3. Security engineer

[rainit2006]

[rainit2006]

International Data Encryption Algorithm(IDEA)

ブロック暗号（Block cipher）. Pretty Good Privacy (PGP) v2.0 で使われていた。 IDEAのブロック長は64ビットで、128ビットの鍵を使う。ラウンドと呼ばれる同じ操作を8回行い、最後に出力段の変換（ハーフラウンド）を行う。 なお、Transport Layer Security (TLS) においてもIDEAを利用可能であったが、実運用でほぼ使われていないことを理由として、TLS 1.2で削除されている.

Substitution cipher

換字式暗号. 平文を、1文字または数文字単位で別の文字や記号等に変換することで暗号文を作成する暗号である。 A Caesar cipher, rotation cipher or shift cipher is a simple substitution cipher where the cleartext is shifted a number of times up or down a known alphabet.

Caesar cipher

The Caesar cipher is a shift cipher that works on a stream of text and is also a substitution cipher. シーザー暗号は単一換字式暗号の一種で、平文の各文字を、辞書順に3文字分シフトして暗号文を作る暗号である. 古代ローマの軍事的指導者ガイウス・ユリウス・カエサル（英語読みでシーザー）が使用したことから、この名称がついた。

### Transposition cipher 転置式暗号 https://www.youtube.com/watch?v=bcyUJK1BvHw 平文の文字を並べ替えて暗号文を作成する暗号のことである。 没有改变原文里的文字，只是重新排列原文里文字的顺序让其本来的含义被隐藏。 ### Difference between the substitution technique and transpositional technique The essential difference between the substitution technique and transpositional technique is that the substitution technique substitutes the letters of the plaintext from other letters, number and symbols. On the other hand, the transposition techniques do not replace the letter, instead changes the position of the symbol. ### one-time pad In cryptography, a one-time pad is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key. - Pad is made up of truly random values. - Pad is used only one time. - Pad is securely distributed to destination. - Pad is secured at sender and receiver's sites. - Pad is at least as long as message. ## Kerckhoffs' principle 暗号方式は、秘密鍵以外の全てが公知になったとして、なお安全であるべきである。 ## clipper chip 音声とデータメッセージを保護する暗号化デバイスとしてアメリカ国家安全保障局(NSA)によって開発され、使用が推進された、バックドアが仕込まれたチップセットである key size: 80ビット ## steganography データ隠蔽技術の一つであり、データを他のデータに埋め込む技術のこと、あるいはその研究を指す。 クリプトグラフィー（cryptography）がメッセージの内容を読めなくする手段を提供するのに対して、ステガノグラフィーは存在自体を隠す点が異なる。 ## DRM（Digital Rights Management） デジタル・コンテンツの著作権を保護するしくみや技術の総称です。 デジタル・コンテンツとは、テキスト、音楽、静止画、動画、などのデジタルデータで表現されたすべてのものを意味します。 ## cryptanalysis Cryptanalysis is the study of analyzing information systems in order to study the hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages. 暗号解読 ## Kerckhoffs's principle 暗号方式は、秘密鍵以外の全てが公知になったとして、なお安全であるべきである。 A cryptosystem should be secure even if everything about the system, except the key, is public knowledge. Kerckhoffs's principle was reformulated (or possibly independently formulated) by American mathematician Claude Shannon as "the enemy knows the system". ## null cipher, concealment cipher an ancient form of encryption where the plaintext is mixed with a large amount of non-cipher material. Today it is regarded as a simple form of steganography, which can be used to hide ciphertext. ## 后量子密码 英文中的表述是："Post-quantum Cryptography (PQC)"，或者 "Quantum-resistant cryptography"。 https://zhuanlan.zhihu.com/p/45393166 后量子密码，作为未来 5-10 年逐渐代替 RSA、Diffie-Hellman、椭圆曲线等现行公钥密码算法的密码技术。 一句话概括：后量子密码，是[能够抵抗量子计算机对现有密码算法攻击的]新一代密码算法。 公钥密码算法安全性依赖的数学问题可以被高效的量子算法所解决。 关于对称密码算法和哈希函数（例如 AES、SHA1、SHA2 等），虽然有量子算法可以理论上攻破，但这个算法的影响有限，且有很多限制条件。 对于对称密码算法，量子计算机对安全性的影响： - 降低现有算法的安全性：安全性从 k-bit 降低为 k/2-bit - 增大参数的长度有用 - 把密钥长度或哈希的长度加倍即可，例如：AES-128 升级至 AES-256，SHA-256 升级至 SHA-512 等。但这并不是必须的，原因后面会进行介绍 以下 4 种数学方法构造的后量子密码算法： - 格 (Lattice-based) - 编码 (Code-based) - 多变量 (Multivariate-based) - 哈希 (Hash-based) 这些算法的安全性，依赖于有没有可以快速求解其底层数学问题或直接对算法本身的高效攻击算法。 ### Lattice Based Cryptography (基于格) 主要用于构造加密、数字签名、密钥交换，以及众多高级密码学应用 ## The Vernam Cipher The Vernam Cipher is based on the principle that each plaintext character from a message is 'mixed' with one character from a key stream. If a truly random key stream is used, the result will be a truly 'random' ciphertext which bears no relation to the original plaintext. The Vernam cipher is, in theory, a perfect cipher. Instead of a single key, each plaintext character is encrypted using its own key. This key — or key stream — is randomly generated or is taken from a one-time pad, e.g. a page of a book. ## Vigenère cipher ランスの外交官ブレーズ・ド・ヴィジュネルによる多表式の換字式暗号のことである。

[rainit2006]

SHTTP

SSL（Secure Sockets Layer）を利用してデータの暗号化を行うHTTPS方式がある。 SHTTPは送信データを暗号化してセキュリティを高めるのに対して、HTTPSは通信経路自体をセキュアにするという違いがある。

Trapdoor function

a function that is easy to compute in one direction, yet difficult to compute in the opposite direction (finding its inverse) without special information, called the "trapdoor". Trapdoor functions are widely used in cryptography.

