security/basics/pres_concept.tex


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123

\input{configpres}

% ----------------------------
\title{Security}
\maketitle

% ----------------------------
\begin{frame}
\frametitle{Overview}
\tableofcontents
\end{frame}

% ----------------------------
\subsection{Terminology}

\begin{frame}
\frametitle{Safety / Security}
Separate Issues
\begin{itemize}
\item Safety: Betriebssicherheit
\item Security: Datensicherheit / Sicherung
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}
\frametitle{Safety vs. Security?}
After Delivery
\begin{itemize}
\item Safety: No Changes allowed
\item Security: Continuous Service required (pro-active)
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}
\frametitle{Safety and Security}
Safe and Secure (Realtime) Systems?
\begin{itemize}
\item Combined Systems
\item Virtual Concept
\item Realtime in VM?
\end{itemize}
\end{frame}

% ----------------------------
\subsection{Problem Statement}

\begin{frame}
\frametitle{Why is System Security important?}
\begin{itemize}
\item Communication
\item Worldwide connected
\item Interfaces:
\begin{itemize}
\item Data Retrieval
\item Management
\item Maintenance
\end{itemize}
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}
\frametitle{Protection}
How to protect:
\begin{itemize}
\item (Production-)Data
\item Functionality
\item Integrity
\item Communication Content
\item Communication Authenticity
\end{itemize}
\end{frame}

% ----------------------------
\subsection{Design Concepts}

\begin{frame}
\frametitle{Access Control}
\begin{itemize}
\item Least-required Privilege
\item Role-based Access to Data
\item Role-based Access to Functionality
\item Role-based Access to Resources
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}
\frametitle{Communication}
\begin{itemize}
\item Reduce Communication
\item Secure affected Channels
\item Authenticate where needed
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}
\frametitle{System Design}
\begin{itemize}
\item Security Aspects first!
\item Clear and Simple Design
\item Workflows for Update and Maintenance
\end{itemize}
\end{frame}

% ----------------------------
\subsection{Conclusion}

\begin{frame}
\frametitle{Conclusion}
\begin{itemize}
\item KISS - Keep it small and \textbf{simple}
\item ''A chain is only as strong as its weakest link''
\item Security is NOT a one-time effort
\end{itemize}
\end{frame}

% ----------------------------
\subsection{}
\input{tailpres}