4P13 Week 5 Talking Points 1. Security Provided by BSD a self-protecting Trusted Computing Base (TCB) spanning kernel and userspace; kernel isolation.

Slides:

Advertisements

Similar presentations

Operating-System Structures

Advertisements

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.

Access Control Chapter 3 Part 3 Pages 209 to 227.

Chapter 6 Security Kernels.

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.

Operating-System Structures

Access Control Methodologies

Fundamentals of Computer Security Geetika Sharma Fall 2008.

Module 3 Windows Server 2008 Branch Office Scenario.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.

1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.

Sharing Files Richard Newman based on Smith “Elementary Information Security”

C. Edward Chow Presented by Mousa Alhazzazi C. Edward Chow Presented by Mousa Alhazzazi Design Principles for Secure.

Lecture 7 Access Control

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Linux Security.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.

Operating System Security CS460 Cyber Security Spring 2010.

Systems Security & Audit Operating Systems security.

Controlling Files Richard Newman based on Smith “Elementary Information Security”

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Chapter 2: Operating-System Structures. 2.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 2: Operating-System Structures Operating.

4P13 Week 1 Talking Points. Kernel Organization Basic kernel facilities: timer and system-clock handling, descriptor management, and process Management.

Chapter 12 Operating System Security Strategies The 2010 Australian Signals Directorate (ASD) lists the “Top 35 Mitigation Strategies” Over 85% of.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.

ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Linux Security. Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing.

UNIX System Protection. Unix History Developed by Dennis Ritchie and Ken Thompson at AT&T Bell Labs Adapted some ideas from the Multics project in 1969.

Proposal for RBAC Features for SDD James Falkner Sun Microsystems October 11, 2006.

Security, Accounting, and Assurance Mahdi N. Bojnordi 2004

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Wireless and Mobile Security

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

TCS Internal Security. 2 TCS Internal Objective Objective :  Android Platform Security Architecture.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK

Chapter 12 Operating System Security. Possible for a system to be compromised during the installation process before it can install the latest patches.

Vmware 2V0-621D Vmware Exam Questions & Answers VMware Certified Professional 6 Presents

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University

MLS/MCS on SE Linux Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework Uses.

ANDROID ACCESS CONTROL Presented by: Justin Williams Masters of Computer Science Candidate.

SE Linux Implementation Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework.

SY0-401 Exam Dumps CompTIA Security+ Certification Exam

2. OPERATING SYSTEM 2.1 Operating System Function

Chapter 2: System Structures

Introduction to Operating System (OS)

Chapter 2: System Structures

UNIX System Protection

SECURITY IN THE LINUX OPERATING SYSTEM

Chapter 28: User Security

OS Access Control Mauricio Sifontes.

How to Mitigate the Consequences What are the Countermeasures?

Chapter 29: Program Security

Shielding applications from an untrusted cloud with Haven

Chapter 2: Operating-System Structures

PLANNING A SECURE BASELINE INSTALLATION

Operating System Concepts

Designing IIS Security (IIS – Internet Information Service)

Access Control What’s New?

Presentation transcript:

4P13 Week 5 Talking Points 1

Security Provided by BSD a self-protecting Trusted Computing Base (TCB) spanning kernel and userspace; kernel isolation and process separation based on virtual memory; authentication and multiplexing of multiple simultaneous users; discretionary and mandatory access-control models; sandboxing facilities to contain potentially malicious code; a range of mitigation techniques such as stack protection; security-event auditing for accountability and intrusion detection; Yarrow-based /dev/random supporting hardware and software entropy sources; support for Trusted Platform Modules (TPMs); a cryptographic framework supporting hardware and software implementations; support for full-disk encryption and cryptographic integrity protection; distributed authentication models (e.g., Kerberos, x.509 certificates); cryptographically protected network protocols (e.g., ssh, TLS, IPSec); and binary updates to remedy vulnerabilities discovered after release. 2

3

4

5

Explicit Privilege granted to user Processes Kernel management operations that have global consequences across the system, such as rebooting, or configuring IPv4 addresses on a network interface. Kernel management operations that effectively grant kernel privilege, such as the loading of kernel modules. Misuse of these functions would violate integrity of the TCB. System management operations that imply system privileges, such as maintenance of system binaries (including the kernel). Configuring access-control policies and, particularly, setting up process credentials during the login process. Higher-level management operations that depend on bypassing per-object protections, such as backing up the system, or changing the owner or permissions on a file in the role of system administrator. Certain classes of debugging operations that offer insight into global behaviors normally limited to avoid information leaks, such as using DTrace or hardware-performance-monitoring counters on the kernel itself. 6

7

8

9

10

11

12

ACL Evaluation Algorithm 1. The file or directory’s access ACL (type ACL_TYPE_ACCESS) is searched for object-owner, mask, and “other” entries, to be consulted at various points in evaluation. 2. If the credential’s effective UID matches the object-owner ACL entry, then the access request is checked against the entry’s permissions. If sufficient, success is returned. If insufficient, appropriate privilege is checked to supplement the entry’s permissions; if sufficient, success is returned. Otherwise, access is denied and no further entries are consulted. 3. If the credential’s effective UID matches an additional user ACL entry, then the access request is checked against the entry’s permissions—limited to those also granted by the ACL mask entry. If sufficient, success is returned. If insufficient, appropriate privilege is checked to supplement the entry’s permissions; if sufficient, success is returned. Otherwise, access is denied and no further entries are consulted. 4. If either one of the credential’s effective or additional GIDs matches the object-group entry or any of the additional group ACL entries, then the access request is checked against the entry’s permissions—limited to those also granted by the ACL mask entry. If any entry is sufficient, success is returned. 5. If no group entries were sufficient without privilege, then any matching group entries will be retried with appropriate privilege checked to supplement the entry’s permissions; if sufficient, success is returned. Otherwise, if there were any matching groups, access is denied and no further entries are consulted. 6. Finally, the ACL “other” entry will be consulted; if sufficient, success is returned. If insufficient, appropriate privilege is checked to supplement the entry’s permissions; if sufficient, success is returned. Otherwise, access is denied. 13

14

15

16

NFSv4 ACL evaluation 17

18

19

20

21

22

23

24

Framework Startup 1.Framework data structures, locks, and memory allocation are initialized. 2.Policies compiled into the kernel or loaded before boot are registered. 3.The global mac_late is set, indicating that from this point onward, kernel objects controlled by the framework may be allocated. 4.The MAC framework steady state is entered and kernel boot continues. 25

26

27

Policy Entry-Point Considerations Object life-cycle events, such as socket creation and destruction Access-control requests checking a subject’s use of a method on an object General and sometimes subject-free decision requests 28

29

30

31

32

33

34

35