[rainit2006]

ゼロ知識証明（ZKP：Zero Knowledge Proof）

暗号理論における情報伝達手法の一つで、相手に秘密情報そのものを知らせないまま、自分が秘密情報を知っていることを相手に知らせる方法のことである。

Rainbow Series

1980年代と1990年代に米国政府によって発行された一連のコンピューターセキュリティ標準とガイドラインです。これらは当初、米国国防総省のコンピュータセキュリティセンターによって発行され、その後、国立コンピュータセキュリティセンターによって発行されました。

• The Orange Book: computer system
• Red book : network

[rainit2006]

AES (Advanced Encryption Standard )

AES was developed to improve upon DES’s security and flexibility. It uses 128-, 192-,and 256-bit keys （注意没有64bit） アメリカ国立標準技術研究所（NIST）の主導により公募され、Rijndael（ラインダール）がAESとして採用された。 Rijndael, a block symmetric cipher created by Vincent Rijmen and Joan Daemen, was selected as the new AES algorithm.

https://www.youtube.com/watch?v=lnKPoWZnNNM 暗号化処理は始めに鍵生成を行う。AES暗号の鍵長によって変換のラウンド数が異なる。次の通りである。

• 鍵長128ビットのとき、ラウンド数は10回である。
• 鍵長192ビットのとき、ラウンド数は12回である。
• 鍵長256ビットのとき、ラウンド数は14回である。 暗号化は下記の４つの処理から構成される[5]。
• SubBytes - 換字表（Sボックス）による１バイト単位の置換。
• ShiftRows - 4バイト単位の行を一定規則で左シフトする。
• MixColumns - ビット演算による４バイト単位の行列変換。
• AddRoundKey - ラウンド鍵とのXORをとる。 これら４つの処理を１ラウンドとして暗号化を行う。

なお、復号は上記処理の逆変換を逆順で実行する。

• AddRoundKey
• InvMixColumns
• InvShiftRows
• InvSubBytes

DES

DES is a symmetric encryption algorithm that uses a 64-bit key for encryption, but 8 bits of the key are used for parity. Thus, the true key is 56 bits. Itis also a block cipher, not a stream cipher.

IBM's 128-bit algorithm, Lucifer, was accepted as the national standard in 1974. It was altered by NIST and referred to as Digital Encryption Algorithm, which used a 56-bit key. Luciferは、ホルスト・ファイステルらがIBMにて開発したいくつかの初期の民間用ブロック暗号の総称である。DESの基になった。Luciferのうちの1つは DTD-1 という名称で1970年代に銀行で使われていた。

3DES

、共通鍵ブロック暗号であるDESを3回施す暗号アルゴリズム。正式名称はTriple Data Encryption Algorithm(TDEA、Triple DEA)。アメリカ国立標準技術研究所は2030年までに使用をやめるよう推奨している。 DES-EEE3 uses three keys for encryption and the data is encrypted, encrypted, encrypted; DES-EDE3 uses three keys and encrypts, decrypts and encrypts data. DES-EEE2 and DES-EDE2 are the same as the previous modes, but the first and third operations use the same key. There is no DES-EEE1.

PGP（Pretty Good Privacy）

Pretty Good Privacy (PGP) is a security program focused on protecting e-mail messages. It uses public key encryption by implementing a “web of trust" among users. In contrast to certificate authorities, which control the levels of trust, PGP allows users to sign each others' public keys, thus developing a trusted network. PGP也用于session key加密

哈希加密算法

• MD5（Message-Digest Algorithm 5）：输入不定长度信息，输出固定长度128-bits的算法
• SHA-1：160bit。 SHA（Secure Hash Algorithm）。
• SHA-2：SHA-256、SHA-384，和SHA-512并称为SHA-2。
• SHA-3： 之前名为Keccak算法，是一个加密杂凑算法。SHA-3并不是要取代SHA-2，因为SHA-2目前并没有出现明显的弱点。由于对MD5出现成功的破解，以及对SHA-0和SHA-1出现理论上破解的方法，NIST感觉需要一个与之前算法不同的，可替换的加密杂凑算法，也就是现在的SHA-3。
• RIPEMD-160： 是一个 160 位加密哈希函数。它旨在用于替代 128 位哈希函数 MD4、MD5 和 RIPEMD。

Digital Signature algorithms

The Digital Signature Standard approves three encryption algorithms for use in digital signatures

• the Digital Signature Algorithm (DSA);
• the Rivest, Shamir, Adleman (RSA) algorithm;
• the Elliptic Curve DSA (ECDSA) algorithm.

HAVAL

• HAVAL is a hash function, not an encryption algorithm.
• HAVAL can produce hashes of different lengths – 128 bits, 160 bits, 192 bits, 224 bits, and 256 bits. HAVAL also allows users to specify the number of rounds (3, 4, or 5) to be used to generate the hash.
• HAVAL was broken in 2004.

