ISC(2) CISSP Revision Notes – Security Architectural Design

security-architecture-and-design

Building it safely and being aware of those things that can threaten things.

In NO way should these notes be used as your sole source of study for the CISSP exam.  These notes lack things completely that could be included on your exam.  I in no way provide any guarantee or assurance that these notes are correct or satisfactory for your learning.  For further information see my CISSP Study and Exam Tips.

ISC(2) CISSP Revision Notes – Study and Exam Tips
ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP
ISC(2) CISSP Revision Notes – Access Control
ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning
ISC(2) CISSP Revision Notes – Cryptography
ISC(2) CISSP Revision Notes – Information Security Governance and Risk Management
ISC(2) CISSP Revision Notes – Legal, Regulatory, Investigations and Compliance
ISC(2) CISSP Revision Notes – Operations Security
ISC(2) CISSP Revision Notes – Security Architectural Design (You are here)
ISC(2) CISSP Revision Notes – Software Development Security
ISC(2) CISSP Revision Notes – Telecommunications and Network Security

Architecture

Hardware

  • CPU
  • Arithmetic Logic Unit (ALU): + – * / etc
  • Bus Interface Unit (BIU): Supervision over bus
  • Control Unit: Coordinates CPU components
  • Decode Unit: Individual commands
  • Floating-Point Unit: Calculates floats
  • Memory Management Unit (MMU):
  • Pre-fetch Unit:
  • Protection Test Unit (CPV):

Software

  • Operating System Components
  • Kernel: Allows processes, control of hardware, comms
  • Device Drivers: Software to control internal and external devices
  • Tools: 3rd Party Software

Operating Systems Functions

  • Process Management: Multiple independent processes
  • Resource Management
  • IO Device Management
  • Memory Management
  • File Management
  • Communication Management

Virtualisation: Hypervisor and Guests

Security Architecture

Trusted Computing Base (TCB)

  • Total combination of protection within a system including software, hardware and firmware
  • Access control
  • Reference Monitor: Enforces AC on an object
  • Security Kernel: Encompassing the above
  • Open vs Closed Systems: Opensource vs proprietary

Protection Rings: “Onion” with privileged center, eg MIT MULTICS

Security Modes

  • How a system handles stored information
  • Dedication: Users must have a clearance level appropriate to the highest level of the system (need to know)
  • System High: (As Dedicated) doesn’t “need to know”
  • Multilevel: Different levels on TCB, appropriate clearance level
  • Limited Access: Highest confidentiality is SBU

Recovery Procedures

  • Fault Tolerant: Must continue to operate after a fault and detect and correct from a fault
  • Fail-safe Systems: When fault is detected execution is terminated
  • Fail-soft (Resilient) Systems: Degrades performance after fault
  • Failover System: Clustered approach

Vulnerabilities in Security Architectures

  • Covert Channels: Unknown comms within system
  • Rootkits: Difficult to detect
  • Race Conditions: Thrashing over a resource
  • State Attacks: Prevent session hijacking
  • Emanations: Electromagnetic or acoustic energy checking

Security Countermeasures

Defense in Depth: eg firewalls, hardened OS, etc

System Hardening: Remote unneccesary components, accounts, ports, password policies, etc

Heterogeneous: Multiple OS won’t share same vulnerabilities, vs ease of admin

System Resilience

Filter Malicious Inputs: Reject inputs which may be an attack, think WAF, SQL Views

Redundant Components: eg RAID

Security Countermeasures: Reveal as little about the system as possible, least privilege for processes, disable services, strong authentication

Security Models

Confidentiality: Access and authorisation, vulnerability management, sound design

Integrity: Access and authorization, input control and output control

Availability: Resilient hardware/software. Sound configuration and change management

Access Control

Bell-LaPadula: Confidentiality

Bib & Clark-Wilson: Integrity

Evaluation Criteria

Trusted Computer System Evaluation Criteria (TCSEC)

  • Measurement (assessing levels of trust)
  • Acquisition (Standard for Acquisition Requirements)
  • DEC, MAC, Labels, etc
  • Assurance: Architecture, integrity, covert channels, trusted recovery, security testing, configuration management
  • Accountability: Identification and authentication, trusted path, audit
  • Documentation: User guide, admin guide, test docs, etc

Trusted Network Interpretation (TNI)

  • TN1: Configuration and integrity
  • TN2: Additional services such as comms and networks

European Info Tech Security Evaluation Criteria (ITSEC)

  • Addresses CIA, as well as functionality and assurance

Common Criteria & EAL

TCSEC ITSEC Functional ITSEC Evaluation CC
D E0 EAL1 & EAL0 DAC
C1 F-C1 E1 EAL2 DAC
C2 F-C2 E2 EAL3 MAC
B1 F-B1 E3 EAL4 MAC
B2 F-B2 E4 EAL5 MAC
B3 F-B3 E5 EAL6 MAC
A1 F-B3 E6 EAL7 MAC
Beyond A1 F-IN
F-AV
F-DI
F-DC
F-DX

System Certification & Accreditation

Formal methodology for comprehensive testing on documentation

Accreditation is an official written approval, must be updated when changes are made

Defense Information Technology Security Certification & Accreditation Process (DITSCAP)

  • Used by military and government bodies
  • Definition: Organisations systems, mission, environment and architecture
  • Verification: Base-line security requirements
  • Post-accreditation: Ongoing to maintain creditation

National Information Assurance Certification & Accreditation Process (NIACAP)

  • US national security
  • Site Accreditation: specific location
  • Type Accreditation: Specific App or system at multiple locations
  • System Accreditation: Specific App at specific location
In NO way should these notes be used as your sole source of study for the CISSP exam.  These notes lack things completely that could be included on your exam.  I in no way provide any guarantee or assurance that these notes are correct or satisfactory for your learning.  For further information see my CISSP Study and Exam Tips.

Trackbacks for this post

  1. ISC(2) CISSP Revision Notes – Operations Security | Gyp the Cat dot Com
  2. ISC(2) CISSP Revision Notes – Study and Exam Tips | Gyp the Cat dot Com

Got something to say? Go for it!