Operating system Security By Murtaza K. Madraswala
Protection Control access by limiting file types accessed by different users Only authorized processes can operate on memory segments, CPU and other resources
Security Protect information integrity by ensuring authentication of system users Prevent unauthorized access Prevent malicious destruction of data Prevent accidental introduction of inconsistency
Security vs. Protection Security takes into consideration the protection system which is strictly internal, as well as the external environment in which the system operates Security violations can be malicious or accidental
Security (Contd.) Malicious violations Unauthorized reading of data Unauthorized writing of data Unauthorized destruction of data Preventing legitimate system use (Denial of service)
Four levels of security measures Security (Contd.) Four levels of security measures Physical – Physical protection of the computer system Human – Screening of users given access to the computer system Network Operating System – OS must be capable of protecting itself from accidental or intentional security breaches
Operating System Security User authentication Based on User possession (of key or card) User knowledge (user identifier + password) User attribute (fingerprint, retina pattern, signature)
Passwords Biometrics Password vulnerabilities Encrypted passwords One-Time passwords Biometrics
Program Threats A program written by one user and used by another may cause unexpected behavior Trojan horse – This problem is created by the operating system which allows the programs written by one user to be executed by another This is a code segment that can misuse it environment
Program Threats (contd.) Trap door Stack and buffer overflow
System threats Most operating systems allow processes to spawn other processes. This creates situations in which operating system resources and files are misused
System threats (Contd.) Worms Worms are programs that reduce system performance by spawning copies of themselves repeatedly, locking out system use by all other processes. In a network worms may reproduce across systems and bring down the entire network
System threats (Contd.) Viruses A virus is a fragment of code embedded in a legitimate program. It is capable of modifying/destroying files, causing program malfunctions and system crashes.
System threats (Contd.) Denial of Service The focus of this attack is to disable the legitimate use of a system/facility rather than gaining information or stealing resources
Intrusion detection Strives to detect attempted or successful intrusions into a computer system, and initiate a proper response. Two approaches: Signature-based detection – Here system input or traffic is examined for specific behavior patterns Anomaly detection – This approach attempts to detect anomalous behavior within the computer system.
Intrusion detection (Contd.) Signature-based detection attempts to characterize dangerous behavior and detects when such behavior occurs Anomaly detection attempts to characterize normal behaviors and detects when something abnormal occurs
Intrusion detection (Contd.) Auditing and logging In audit-trail processing, security relevant events are logged to an audit trail and matched against attack signatures (signature-based detection) or analyzed for anomalous behavior (anomaly detection)
Intrusion detection (Contd.) System-Call Monitoring Process system calls are monitored to detect instances when a process deviates from the expected system-call behavior Attacks that attempt to take over a process by exploiting the buffer-overflow vulnerability, and execute the attacker’s code rather than the original code can be detected using this technique
References Silberschatz, Galvin & Gagne, Operating System Concepts (6 ed.), John Wiley and Sons R. Summers, Secure Computing – Threats and Safeguards, McGraw-Hill M. Milenkovic, Operating Systems – Concepts and Designs, McGraw-Hill W. Stallings, Operating Systems – Internals and Design Principles, Prentice Hall