[rainit2006]

IPSec

[rainit2006]

Systems Evaluation

Common Criteria

Under the Common Criteria model, an evaluation is carried out on a product and it is assigned an Evaluation Assurance Level (EAL) • EAL1 Functionally tested • EAL2 Structurally tested • EAL3 Methodically tested and checked • EAL4 Methodically designed, tested, and reviewed • EAL5 Semiformally designed and tested • EAL6 Semiformally verified design and tested • EAL7 Formally verified design and tested

The Common Criteria uses protection profiles in its evaluation process.

• Security problem description
• Security objectives
• Security requirements

Elements：

1. Protection Profiles(PPs)： specify the security requirements and protections that must be in place for a product to be accepted under the Common Criteria.
   • Specify security demands of customers
   • "What I want" from customers
2. Security Targets （STs）：
   • Security claims of a vendor about their system
   • "I will provide" from a vendor
   • A target that a vendor sets for itself
   • Customers compare their requirements to this
3. Package
   • Additional security components provided by the vendor
   • Can be added and removed

ISO/IEC 15408 is the international standard that is used as the basis for the evaluation of security properties of products under the CC framework

• ISO/IEC 15408-1 Introduction and general model
• ISO/IEC 15408-2 Security functional components
• ISO/IEC 15408-3 Security assurance components

TCSEC

https://resources.infosecinstitute.com/security-evaluation-models-cissp/#gref Initially, there were three Security Evaluation Models:

• TCSEC or Trusted Computer System Evaluation Criteria
• ITSEC or Information Technology Security Evaluation Criteria
• CTCPEC or Canadian Trusted Computer Product Evaluation Criteria

All the above three evaluation systems are to some extent obsolete or outdated and currently replaced by a more modern approach known as the Common Criteria model

NCSC, EPL, TPEP

In TCSEC, products are submitted to the National Computer Security Center (NCSC) and ultimately published in the Evaluation Product List (EPL). The act of rating a product's security capabilities is called the Trusted Products Evaluation Program(TPEP).

[rainit2006]

Certification

Certification is the comprehensive technical evaluation of the security components and their compliance for the purpose of accreditation. The goal of a certification process is to ensure that a system, product, or network is right for the customer’s purposes. Once certification has been passed, the results are submitted to senior management for the accreditation process.

Accrediation (認定)

Accreditation is the formal acceptance of the adequacy of a system’s overall security and functionality by management.

Certification and Accrediation

Certification is a technical review that assesses the security mechanisms and evaluates their effectiveness. Accreditation is management’s official acceptance of the information in the certification process findings.

Because software, systems, and environments continually change and evolve, the certification and accreditation should also continue to take place.

Verification

The verification process is similar to the certification process in that it validates security controls. Verification may go a step further by involving a third-party testing service and compiling results that may be trusted by many different organizations.

Completed by third party testing service. Results are trusted by most organizations.

Assurance

Assurance is the degree of confidence that an organization has that its security controls are correctly implemented. It must be continually monitored and reverified.

[rainit2006]

Modes

1. Clark-Wilson: This model uses security labels to grant access to objects via transformation procedures and a restricted interface model.
2. Graham-Denning: This model focuses on the secure creation and deletion of subjects and objects using eight primary protection rules or actions.
3. Bell-LaPadula: This model blocks lower-classified objects from accessing higher- classified objects, thus ensuring confidentiality.
4. Sutherland: This integrity model focuses on preventing interference in support of integrity.
5. Biba: The * property of this model can be summarized as “no write-up.”

BLP模型

机密性模型。 注意：注重机密性，此模型强调就是保证机密不能泄密。所以，机密程度越高，越保密，低的就不能读。写方面，高不能往低写，写的话机密的东西流到机密低的地方了。 所以他不允许数据由高级往低级流，但允许低级往高级流，机密性低的数据，跑到机密性高的地方，并不破坏机密性。

• Simple Property: no read up
• （*） Property: no write down
• Strong Tranquility Property（平穏属性）: Security labels will not change while the system is operating.　システム稼働中は権限変更しない
• Weak Tranquility Property: Security labels will not change in a way that conflicts with defined security properties.　属性が矛盾するまで権限変更しない

Properties

1. Simple Security Property
   • No Read Up
   • Subjects can't read objects with higher sensitivity labels
2. (*) Security Property
   • No Write Down
   • Subjects can't write to objects with lower sensitivity labels
   • Unless performing declassification, which is a valid operation
3. Discretionary Security Property
   • An access matrix is used to enforce discretionary access control
4. Trusted Subject
   • Exception to * Security Property
   • Can declassify objects

Biba模型

讲究完整性，不考虑机密问题。所以就颠倒过来了。你可以想象一下，完整性1，2，3，4级， 1级是最高完整性，也就是说我是最高指令，比如是董事会最高决议，它并不需要保密，谁都能看，但任何人不得破坏我的完整性，不能修改我的决议，只有我1级的人才能修改。所以2级的人不可以写我1级的内容。但2级可以读我1级的内容，来生成2级的信息。 此时，数据只能由高向低流，而禁止从低向高流。

Properties

1. Simple Integrity Property
   • No Read Down
   • Subjects can't read objects at lower integrity levels
2. (*) Integrity Property
   • No Write Up
   • Subjects can't write objects at higher integrity levels

