|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/ap.belleisle/INFOSEC/ |
Upload File : |
<HTML> <HEAD> <TITLE>INFORMATION SECURITY against Your Threat Profile</TITLE> <META NAME="description" CONTENT="Cerberus Systems, Inc. develops, manufactures and markets Windows� cryptosystems designed to meet or exceed level 1 of FIPS PUB 140-1 with DOD 5220.22-M disk data recovery countermeasures."> <META NAME="keywords" CONTENT="ANSI X9.17, computer security, cryptosystem, data privacy, DOD 5220.22-M, encryption, file wiping, FIPS 140-1, forensic software, INFOSEC, sanitizing, security leaks, secure deletion, security software, triple-DES, zeroizing, Windows�."> </HEAD> <BODY TOPMARGIN="0" LEFTMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#009966" ALINK="#FF0000" VLINK="#009966"> <BASEFONT SIZE=2 FACE="Arial,Helv,Helvetica"> <TABLE ALIGN=LEFT BORDER=0 CELLSPACING=0 CELLBORDER=0 CELLPADDING=12 WIDTH=640> <TR> <!-- LEFT MARGIN STRIP --> <TD BGCOLOR="#336666" ALIGN=CENTER VALIGN=TOP> <FONT SIZE=1> <a href="../default.htm"><IMG SRC="images/web_icon.gif" ALT="CERBERUS HOME ICON" WIDTH=72 HEIGHT=72 BORDER=0 VSPACE=2><br><b><i>CERBERUS</i></b></a> <P><a href="index.htm""><IMG SRC="images/needs.gif" ALT="THE NEED" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="privacy.htm">Vulnerabilities</a> <a href="threats.htm"><FONT COLOR="#00CC99">Threats</FONT></a> <a href="forensic.htm">Countermeasures</a> <P><a href="products/index.htm""><IMG SRC="images/products.gif" ALT="PRODUCTS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="products/docusec.htm">Document Security</a> <P><a href="stds/index.htm"><IMG SRC="images/standard.gif" ALT="STANDARDS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="stds/fip140-1.htm">FIPS PUB 140-1</a><br> <a href="stds/sanitize.htm">DOD 5220.22-M</a><br> <a href="stds/ncsctg25.htm">NCSC TG-25</a> <br> <a href="stds/fip81.htm">FIPS PUB 81</a> <br> <a href="stds/fip180-1.htm">FIPS PUB 180-1</a><br> <a href="stds/d520028.htm">DOD 5200.28-STD</a><br> <P><a href="tutorial/index.htm"><IMG SRC="images/tutorial.gif" ALT="TUTORIALS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="tutorial/winfosec.htm">INFOSEC</a><br> <a href="tutorial/keys.htm">Cryptosystems</a><br> <a href="tutorial/phrases.htm">Passphrases</a><br> <a href="tutorial/leaks.htm">Windows� Leaks</a><br> <a href="tutorial/system.htm">System Settings</a> <P><a href="download/index.htm"><IMG SRC="images/download.gif" ALT="DOWNLOADS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <P><HR WIDTH=84> <P><a href="mailto:[email protected]">QUESTIONS? <br><IMG SRC="images/email2.gif" ALT="E-MAIL" WIDTH=61 HEIGHT=31 BORDER=0></a><br> <P><br><IMG SRC="./images/amex_ok.gif" ALT="AMEX WELCOME" WIDTH=51 HEIGHT=68 BORDER=0> </FONT> </TD> <!-- END LEFT MARGIN STRIP --> <!-- MAIN SECTION --> <TD ALIGN=LEFT VALIGN=TOP> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=500> <TR><TD> <!-- Right-justified Logotype --> <TABLE ALIGN=RIGHT BORDER=0 CELLSPACING=0 CELLPADDING=0> <TR><TD><FONT COLOR="#006633" SIZE=3><B><I>CERBERUS <FONT SIZE=1>SYSTEMS, INC.</FONT></I></B></FONT></TD></TR><TR><TD ALIGN=CENTER><FONT COLOR="#999933" SIZE=1><B><I> <!--forensic software countermeasures--> <!--INFORMATION SECURITY TOOLS--> <!--INFOSEC for Personal Computers--> <!--INFOSEC Products for Windows®--> <!--INFOSEC Tools for PCs & Laptops--> <!--personal information security tools--> Windows®-compatible encryption </I></B></FONT></TD></TR> </TABLE> <!-- End Logotype --> </TD></TR> <TR ALIGN=CENTER><TD WIDTH=490> <!-- Centered Page-Title --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=10> <TR><TD ALIGN=CENTER><FONT COLOR="#CC3300" SIZE=5><B> <!-- Title Text--> INFORMATION SECURITY<BR> <FONT COLOR="#999933" SIZE=4><i><FONT SIZE=2>AGAINST</FONT><BR> YOUR THREAT PROFILE</i> <!-- End Title Text --> </B></FONT></TD></TR> </TABLE> <!-- End Page-Title --> </TD></TR></TABLE> <!-- End Title Bar --> <!-- Content --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=506> <TR><TD><FONT SIZE=2> <P>There is no such thing as absolute security. Information security techniques are designed to counter specific technical attacks. Specific attack measures are defeated (or sometimes only blunted through delay), by specific INFOSEC countermeasures, designed to cost less than the cost-of-compromise of the data to be protected. <P>Which INFOSEC countermeasures you need, and the adequacy or inadequacy of those you have, can <i>only</i> be measured against your particular threat profile. <P>This requires identifying those to whom your data has value; identifying the types of attacks which each potential class of attacker is technically and financially able to mount; and choosing INFOSEC countermeasures adequate to defeat the worst attack measures you can realistically expect them to employ against you. <P><HR SIZE=1 WIDTH=50%> <P>Data that is always stored on a computer (or backup media) that never leaves your physical security perimeter does not need encryption. However, you must define exactly what that physical security perimeter is. The most secure facility offers no protection from untrustworthy co-workers or visitors who are inside it