Computer Operation Security
I suppose the name of
Certified Systems Security Professional is familiar to
everybody. CISSP examination was initially created to certify
professionals in security subject area. The exam is recognized all
over the world as the most prestigious one in this area. And not
without reason do people consider so. The thing is the CISSP
examination opens all the doors in future for its owners, because
companies today are badly in need of security professionals that are
able to cope with the increasing streams of virtual attacks. The
CISSP exam contains of 10 security domains that cover all crucial
points of security. These 10 domains are the following:
• Access Control & Methodology
• Applications & Systems Development
• Business Continuity & Disaster Recovery Planning
• Cryptography
• Law, Investigation & Ethics
• Operations Security
• Physical Security
• Security Architecture & Models
• Security Management Practices
• Telecommunications & Network Security
As we see, one of the domains is named
Operations Security that is of interest to discuss. Operation
security, commonly known as OPSEC, means the process necessary to
verify some important information with the aim to detect if
adversary systems can observe friendly actions. Then it detects if
the acquired data can result useful for adversaries and finally it
finds ways to reduce or prevent information from intrusion. In other
words, operations security means seeing activities and operations
carried out by the system from the point of view of an adversary and
developing countermeasures. All the process is performed in several
steps. The first is dedicated to detecting of important information,
which means identifying what data may be of adversary’s interest. It
is necessary for maximum protection of this information without
wasting efforts on all other information. The next two steps include
analyzing of threats and vulnerabilities that consist of examining
of possible adversaries and all operation aspects. As far as
possible adversaries are concerned, they can be divided into three
categories – active, passive and inadvertent. Keep in mind that the
most dangerous one is an active adversary, because it is your main
competitor. Passive adversary is someone who acts as a bridge
between you and an active adversary. He passes your data to a rival.
And the last category is an inadvertent who has accidently become a
source of information. Talking about vulnerabilities, it is worth
mentioning two types of vulnerabilities - direct and indirect. This
stage means thorough studying of every aspect of your system,
information, adversary, etc. In other words, our task is to
determine dimensions of the problem and its threat level for our
system. Well, let’s go on with the next steps in operation security
process. It is risk assessment. On the basis of analyzing made
before, we can make certain conclusions about system vulnerability
and the level of threats that make up risk probability. And, in the
end, we apply certain
OPSEC measures on the basis of all previous steps. They are
commonly known as countermeasures. It is a solution to the threat
the company faces, which is aimed at reducing risks to the lowest
level possible. The result may be obtained in different ways, for
example, thanks to vulnerabilities' elimination or making your
critical data impossible for an adversary to interpret it correctly.
It is also preferable to protect the crucial information from
several different aspects so that to provide the maximum security
protection.
This process is essential for operation security, otherwise a good
level of protection will not be provided.
Computer Operations Security domain involves the following
categories:
Operations personnel
Configuration management
Media access protection
System recovery
Facsimile security
Vulnerability and penetration testing
Attack types
Operations personnel are employees who are responsible for
performing an operational assurance or life cycle assurance
assessment. They are meant to verify whether a product structure,
its functions and features can cope with the problem without give and
take of security protection.
Configuration management concentrates on providing steadiness of a
product or a system. It carries out control of all changes.
System recovery is another vital stage in security protection
that is based on saving of critical data even in case the whole
system is out of order.
As we live, work and interact in a competitive world, the operation
security process may be used in a great number of situations. It can
be used by every agency and institution from the smallest one to a
military or governmental one. If you have some information that may
be exploited, you are under the threat.