Based on Bell-LaPadula Model Based on State Machine and Information Flow Model

Clark-Wilson

Clark-Wilson模型是在Biba模型之后开发的，它采用一些不同的方法来保护信息的完整性。这种模型使用了下列元素： - 用户 活动个体。 - 转换过程(Transformation Procedure，TP) 可编程的抽象操作，如读、写和更改。 - 约束数据项(Constrained Data Item，CDI) 只能由TP操纵。 - 非约束数据项(Unconstrained Data Item，UDI) 用户可以通过简单的读写操作进行操纵。 - 完整性验证过程(Integrity Verification Procedure，IVP) 检查CDI与外部现实的一致性。 Clark-Wilson模型的一个显著特点是，它专注于结构良好的事务处理和职能划分。结构良好的事务处理是指将数据项从一个一致状态转换为另一个一致状态的一系列操作。如果把一个一致状态看成我们已知的可靠数据，那么这种一致确保了数据的可信性，这也是TPs的工作职责。职能划分在模型中的应用，是通过添加一类程序（IVPs），用以审核TPS的工作并验证数据的可信性。 クラーク・ウィルソン（Clark-Wilson）モデルでは、被験者は、このアクセスがどのように行われるかを制御する何らかのタイプのアプリケーションまたはプログラムを経由することなく、オブジェクトにアクセスすることができない。 ## Non-Interference Mode 異なるセキュリティドメインのデータが互いに独立している（非干渉である）ことを保証します。情報が境界を越えないため、各データアクセスは独立し他のデータと接続しません。これにより「秘密チャネル」などによる不正な通信を防止します。 ## Brewer and Nash model, Chinese wall mode Brewer and Nash模型也称为Chinese Wall 模型，这个模型规定，主体只有在不能读取位于不同数据集内的某个客体时才能写另一个客体。它被创建来提供根据用户先前活动而动态改变的访问控制。这个模型的主要目标是防止用户访问被认为有利益冲突的数据。 The Brewer and Nash model was constructed to provide information security access controls that can change dynamically. This security model, also known as the Chinese wall model, was designed to provide controls that mitigate conflict of interest in commercial organizations, and is built upon an information flow model. In the Brewer and Nash model no information can flow between the subjects and objects in a way that would create a conflict of interest. This model is commonly used by consulting and accounting firms. ユーザーのアクションに応じて動的にアクセス制御を変更するところに特徴があります。

[rainit2006]

Chosen-ciphertext attacks

Chosen-ciphertext attacks have the highest probability of the encryption being cracked compared to most other cryptanalysis attacks. In this type of attack, the intruder must capture a large portion of the ciphertext and then must be able to choose which parts of it are decrypted. That section of text is transformed into plaintext. The translation is then analyzed in an attempt to identify the key that was used in the encryption process.

covert(秘密的) channel attack

A covert channel is a way of transmitting information using methods that were not originally intended for data transmission. 意図されてない通信経路を使う、組織のセキュリティポリシーを違反するチャンネル ・タイミングチャンネル（ Timing channel）：処理が実行されるタイミングを利用して意図されてない方法で情報を発信する ・ストレージチャンネル（Storage channel）：保存されたデータの変更を利用して、と意図されてない方法で情報を発信する

[rainit2006]

TCB （Trusted Computing Base）

The totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination responsible for enforcing a security policy.

Also, worth noting for your CISSP exam is that the TCB framework includes reference monitor, security domain and security kernel。

The CISSP exam outline mentioned the “security capabilities of information systems” and gave some technical examples such as memory protection, TPM, and cryptography. The security capabilities of information systems comprise not only technical means but also physical means and procedural means.

TCB is originated from Orange Book. The Trusted Computing Base (TCB) is a small subset of the system contained within the kernel that carries out critical system activities.

## Trusted Platform Module コンピュータのマザーボードに直付けされているセキュリティに関する各種機能を備えたデバイスもしくはチップで、暗号化/複合や鍵ペアの生成、ハッシュ値の計算、デジタル署名の生成・検証などの機能を有する。 TPMの仕様はTCG(Trusted Computing Group)という国際的な業界団体で策定されており、最新のバージョンは2.0である。1.2まではRSAのみであったが、2.0からはAESやECDSAなどを含め多種多様な暗号アルゴリズムの処理をチップ内でできるようになり、ソフトウェアが暗号ライブラリを負担する必要が大幅に無くなったため、暗号境界がより明瞭になった。 ### memory in TPM TPM has some non-volatile memory to store : 1. Endorsement Key (EK) 2. Storage Root Key (SRK) 3. owner authorisation data (owner’s password) ### Example of TPM： The Trusted Platform Module (TPM) is a hardware security technique that stores an encryption key on a chip on the motherboard and **prevents** someone from accessing an encrypted drive by installing it **in another computer.**

[rainit2006]

[rainit2006]

Physical security

walls building for sensitive area

Security barriers and walls that surround sensitive areas should go from the true floor to the true ceiling. This means that the walls do not stop at a dropped ceiling or at the raised floor because those could be circumvented (回避，绕过) and used as entry points into the sensitive area.

2 foot candles

The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated 8 feet high and use two foot-candles, which is a unit that represents the illumination power of an individual light. 照度単位は： Lux（ルクス）或いは Foot candle (１カンデラの点光源から全方向１フィートの面の照度の単位)。 英尺烛光(Foot-candle)，字面意义是发光强度为1坎德拉的点光源的1英尺距离处的表面的照度。

power supply

• clean A "clean" power supply means there is no interference or fluctuation（变动） in voltage levels.
• spike voltage spike： a sudden increase in voltage that lasts for less than 3 nanoseconds （or 1 millionsecond）.
• surge A sudden increase in voltage that lasts for 3 nanoseconds（or 1 millionsecond） or more is called a voltage surge.

Halon, FM200

These types of gases interfere with the chemical reactions in a fire and act as effective suppressing agents for class B and C fires. Halon is a gas that has been used in fire extinguishers for years and still exists in some older units. However, the EPA recently found that Halon is harmful to the ozone and potentially harmful to humans. Several replacement agents, including FM-200, are just as effective on fires as Halon and are being used in new units.

