Csep-564-Lec-1

Course Overview

Systems can fail for many reasons. Security deals with intentional failures brought on by adversaries.
What is security?
- it is defined for a particular setting via threat modeling
- who are the stakeholders, i.e. who is impacted
- what assets are we protecting?
- what are the threats to the assets? destruction/theft/ransom?
- who are the adversaries and what are their resources
  - a billion dollar nation state can get into your email account no problem
- what is safety in your system? what is your security policy or goals?
Perfect security does not exist: it's not binary! it is about risk management.

Often overlaps with security. But generally, systems behave respectfully towards people who use and are affected by them.

How to think about security & privacy.
Technical aspects of security & privacy.
- Vulnerabilities, attacks, defenses, etc.

Diversity is very important: need perspectives outside of who built the system.
Curiosity, thinking like an attacker.

CIA: Confidentiality, Integrity, Availability (bonus: Authenticity)
- Confidentiality is concealment of information
- Integrity: prevention of unauthorized changes
- Availability: ability to use information or resources
- Authenticity: knowing who you're talking to

Prevention
- E.g. Rust preventing memory bugs.
Detection
- Sometimes super useful to be able to detect & observe adversaries without kicking them out.
Response & resilience
- E.g. if you have good backups, you are resilient to ransomware attacks!

Securing a system has to be done across the whole system:

This is because security is only as strong as the weakest link! The weakest component is what will get infiltrated by an intelligent adversary.

Some systems are asymmetrically advantageous to adversaries, and some to defenders.

Challenges: