Domain 3 Continued Overview and Security Models: Part 1 - Introduction

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:01
>> Everyone, welcome back to
00:01
the second portion of Domain 3.
00:01
Like I'd said, this is
00:01
still the security architecture and engineering
00:01
domain but I think it just logically
00:01
makes sense to divide it up
00:01
into focusing on cryptography.
00:01
Now we're going to move to talking about
00:01
the piece of actual security architecture.
00:01
In this section, this is not nearly as testable as
00:01
the crypto piece but there are
00:01
some things that we do want to
00:01
make sure we're familiar with.
00:01
First of all, and probably the most testable thing
00:01
here are our security models.
00:01
We'll talk about the role of a security model in
00:01
secure system design because that's always our purpose,
00:01
secure design of a system.
00:01
Our security models are going to
00:01
dictate what architecture we use,
00:01
and the architecture is going to give us the hardware,
00:01
software, and firmware, and
00:01
make sure that those elements work
00:01
together towards our common goal
00:01
of creating a secure system.
00:01
Now some elements of our system architecture,
00:01
out of all of them,
00:01
the most important fall under
00:01
the category of the trusted computing base,
00:01
and you'll see this abbreviated TCB
00:01
and this is a term that's been around for a long time.
00:01
We'll get into what the trusted computing base means.
00:01
Then when we talk of architecture,
00:01
we're going to talk about hardware architecture
00:01
and software architecture.
00:01
When we talk about software,
00:01
we'll look first at operating systems,
00:01
then we'll look at applications.
00:01
Then we'll move into secure modes of
00:01
operations and certification and accreditation.
00:01
Let's go ahead and get started with our security models.
00:01
Just go through a little bit of
00:01
an introduction here again to talk about
00:01
the relationship between our security models
00:01
and our security architecture.
00:01
Then we're going to focus on
00:01
which security models are most
00:01
relevant to us and then certainly
00:01
which ones are going to be on the test most likely.
00:01
The security model is a concept,
00:01
it's a model, it's something to follow.
00:01
A lot of times you'll hear them
00:01
referred to as mathematical models.
00:01
This can be tricky for folks because it's hard to
00:01
conceptualize some of these models
00:01
because you may not have seen them implemented.
00:01
It's one of those things that you're not going to go back
00:01
to the office and Bell-LaPadula system,
00:01
something like that, that security
00:01
model we'll talk about in a moment.
00:01
It really more is for use,
00:01
let's say I'm designing an operating system for
00:01
the US government and maybe it's
00:01
an operating system for
00:01
a firewall that's going to be used to separate
00:01
top secret information from
00:01
secret information to create those two zones.
00:01
Well, there are certain rules
00:01
I need to follow and need to
00:01
build into that system
00:01
in order to provide a secure environment.
00:01
If I'm concerned about confidentiality,
00:01
I use one model.
00:01
If I'm more concerned about integrity,
00:01
I use another model and so on.
00:01
This is the ruleset that I'm going to build my system on
00:01
based on what my ultimate security goals
00:01
are, so it's conceptual.
00:01
Now the system architecture is actually the hardware,
00:01
software, and what we call firmware,
00:01
which is a mix between hardware and software but it's how
00:01
these more tangible elements come together.
00:01
Now the thing is the model is the concept,
00:01
the architecture is the actual build
00:01
or the building material if you will.
00:01
The architecture needs to
00:01
support and enforce the security model.
00:01
That's the relationship between the two.
00:01
Now, we have a lot of
00:01
security models and I'll tell
00:01
you if you read this book or that book,
00:01
one or the other any of the ones that are out there,
00:01
they're going to go through
00:01
a lot more security models than I do.
00:01
However, my experience tells me that there are
00:01
four security models that are most likely
00:01
to be testable and we can't remember everything,
00:01
right, going to save a little room
00:01
in our brain for other things.
00:01
We don't want to overdo it,
00:01
memorize every security model under the planet.
00:01
What I'm going to tell you to focus on,
00:01
wonder why those models are in pink,
00:01
they look almost highlighted, don't they?
00:01
Of course, I'm going to tell you those are
00:01
the ones that we're going to focus on,
00:01
those are the ones most testable.
00:01
Then if you'll look at the list also,
00:01
we have Bell-LaPadula and
00:01
Biba that have double stars by them.
00:01
We can say, those I really better now.
00:01
Then at the bottom,
00:01
I've just listed for
00:01
your reference a few additional models,
00:01
although the state machine model on top,
00:01
just to round out your knowledge,
00:01
but when it comes to choosing where you spend your time,
00:01
Bell-LaPadula and Biba for sure,
00:01
then Clark Wilson and
00:01
Brewer Nash also, just to make sure.
00:01
In this section, we just talked about
00:01
the ideas of a security model and we talked
00:01
about the relationship between
00:01
a security model and the security architecture,
00:01
then I've mentioned at
00:01
a high level what some of the specific models are.
00:01
Now as we move forward,
00:01
we're going to look at these more in depth.
Up Next