Halon is a type of gas used to interfere with the chemical reactions between the elements of a fire. A fire requires fuel, oxygen, high temperatures, and chemical reactions to burn properly. Different suppressant agents have been developed to attack each aspect of a fire:

• halon and carbon dioxide remove the oxygen supply from a fire.
• water reduces the temperature
• soda acid （碳酸氢钠，即小苏打）and other dry powder work to removes the fuel （soda acid extinguisher acts by cutting off supply of air）

Fail Safe vs. Fail Secure

• Fail safe: The lock unlocks when power is removed
• Fail secure: The lock unlocks when power is applied

Fire sprinkler system

• Wet pipe systems 最も広く採用されている方式。湿式スプリンクラーのグラスバルブ。作動温度によって異なる着色がなされている。 スプリンクラーヘッドは、火災時の熱により容易に溶ける合金（ヒュージブルリンク）や火災の熱で破裂する揮発性の液体（エーテル、アルコール等）を満たしたガラス球（グラスバルブ）で封じられている、閉鎖式スプリンクラーヘッドが用いられる。
• Dry pipe systems 寒冷地等で、凍結により散水不能や配管の破損のおそれのある場所で採用される。配管に圧縮空気を封入しておき、火災時ヘッドが開くことによって内圧が低下し、それにより乾式流水検知装置が作動し、引き続いて放水する構造になっているものである。
• Deluge systems (放水型)
• Preaction 存在两个阶段

Humidity

Data center humidity should be maintained between 40% and 60%

[rainit2006]

-

[rainit2006]

框架

主要的EA框架有TOGAF、Zachman，EAP，FEA，DoDAF。目前主流的企业架构发展规划遵循两条路径，Zachman和TOGFA。由于TOGAF同时提供了一套架构方法，目前应用较为广泛，EA中有50%以上占有率。（TOGAF2009年调研报告）

开放群组架构框架（The Open Group Architecture Framework，TOGAF）：

它由美国国防部开发并提供了设计、实施和治理企业信息架构的方法。架构允许技术架构设计师从企业的不同视角（业务、数据、应用程序和技术）去理解企业，以确保开发出环境及组件所必需的技术，最终实现业务需求。

其核心就是如何从企业战略开始、以需求管理为核心，如何一步步制定业务架构、信息系统架构、技术架构、机会识别和解决方案制定、计划制定、实施管控、架构变更管理。

 TOGAF（The Open Group Architecture Framework）将企业架构分两大类共四小类，企业架构中通过对两大类（四小类）进行映射以体现企业面貌。两大类指业务架构和IT架构，四小类指业务和IT中的数据、应用、技术三小类。 TOGAF不光给出了企业架构理念，同时提出了架构开发方法ADM（Architecture Development Method）。在业务战略上，通过ADM来定义企业的愿景/使命、目标/目的/驱动力、组织架构、职能和角色。在IT战略上， ADM详细描述了如何定义业务架构、数据架构、应用架构和技术架构，是IT战略规划的指引。通过企业架构承接企业业务战略与IT战略，是企业信息化规划的核心。 ## Zachman框架： 是一个二维模型，它使用了6个基本的疑问词（什么、如何、哪里、谁、何时、为何）和不同的视知观点（计划人员、所有者、设计人员、建设人员、实施人员和工作人员）二维交叉，它给出了企业的一个整体性理解。 Zachman和TOGAF相比，Zachman更偏向于概念层，用5W1H的方式对场景进行定义，为架构编写提供基础。 而Zachman架构在信息安全中的落地，就形成了SABSA架构： ## 舍伍德的商业应用安全架构（Sherwood Applied Business Security Architecture，SABSA）： 是一个分层模型，它在第一层从安全的角度定义了业务需求。 ## COBIT（Control Objectives for Information and related Technology，信息及相关技术的控制目标）： 是一组由国际信息系统审计与控制协会（ISACA）和IT治理协会（lTGI）制定的一个治理与管理的框架。 ## COSO内部控制整合框架： 是由反欺诈财务报告全国委员会发起组织委员会（Committee of Sponsoring Organizations，COSO）于1985年开发的，是用来处理财务欺诈活动并汇报。 ## ISO/IEC 27000系列： ISO和IEC联合开发的关于如何开发和维护信息安全管理体系的国际标准。 ## ITIL： 作为一种以流程为基础、以客户为导向的IT服务管理指导框架，它摆脱了传统IT管理以技术管理为焦点的弊端，实现了从技术管理到流程管理，再到服务管理的转化。 ## 能力成熟度模型集成（Capability Maturity Model Integration，CMMI）： 由Carnegie Mellon大学开发，以此作为确定组织流程成熟度的一种方式。 # 信息安全整体框架体系 https://www.secrss.com/articles/10200 综上，依据治理、管理、运营三个层级，从战略、战术、执行三个层面，对应到各层级所需方法和框架，笔者试着进行了方法论的梳理，同时增加了安全控制内容，以期通过测量进行控制项落地。 企业治理：方法以TOGAF，ZACHMAN为主，TOGAF相对来说提供了架构开发方法ADM，而ZACHMAN则在理念层面提供一种思路。 IT治理：IT治理中方法比较多，典型的参照COBIT，将IT治理和IT管理结合起来。其中治理EDM包括（评价、指导、监控），管理PDRM（计划、构建、运行、监控）。同时，在流程管理中需要采用ITIL的方法进行。 安全治理：从ZACHMAN模型对应出来的SABASA模型对信息安全治理进行说明，此处对应信息安全一级文档，战略、总纲方针。 安全管理：管理是战略的落地，典型的参考架构是信息安全管理体系标准（ISMS）(ISO27000标准族)，同时参考质量管理的六西格玛和成熟度模型，国内对应的是等保的管理要求，对应信息安全二级文档，标准、策略。 

