Software Security II Karl Lieberherr. What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit.

Slides:

Advertisements

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu

Advertisements

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Operating System Security

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

VM: Chapter 5 Guiding Principles for Software Security.

Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.

1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.

Usable Security (Part 1 – Oct. 30/07) Dr. Kirstie Hawkey Content primarily from Teaching Usable Privacy and Security: A guide for instructors (

1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.

CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.

ANDROID™ OS Security A brief synopsis of the Android Operating System and its security. By Daniel Angelis.

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

Introduction to the new mainframe: Large-Scale Commercial Computing © Copyright IBM Corp., All rights reserved. Chapter 4: Integrity and security.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

1 cs691 chow C. Edward Chow Design Principles for Secure Mechanisms CS591 – Chapter 5.4 Trusted OS Design CS691 – Chapter 13 of Matt Bishop.

Chapter 14: Protection.

C. Edward Chow Presented by Mousa Alhazzazi C. Edward Chow Presented by Mousa Alhazzazi Design Principles for Secure.

Copyright ©2014 Pearson Education, Inc. Chapter 3 Requirements and Business Rules Chapter3.1.

Software Architecture for DSD The “Uses” Relation.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Chapter 6: Integrity and Security Thomas Nikl 19 October, 2004 CS157B.

Web Applications Security Seminar David Evans University of Virginia 28 August 2007.

Lecture 18 Page 1 CS 111 Online Access Control Security could be easy – If we didn’t want anyone to get access to anything The trick is giving access to.

Presented by Amlan B Dey.  Access control is the traditional center of gravity of computer security.  It is where security engineering meets computer.

CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.

Security and Trust By Troy Lee. Overview Security Design Principles Architectural Access Control Access Control Models Connector-centric Architectural.

The Protection of Information in Computer Systems Part I. Basic Principles of Information Protection Jerome Saltzer & Michael Schroeder Presented by Bert.

Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.

CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+

Security Architecture and Design Chapter 4 Part 3 Pages 357 to 377.

Software Security and Security Engineering (Part 2)

Chapter 5 Network Security

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Software Security II Karl Lieberherr. What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit.

IIS and.Net security -Vasudha Bhat. What is IIS? Why do we need IIS? Internet Information Services (IIS) is a Web server, its primary job is to accept.

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

Trusted Operating Systems

Chapter 3 Requirements and Business Rules Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter3.1.

Privilege Management Chapter 22.

Design Principles and Common Security Related Programming Problems

Fall 2008CS 334: Computer SecuritySlide #1 Design Principles Thanks to Matt Bishop.

June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.

The Protection of Information in Computer Systems Jerome H. Saltzer and Michael D. Schroeder Presented by Derek Davis and Michael Deighan.

6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.

1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,

June 1, 2004© Matt Bishop [Changed by Hamid R. Shahriari] Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.

Slide #13-1 Design Principles CS461/ECE422 Computer Security I Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and.

1 Saltzer [1974] and later Saltzer and Schroeder [1975] list the following principles of the design of secure protection systems, which are still valid:

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

Security Principles.

1 Design Principles CS461 / ECE422 Spring Overview Simplicity  Less to go wrong  Fewer possible inconsistencies  Easy to understand Restriction.

Lecture 2 Page 1 CS 236 Online Security Policies Security policies describe how a secure system should behave Policy says what should happen, not how you.

Security+ All-In-One Edition Chapter 1 – General Security Concepts

Software Security II Karl Lieberherr.

Chapter 1: Introduction

Chapter 14: Protection.

How to Mitigate the Consequences What are the Countermeasures?

Access Control What’s New?

Design Principles Thanks to Matt Bishop 2006 CS 395: Computer Security.

Presentation transcript:

Software Security II Karl Lieberherr

What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit. Better to use explicit policy.

Security Goals Authentication –Who is it that is trying to do something to the what we want to protect. –URL authentication: is yourFriendlyBank.com really a friendly bank?

Security Criteria SALTZER, J. H., AND SCHROEDER, M. D. The protection of information in computer systems. Proceedings of the IEEE 63, 9 (Sept. 1975),

Security Criteria derived from Saltzer/Schroeder Economy of mechanism Designs which are smaller and simpler are easier to inspect and trust. Fail-safe defaults By default, access should be denied unless it is explicitly granted. Complete mediation Every access to every object should be checked. Least privilege Every program should operate with the minimum set of privileges necessary to do its job. This prevents accidental mistakes becoming security problems.

Security Criteria derived from Saltzer/Schroeder Least common mechanism Anything which is shared among different programs can be a path for communication and a potential security hole, so as little data as possible should be shared. (LoD) Accountability The system should be able to accurately record ``who'' is responsible for using a particular privilege. Psychological acceptability The system should not place an undue burden on its users.

Security criteria Performance We must consider how our designs constrain system performance. Security checks which must be performed at run-time will have performance costs. Compatibility We must consider the number and depth of changes necessary to integrate the security system with the existing Java virtual machine and standard libraries. Some changes may be impractical. Remote calls If the security system can be extended cleanly to remote method invocation, that would be a benefit for building secure, distributed systems.

Extra slides

Java Security at IBM Research (Larry Koved: manager) Automating Security Analysis of Java Components and Programs –Invocation graphs

LoD and Security Can execute software only if secret is known. Secret consists of set of keys, one per class. What is security policy? Each object only gets keys of its authenticated friends (who share the same concerns???). What are the benefits of such a security policy? Compartmentalize?

LoD and security