrity policy, and other details

1-12

Assignments
Assignments will be due at 3:00 PM
Late submissions will be accepted up to 48 hours

after due date

There will be no penalty for accepted late
submissions
Multiple assignments can be submitted late,
including the last one
No assistance will be given after the due date
You must notify your instructor before the due date
of any severe, long-lasting problems that prevent
you from completing an assignment on time
1-13

Self-tests
The self-tests are worth 5% of your grade
Theyre meant to help you keep up with the

material, and gauge your grasp of it on an ongoing

basis
Check calendar in LEARN for the availability and
deadline information for each self-test

First test: available tomorrow, deadline one week

No late self-tests will be accepted!
You can attempt each self-test as often as you like
during its availability period; your last grade on each
self-test will be the one recorded

Format: online (on LEARN), usually

multiple-choice questions
1-14

Blog task
Many of the security and privacy problems that we

will discuss in this course will (unfortunately) occur

in the real world during the next four months
The blog task forces you to keep up with these
developments
Each student has to write one blog post during an
assigned timeslot
You must also participate in the discussion of other
students blog posts throughout the term
Blog task is part of material covered in exams
See LEARN for sign-up and other instructions
1-15

A note on security
In this course, you will be exposed to information

about security problems and vulnerabilities with

computing systems and networks
To be clear, you are not to use this or any other

similar information to test the security of, break

into, compromise, or otherwise attack, any system
or network without the express consent of the
owner
In particular, you will comply with all applicable

laws and uWaterloo policies

See syllabus for more details
1-16

[Link]

1-17

Required textbook
Security in Computing,

5th edition,
Charles P. Pfleeger, Shari
Lawrence Pfleeger, Jonathan
Margulies, Prentice-Hall,
2015.
You are expected to know
entire textbook sections, as
listed on course website
all the material presented in
class
[Link]
networking/security/9780134085074

1-18

Other readings
From time to time, there will be additional

assigned readings
They will be linked to from the modules page in

LEARN
There will be both mandatory and optional
readings
You must read the mandatory ones before the

class in which we will discuss them

There is such a reading for the next lecture

1-19

Module outline
1 What is our goal in this course?
2 What is security?
3 What is privacy?
4 Who are the adversaries?
5 Assets, vulnerabilities, threats, attacks, and controls
6 Methods of defence
1-20

What is our goal in this course?

Our primary goal is to be able to identify security

and privacy issues in various aspects of computing,

including:

Programs
Operating systems
Networks
Internet applications
Databases

Secondarily, to be able to use this ability to design

systems that are more protective of security and

privacy.
1-21

What is security?
In the context of computers, security generally

means three things:

Confidentiality

Integrity

Availability

Access to systems or data is limited to authorized parties

When you ask for data, you get the right data
The system or data is there when you want it

A computing system is said to be secure if it has

all three properties

Well, usually

1-22

Security and reliability

Security has a lot to do with reliability
A secure system is one you can rely on to (for

example):
1
2

3
4

Keep your personal data confidential

Allow only authorized access or modifications to
resources
Give you correct and meaningful results
Give you correct and meaningful results when you want
them

1-23

What is privacy?
There are many definitions of privacy
A useful one: informational self-determination
This means that you get to control information
about you

Control means many things:

Who gets to see it

Who gets to use it
What they can use it for
Who they can give it to
etc.

1-24

Example: PIPEDA
PIPEDA (Personal Information Protection and

Electronic Documents Act) is Canadas

private-sector privacy legislation
Lists ten Fair Information Principles companies
need to abide by:
1
2
3
4
5
6
7
8
9
10

Be accountable
Identify the purpose of data collection
Obtain consent
Limit collection
Limit use, disclosure and retention
Be accurate
Use appropriate safeguards
Be open
Give individuals access
Provide recourse

(Read more: [Link]

1-25

Security vs. privacy

Sometimes people place security and privacy as if

theyre opposing forces.

Are they really? Do we have to give up one to get

the other?

1-26

Who are the adversaries?

Whos trying to mess with us?
Various groups:
Murphy
Amateurs
Script kiddies
Crackers
Organised crime
Government cyberwarriors
Terrorists
Which of these is the most serious threat today?
1-27

Some terminology
Assets
Things we might want to protect, such as:
Hardware
Software
Data

Vulnerabilities
Weaknesses in a system that may be able to be
exploited in order to cause loss or harm
e.g., a file server that doesnt authenticate its users

1-28

Some terminology
Threats
A loss or harm that might befall a system
e.g., users personal files may be revealed to the public

There are four major categories of threats:

1
2
3
4

Interception
Interruption
Modification
Fabrication

When designing a system, we need to state the threat

model
Set of threats we are undertaking to defend against
Whom do we want to prevent from doing what?
1-29

Some terminology
Attack
An action which exploits a vulnerability to execute a
threat
e.g., telling the file server you are a different user in an
attempt to read or modify their files
Control
Removing or reducing a vulnerability
You control a vulnerability to prevent an attack and
block a threat.
How would you control the file server vulnerability?
Our goal: control vulnerabilities
1-30

Methods of defence
How can we defend against a threat?
Prevent it: prevent the attack
Deter it: make the attack harder or more expensive
Deflect it: make yourself less attractive to attacker
Detect it: notice that attack is occurring (or has
occurred)
Recover from it: mitigate the effects of the attack
Often, well want to do many things to defend

against the same threat

Defence in depth

1-31

Example of defence
Threat: your car may get stolen
How to defend?
Prevent: Immobilizer? Is it possible to absolutely
prevent?
Deter: Store your car in a secure parking facility
Deflect: Use The Club, have sticker mentioning car
alarm, keep valuables out of sight
Detect: Car alarms, OnStar
Recover: Insurance

1-32

Deflection example

[Link]

1-33

How secure should we make it?

Principle of Easiest Penetration
A system is only as strong as its weakest link
The attacker will go after whatever part of the system
is easiest for him, not most convenient for you.
In order to build secure systems, we need to learn how
to think like an attacker!
How would you get private information from the US
Social Security Administration database?
Principle of Adequate Protection
Security is economics
Dont spend $100,000 to protect a system that can
only cause $1,000 in damage
1-34

Weakest link

1-35

Defence of computer systems

Remember we may want to protect any of our

assets

Hardware, software, data

Many ways to do this; for example:

Cryptography
Protecting data by making it unreadable to an attacker
Authenticating users with digital signatures
Authenticating transactions with cryptographic
protocols
Ensuring the integrity of stored data
Aid customers privacy by having their personal
information automatically become unreadable after a
certain length of time
1-36

Defence of computer systems

Software controls

Passwords and other forms of access control

Operating systems separate users actions from each

other

Virus scanners watch for some kinds of malware

Development controls enforce quality measures on the

original source code

Personal firewalls that run on your desktop

1-37

Defence of computer systems

Hardware controls

Not usually protection of the hardware itself, but rather

using separate hardware to protect the system as a
whole

Fingerprint readers

Smart tokens

Firewalls

Intrusion detection systems

1-38

Defence of computer systems

Physical controls

Protection of the hardware itself, as well as physical

access to the console, storage media, etc.

Locks

Guards

Off-site backups

Dont put your data centre on a fault line in California

Dont put your nuclear power plant in a tsunami zone

1-39

Defence of computer systems

Policies and procedures

Non-technical means can be used to protect against

some classes of attack

If an employee connects his own Wi-Fi access point to

the internal company network, that can accidentally
open the network to outside attack
So dont allow the employee to do that!

Rules about changing passwords

Training in best security practices

1-40

Recap
What is our goal in this course?
Identify security and privacy issues
Design systems that are more protective of security and
privacy
What is security?
Confidentiality, Integrity, Availability
What is privacy?
Informational self-determination

1-41

Recap
Who are the adversaries?
Learn to think like an attacker
Assets, vulnerabilities, threats, attacks and

controls

You control a vulnerability to prevent an attack and

block a threat

Methods of defence
Cryptography, software controls, hardware controls,
physical controls, policies and procedures

1-42