[rainit2006]

CPU states

The CPU can function in one of four states:

• Ready state—Program is ready to resume processing
• Supervisor state—Program can access entire system
• Problem state—Only nonprivileged instructions executed
• Wait state—Program waiting for an event to complete

[rainit2006]

Block算法的Mode

[rainit2006]

OCSP

Online Certificate Status Protocol（OCSP）は、X.509公開鍵証明書の失効状態を取得するための通信プロトコルである。 RFC 6960 で規定されており、インターネット標準トラック上にある。

Certificate Pinning

Certificate Pinningは，「証明書のピンどめ」と訳されたりしますが，「クライアントで許容するTLS証明書を予め規定しておく」ことを指します． Certificate Pinningを行うことで，「たとえ有効な証明書であっても見知らぬ証明書の通信は受け入れない」ようにすることが可能になります．

Crypto-shredding

Crypto-shredding is the practice of 'deleting' data by deliberately deleting or overwriting the encryption keys.[1] This requires that the data have been encrypted. 密钥销毁是指主动覆盖或删除用于保护敏感数据的加密密钥，以保护敏感数据不被读取。对于审计应用程序或区块链这样不应该或不能删除历史记录的系统来说，密钥销毁技术对于隐私保护和GDPR合规非常有用。

[rainit2006]

Skimming

信息刮取(Skimming)是一种高成本的攻击技术，但是因为操作简单，盗取信息的速度极快，而且部署起来十分隐蔽，所以特别危险。攻击者往ATM读卡器里插入恶意装置来盗取被刷卡片数据。垫片(Shimming)则是信息刮取(Skimming)的升级版，在终端读卡器里插入纸片般薄的装置就可以盗取芯片磁条复合卡的数据。 ATM skimming is when criminals place a device on the face of an ATM, which appears to be a part of the machine. It’s almost impossible for civilians to know the difference unless they have an eye for security, or the skimmer is of poor quality. When a skimming device is planted on an ATM, it gathers account data from any cards that are swiped. Those who planted it can then retrieve that data and put it on blank bank cards. Often, criminals will also hide a small pinhole camera in a brochure holder near the ATM in order to extract the victims' pin numbers. All of this allows them to access the funds in their victims' accounts.

[rainit2006]

if patchs are no longer available for mobile device.

When operating system patches are no longer available for mobile devices, the best option is typically to retire or replace the device.

[rainit2006]

SCADA

Supervisory Control and Data Acquisition systems, or SCADA systems, provide a graphical interface to monitor industrial control systems (ICS)

ASLR

アドレス空間配置のランダム化（英語: address space layout randomization, ASLR）とは、重要なデータ領域 の位置（通常、プロセスのアドレス空間における実行ファイルの基底とライブラリ、ヒープ、およびスタックの位置が含まれる）を無作為に配置するコンピュータセキュリティの技術である。

Noninterference model

The noninterference model is loosely based on the information flow model. However, instead of being concerned about the flow of information, the noninterference model is concerned with how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level. Basically, the actions of subject A (high) should not affect the actions of subject B (low) or even be noticed by subject B.

Composition Theories

they explain how outputs from one system relate to inputs to another system. Describes information flow between systems.

feedback model

The feedback model of composition theory occurs when one system provides input for a second system and then the second system provides input for the first system. This is a specialized case of the cascading model Example: HTTP Request and Response A -> B : Request A <- B : Response

Cascading:

Input for one system comes from the output of another system. Example: Web server with database backend A -> B -> C : Chaining

Hookup:

One system sends input to another system but also sends input to external entities. Example: CC and BCC in email A -> B : To Destination A -> C : To Hookup

[rainit2006]

Confinement

Simply put, process confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing.

Bound

The bounds of a process consist of limits set on the memory addresses and resources it can access.

More secure systems may require physically bounded processes. Physical bounds require each bounded process to run in an area of memory that is physically separated from other bounded processes, not just logically bounded in the same memory space. Physically bounded memory can be very expensive, but it’s also more secure than logical bounds.

Isolation

Process isolation ensures that any behavior will affect only the memory and resources associated with the isolated process. Isolation is used to protect the operating environment.

Isolation VS Bound VS Confinement

Isolation is best described as confining a process by implementing access bounds to ensure compliance to a set of predetermined access criteria such that its execution, failure or compromise does not affect other process. The three terms, isolation, bounds and confinement are inter-related. Confinement basically means ensuring that the process only reads and writes to specific resources (such as memory), whereas bounds refer to the authority level attached to the process which defines the specific resources it can access such as memory locations. Isolation is the concept whereby confinement is implemented using bounds.

[rainit2006]

Evaluation Steps

Certification

Notes

• Initiated by a vendor
• Test system security capabilities
• Compare design, security criteria, and actual capabiltiies
• Auditors decided if security criteria is met
• Security criteria is based on intended use (commercial, health, etc)
• Usually performed by a 3rd party Steps
• Choose security crtieria (TCSEC/ITSEC/CC)
• Analyze each system component beased on criteria
• Evaluate deployment environment
• Determine level of security

  Accreditation

• Recognition of the certification
• Performed by an adopting organization/customer

  Maintenance

• Ensuring that the security criteria is up to date
• Ensuring that the system still meets security criteria

[rainit2006]

Trust and Assurance

Trusted System

One which protects data for many types of users

Assurance

Degree of confidence in satisfaction of security needs Needs to be maintained Changes decrease assurance, hences, reevaluation is needed

[rainit2006]

Key escrow

In the Fair Cryptosystem approach to key escrow, the secret keys used in communications are divided into two or more pieces, each of which is given to an independent third party.

