up

2020-01-22

Processes are designed and modeled.

A Safety Property is a statement about a process model that states that a certain bad event will not happen. For example, when washing a car, the car will not catch on fire.

A Progress Property is a statement about a process model that states that a certain good thing will happen. For example, when washing a car, the car will become clean.

Where Safety is protection from unintentional mishaps, Security defends specifically against an Adversary.

Adversaries are modeled as well:

• Who are they?
  • Identify your likely threat actors
• What actions can they take? -

Who has a strong adversary? Edward Snowden

Some Adversaries:

• Script Kiddies
• Hacktivists
• Corporate Espionage
• Cyber criminals
• APT groups
• Nation-State Actors

H.B’s Duo just got triggered? Right in front of the class? Someone has his password?

Port:

• The left side of a boat
• A sweet wine
• Something a wire plugs into
• A socket that a process can listen on

“Confused Deputy Attacks”

CIA - Confidentiality, Integrity, Availability - These are Security Properties

There is a new acronym: STRIDE