with you. <P>If you keep your data on an always-physically-secured system, but need to communicate some of it through unsecured communications channels, you need COMmunications SECurity. This requires the ability to create strongly-encrypted copies for transmission, such as with high-grade e-mail encryption software. <P>If you must <i>store</i> sensitive data on a PC or laptop that is not <i>always</i> physically secured, you have to encrypt it. However, you must also protect it against attacks using forensic data recovery techniques. Such attacks attempt to read <i>deleted</i> (or inadequately overwritten) magnetically stored data on your disk either <BLOCKQUOTE> (1) through its drive controller connector, using PC-hosted software; <BR>(2) through its drive heads, bypassing the disk's controller circuits; or <BR>(3) directly on each disk platter's recording surface in a clean-room. </BLOCKQUOTE> <P>Class 1 attacks can be mounted directly with forensic software, hosted on your PC or on the attackers' PC. These software-based attack measures can be countered with software-based countermeasures; viz., any kind of disk data overwriting (such as <i>Clearing</i> per DOD 5220.22-M) that is applied to <i>all</i> sensitive plaintext on the disk. <P>Class 2 attacks use special amplifiers and signal processing to extract previously recorded data from under subsequent overwrites. They rely on increased capabilities over the disk's on-board electronics. <i>Sanitizing</i> per DOD 5220.22-M was designed to counter such attacks by increasing the noise-to-signal ratio beyond their capabilities. <P>Many (but not all) INFOSEC people believe that the increased signal-processing sophistication of the on-board controllers required to even read the last-written data has kept <i>Sanitizing</i> ahead in this particular measure/countermeasure race. However, most question the adequacy of <i>Sanitizing</i> in protecting older, lower-density disks (especially diskettes) against the most modern and sophisticated Class 2 attacks. <P>Class 3 attacks (such as with <i>magnetic force microscopy</i>), are generally considered able to penetrate any software countermeasures, including <i>any</i> kind of overwriting. They are very costly techniques to use to recover the complete image-as-it-used-to-be of an overwritten multi-gigabyte disk, as opposed to a few specifically targeted bytes. <BLOCKQUOTE><FONT COLOR="#006633" SIZE=1> "Magnetic Media Microscopy (MMM) is used in cases where data has been overwritten. MMM is a lengthy process that involves examining each bit of data at a magnetic level to determine that bit's previous state. Recovering just a floppy disk using this technology can take days or weeks. MMM is rarely used because of the cost factor." - <a href="http://www.savemyfiles.com"><u>ESS Data Recovery</u></a> </FONT></BLOCKQUOTE> <P>Nevertheless, any data of sufficient value to intelligence services or comparably funded adversaries should not have its confidentiality rely upon overwriting countermeasures. <P><HR SIZE=1 WIDTH=50%> <P>The value of your data to the kinds of attackers who can use each class of techniques will determine whether you must counter that class. This is the basis for requiring defense contractors to use Clearing or Sanitizing per DOD 5220.22-M (for re-use or for disposal, respectively) of media containing data classified as Confidential or Secret, while requiring NSA-approved degaussing and destruction for Top Secret media. <P>An unclassifed 1991 Navy microcomputer INFOSEC risk analysis survey postulated the nominal, per-incident, costs-of-compromise for Privacy Act data or Confidential data as $10,000; for Secret data as $100,000; and for generic Top Secret (TS) data as $1,000,000. Presumably, the remainder of the hierarchy's list of value categories (TS/SIOP, TS/SCI and TS/National Cryptologic) each added another zero to the cost. <P>These planning numbers would obviously be larger in today's dollars, but they offer a relative scale that may provide some perspective to help you associate classes of attack measures with the values placed on <i>your</i> data - by you and by your adversaries. <P>Class 1 attacks (and many Class 2 attacks, on modern high-density disks) can be defeated by <FONT COLOR="#999933"><b><i>encryption software with forensic software countermeasures</i></b></FONT> <a href="forensic.htm"><IMG SRC="images/web_next.gif" BORDER=0></a> </FONT></TD></TR> </TABLE> <!-- End Content ---> <!-- Standard Footer ---> <CENTER> <P><BR> <FONT SIZE=2 COLOR="#006633"><B><i> Cerberus Systems, Inc. develops, manufactures and markets<BR> software cryptosystems designed to level 1 of FIPS PUB 140-1<BR> with DOD 5220.22-M disk data recovery countermeasures. </i></B></FONT> <P><HR SIZE=1> <FONT SIZE=1 COLOR="#CC3300"> The Cerberus logo and the <i>...Security Manager</i> product names are trademarks of Cerberus Systems, Inc.<BR> © Copyright 1997-99, all rights reserved. </FONT> <HR SIZE=1> </CENTER> <!--- End Standard Footer ---> </TD> <!-- END MAIN SECTION --> <!-- PADDING CELL --> <TD> <!-- right margin = 2 x cellpadding --> </TD> <!-- END PADDING CELL --> </TR> </TABLE> </BODY> </HTML>