M of N Control

an M of N control the M stands for minimum and the N stands for total number and in this case you need 5 people to gain access to the system that 10 people have a key to. It’s a way to ensure that only one person doesn’t have access to any given system.

Another example: What if 5 people have combined keys to a bank vault. That makes the N = 5. Now let’s say you need 2 of those 5 people to come together to gain access to that vault. That’s the M, i.e. 2, the minimum number of people needed to get in.

[rainit2006]

Security Modes

Requirements

• MAC Environment
• Physicial control of system and room

  Modes

  Dedicated Mode （专用模式）

• Right(有权) to know everything in system （Must have a valid security clearance for all information processed by the system）
• Permission to access everything in the system （ access approval for all information processed by the system）
• Need to know everything in system （a valid need to know for all information processed by the system.）

  System High Mode （系统高级模式）

• Right to know everything in system
• Permission to access everything in the system
• Need to know some things in the system (a valid need to know for some, but not necessarily all, information processed by the system.)

  Compartmented Mode （分隔模式）

• Right to know everything in the system
• Permission to access some things in the system
• Need to know things to be accessed in the system

  Multilevel Mode （多级模式）

• Right to know some things in the system
• Permission to access some things in the system
• Need to know things to be accessed in the system

security clearance

A security clearance is a status granted to individuals allowing them access to classified information (state or organizational secrets) or to restricted areas, after completion of a thorough background check. 秘密にすべき情報を扱う職員に対して、その適格性を確認すること。

[rainit2006]

Cipher attacks

• known plaintext attack: The attacker knows at least one sample of both the plaintext and the ciphertext.
• Chosen plaintext attack: The attacker can specify his own plaintext and encrypt or sign it. He can carefully craft it to learn characteristics about the algorithm.

Blowfish

Blowfish allows the user to select any key length between 32 and 448 bits.

bcrypt

bcrypt 用到了blowfish技术. bcrypt的一个非常重要的特征就是自适应性，可以保证加密的速度在一个特定的范围内，即使计算机的运算能力非常高，可以通过增加迭代次数的方式，使得加密速度变慢，从而可以抵御暴力搜索攻击。

Provos和Mazières利用了这一点，并将其进一步发展。他们为Blowfish开发了一种新的密钥设置算法，将由此产生的密码称为 “Eksblowfish”（”expensive key schedule Blowfish”）。这是对Blowfish的改进算法，在bcrypt的初始密钥设置中，salt 和 password 都被用来设置子密钥。然后经过一轮轮的标准Blowfish算法，通过交替使用salt 和 password作为key，每一轮都依赖上一轮子密钥的状态。虽然从理论上来说，bcrypt算法的强度并不比blowfish更好，但是因为在bcrpyt中重置key的轮数是可以配置的，所以可以通过增加轮数来更好的抵御暴力攻击。 https://zhuanlan.zhihu.com/p/410896683 https://zhuanlan.zhihu.com/p/400196101 上图是一个bcrypt哈希结构的示例图，其由四部分组成： Prefix说明了使用的bcrypt的版本 Cost是进行哈希的次数-数字越大生成bcrypt的速度越慢，成本越大。同样也意味着如果密码库被盗，攻击者想通过暴力破解的方法猜测出用户密码的成本变得越昂贵。 Salt是添加到要进行哈希的字符串中的随机字符（21.25个字符），所以使用bcrypt时不需要我们在表里单独存储Salt。 Hashed Text是明文字符串最终被bcrypt应用这些设置哈希后的哈希文本。

[rainit2006]

Take-grant protection model

There are a total of four such rules:

• take rule allows a subject to take rights of another object (add an edge originating at the subject)
• grant rule allows a subject to grant own rights to another object (add an edge terminating at the subject)
• create rule allows a subject to create new objects (add a vertex and an edge from the subject to the new vertex)
• remove rule allows a subject to remove rights it has over on another object (remove an edge originating at the subject)

[rainit2006]

CPTED（Crime Prevention Through Environmental Design)

• Natural access control is the use of the environment to control access to entry points, such as using landscaping and bollards.
• An example of natural surveillance is the construction of pedestrian walkways so there is a clear line of sight of all the activities in the surroundings.
• Territorial reinforcement gives people a sense of ownership of a property, giving them a greater tendency to protect it.

[rainit2006]

HMAC

MAC: message authentication code. MAC是通过MAC算法+密钥+要加密的信息一起计算得出的。 同hash算法（消息摘要）相比，消息摘要只能保证消息的完整性，即该消息摘要B是这个消息A生成的。而MAC算法能够保证消息的正确性，即判断确实发的是消息A而不是消息C。 同公私钥体系相比，因为MAC的密钥在发送方和接收方是一样的，所以发送方和接收方都可以来生成MAC，而公私钥体系因为将公钥和私钥分开，所以增加了不可抵赖性。

hmac主要应用在身份验证中，如下是它的使用过程：

1. 客户端发出登录请求（假设是浏览器的GET请求）
2. 服务器返回一个随机值，并在会话中记录这个随机值
3. 客户端将该随机值作为密钥，用户密码进行hmac运算，然后提交给服务器
4. 服务器读取用户数据库中的用户密码和步骤2中发送的随机值做与客户端一样的hmac运算，然后与用户发送的结果比较，如果结果一致则验证用户合法。

[rainit2006]

KDF

In cryptography, a key derivation function (KDF) is a cryptographic hash function that derives one or more secret keys from a secret value such as a main key, a password or a passphrase using a pseudorandom function (伪随机函数).

KDF是hash函数，通常用来将短密码变成长密码 KDF是密码学安全的，详见（实用密码学工具——Hash） KDF需要加salt，用于防彩虹表，salt长度至少要大于hash长度 KDF需要有能力消耗大量计算资源，用于防暴力破解

[rainit2006]

multitasking

• Cooperative multitasking - required processes to voluntarily release the resources they were using.
• Preemptive multitasking - the operating system controls how long a process can use a resource (time-sharing).

Multi-processing

Multi-processing is the multi-tasking capability fulfilled through a multi-processor system.

Symmetric Multiprocessing、SMP

物理メモリを共有して管理する「メモリ共有型並列コンピューティング（マルチプロセッシング）方式」のこと。全てのCPUに対して対称的、均一的に処理が割り付けられた複数プロセッサによる並列処理方式のことを言う。

Asymmetric multiprocessing (AMP or ASMP)

搭載された個々のCPUのそれぞれに別々な命令を割り当てる方法のことである。 たとえばひとつのCPUにはOSの制御を行わせ、またもうひとつのCPUにはアプリケーションの演算をさせる、といった方法がASMPに相当する。

Single-state systems

Single-state systems are designed and implemented to handle one security level of information.

multistate systems

multistate systems/processors can simultaneously operate at multiple security levels (i.e. TS, Secret, Unclass.)

Spawning and Forking

function that loads and executes a new child process.

Forking: when a process forks, it creates a copy of itself. The original process that calls fork() is the parent process, and the newly created process is the child process. Both processes return from the system call and execute the next instruction.

Fork is the default on Linux (it isn't available on Windows), while Windows and MacOS use spawn by default. When a process is forked the child process inherits all the same variables in the same state as they were in the parent.

interrupt

可屏蔽中断(maskable interrupt): 可通过设定中断屏蔽寄存器EFLAGS中IF标志位关闭的中断 不可屏蔽中断(non-maskable interrupt, NMI): 无法通过设置标志位屏蔽的中断，如电源掉电、时钟中断

Bus

Data bus: Transmits data between the CPU, memory, and peripheral devices. Address bus: Transmits addresses of data and instructions between the CPU and memory. Control bus: Transmits control information (device status) between the CPU and other devices. Some computer designs use two buses: a northbridge and southbridge. - The northbridge, also called the Memory Controller Hub (MCH), connects the CPU to RAM and video memory. - The southbridge, also called the I/O Controller Hub (ICH), connects input/output (I/O) devices, such as disk, keyboard, mouse, CD drive, USB ports, etc. The northbridge is directly connected to the CPU, and is faster than the southbridge. A CPU uses a program counter to keep track of the memory addresses containing the instruction sets it needs to process in sequence. A stack pointer is a component used within memory stack communication processes.

[rainit2006]

security perimeter

The security perimeter is a boundary between items that are within the TCB and items that are outside the TCB.

security kernel

The security kernel is a portion of the operating system’s kernel and enforces the rules outlined in the reference monitor. It is the enforcer of the rules and is invoked each time a subject makes a request to access an object. 安全内核（Security Kernel）是实现引用监控器的TCB组件集合。

Reference monitor（引用监控器）: defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' ability to perform operations. 引用监控器：位于主体和客体之间，用于验证和访问控制。

[rainit2006]

CPU

• ALU （arithmetic logic unit）：performs mathematical functions and logical operations on data.

• General registers： used to hold variables and temporary results as the ALU works through its execution steps.

• Special registers (dedicated registers) ： hold information such as the program counter, stack pointer, and program status word (PSW).

• The program counter register： contains the memory address of the next instruction to be fetched。

• program status word (PSW) holds different condition bits. One of the bits indicates whether the CPU should be working in user mode (also called problem state) or privileged mode (also called kernel or supervisor mode).

[rainit2006]

MITRE and CVE

CVE (Common Vulnerabilities and Exposures)は、 情報セキュリティにおける脆弱性やインシデントについて、それぞれ固有の名前や番号を付与し、 リスト化した事典です。

CVEが登場するまでは、各種製品ベンダーやセキュリティベンダーが、 脆弱性に対して独自に名前を付けていたため、各ベンダーが公表する脆弱性情報はばらばらで、 ある脆弱性情報が同じ問題についてのものなのかどうか、はっきり判別することは困難でした。 さらに、脆弱性のデータベースや対応ツールの相互互換性も、有効性に乏しいことになっていました。

そのような状況を改善するため、 米国政府の支援を受けた非営利団体のMitre Corporation (マイターコーポレーション)が、 1999年に脆弱性を一意に特定できるようCVEを提案・実装しました。 このCVEの登場によって、脆弱性の一つ一つに固有の名前、 およびCVE IDと呼ばれる固有の番号が付与されるようになりました。 その結果、ベンダーをまたいだ脆弱性情報の比較が、容易に行えるようになりました。

[rainit2006]

Proactive defense & Reactive defense

– Proactive ⇒ predict the future ⇒ hard。 Proactive cybersecurity is what you do before an attack. – Reactive ⇒ learn from the past ⇒ easier

[rainit2006]

Diffie-Hellman密码交换

https://www.zhihu.com/question/29383090