Operating Systems Security

Slides:



Advertisements
Similar presentations
Access Control Chapter 3 Part 3 Pages 209 to 227.
Advertisements

Chapter 6 User Protections in OS. csci5233 computer security & integrity (Chap. 6) 2 Outline User-level protections 1.Memory protection 2.Control of access.
CSC 405 Introduction to Computer Security
Network Security Philadelphia UniversitylAhmad Al-Ghoul Module 6 Module 6 Security in Operating Systems  MModified by :Ahmad Al Ghoul  PPhiladelphia.
Memory Management Design & Implementation Segmentation Chapter 4.
CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
Memory Management (II)
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
Memory Organization.
1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.
Chapter 5: Memory Management Dhamdhere: Operating Systems— A Concept-Based Approach Slide No: 1 Copyright ©2005 Memory Management Chapter 5.
95-752:7-1 Operating System Features :7-2 Operating System Features Memory protection Temporary file issues Dead space issues Sandboxing Object.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
SE571 Security in Computing
CH14 – Protection / Security. Basics Potential Violations – Unauthorized release, modification, DoS External vs Internal Security Policy vs Mechanism.
Operating System Chapter 7. Memory Management Lynn Choi School of Electrical Engineering.
Systems Security & Audit Operating Systems security.
Chapter 5 – Designing Trusted Operating Systems  What makes an operating system “secure”? Or “trustworthy?  How are trusted systems designed, and which.
Chapter 5 Network Security
Security in Operating Systems Cuiwei Zhao. Security in Operating System §Security breaches §Security goals §Protected objects of the general purpose operating.
Chapter 4 – Protection in General Purpose Operating Systems  Protection features provided by general-purpose operating systems— protecting memory, files,
Protection in General- Purpose OS Week-3. Our Main Concern In what way do operating systems protect one user’s process from inadvertent or malicious interaction.
Security in Computing Protection in General-Purpose Operating Systems.
By Teacher Asma Aleisa Year 1433 H.   Goals of memory management  To provide a convenient abstraction for programming.  To allocate scarce memory.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 14 October 5, 2004.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 19 October 26, 2004.
Swap Space and Other Memory Management Issues Operating Systems: Internals and Design Principles.
Chapter 5 – Designing Trusted Operating Systems
Memory Management. Why memory management? n Processes need to be loaded in memory to execute n Multiprogramming n The task of subdividing the user area.
Linux-vs-Windows Security
Trusted Operating Systems
Protection & Security Greg Bilodeau CS 5204 October 13, 2009.
Lecture 14 Page 1 CS 111 Summer 2013 Security in Operating Systems: Basics CS 111 Operating Systems Peter Reiher.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 16 October 14, 2004.
1 Memory Management n In most schemes, the kernel occupies some fixed portion of main memory and the rest is shared by multiple processes.
Chap5: Designing Trusted Operating Systems.  What makes an operating system “secure”? Or “trustworthy”?  How are trusted systems designed, and which.
SECURITY IN COMPUTING BY PFLEEGER Operating Systems Security.
1 Security Architecture and Designs  Security Architecture Description and benefits  Definition of Trusted Computing Base (TCB)  System level and Enterprise.
Computer Security: Chapter 5 Operating Systems Security.
6- 1 Last time ● Controls against security flaws in programs ● Various controls applicable to each of the stages in the software development lifecycle.
Access Control Model SAM-5.
Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé
Hardware-rooted Trust for Secure Key Management & Transient Trust
Memory Management.
Segmentation COMP 755.
Security Models and Designing a Trusted Operating System
Chapter 8: Main Memory.
Computer Data Security & Privacy
COMBINED PAGING AND SEGMENTATION
Main Memory Management
General OS Security: Memory Protection and Access Control
Protection in Operating Systems
Memory Management 11/17/2018 A. Berrached:CS4315:UHD.
Memory and Address Protection Covert Channels
Background Program must be brought into memory and placed within a process for it to be run. Input queue – collection of processes on the disk that are.
Computer-System Architecture
Security Modeling Jagdish S. Gangolly School of Business
Operating System Chapter 7. Memory Management
Virtual Memory Overcoming main memory size limitation
Guest Lecture in Acc 661 (Spring 2007) Instructor: Christopher Brown)
Memory management Explain how memory is managed in a typical modern computer system (virtual memory, paging and segmentation should be described.
Contents Memory types & memory hierarchy Virtual memory (VM)
Management From the memory view, we can list four important tasks that the OS is responsible for ; To know the used and unused memory partitions To allocate.
CS703 - Advanced Operating Systems
CS703 - Advanced Operating Systems
Access Control Dr. X Parenthesis: before we dive deeper into crypto, we will explore and old but still valid security principle, access controls.
Presentation transcript:

Operating Systems Security Design Objectives Protection by separation Memory and address protection Access control for general objects Directory Access control lists, matrix Capability File protection mechanisms User authentication, passwords Trusted OS 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Design Objectives Access to resources Controlling unintentional and intentional corruption of data Protection of one user’s computation from interference from other users Memory protection File protection General control of access to objects User authentication 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Protection by separation Physical separation: use of different objects Temporal separation: use of different times Logical separation: limiting program access to domains Cryptographic separation: concealment of data and computations 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Memory and address protection Fence, Fence register Can protect operating system from one user, but not users from each other Relocation (relocation factor) Base/Bounds register (variable fence register/upper address limit register) For instructions code and for data space Tagged architecture: every word of machine memory has extra bits identifying access rights. Only OS instructions can set them. 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Memory and address protection II Segmentation: program divided into segments represented as pair <name, offset>. OS maintains a table of segment names and true addresses in memory. Segments can be non-contiguous, and stored on auxiliary devices. Protection can be checked each time it is referenced. Fragmentation can be a problem Paging: programs divided into equal sized page frames represented as pair <page, offset> Paging and segmentation 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Access control for general objects Objects: memory, files, executing program in memory, directory, hardware device, data structures, table of the OS, instructions, passwords/user authentication mechanism, protection mechanism itself. Goals: Check every access Enforce least privilege Verify acceptable usage 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Directory File directory (problems) (Fig 4-10 and 4-11) Shared objects (list becomes too long) Revocation of access Pseudonyms (two different files with the same name) 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Access control list, matrix One list for each object (Fig 4-12) Access Control Matrix(Table 4-1) 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Capability A ticket giving permission to a subject to have certain type of access to an object Server holds tickets on behalf of users Encrypt capabilities under a key available only to the access control mechanism Domain or name space: each process/procedure operates in a domain 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

File Protection Mechanisms All-or-none protection Group protection Single permissions (password protection for files) 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) User Authentication Passwords Brute force Probable passwords Dictionary Social engineering 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Passwords Password selection criteria Non-alphabetic (mixed) Long Avoid actual names Change regularly Don’t write it down Don’t tell any one One-time passwords 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Designing Trusted Operating Systems An OS is trusted if we have confidence that it provides the four services in a consistent and effective way Memory protection File protection General object access control User authentication 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Trusted vs. Secure Systems Either-or Graded Property of presenter Property of receiver Asserted based on product characteristics Judged based on evidence & analysis Absolute Relative A goal A characteristic 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Security Policies I Military security policy Top secret, Secret, Confidential, Restricted, Un classified Compartment: contains information associated with a project Combination <rank, compartments> is called a class or classification of information A person seeking access to information must be cleared 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Security Policies II Dominance: For subject s and object o, s 0 if and only if rank s  rank o and compartments s  compartments o We say, o dominates s. 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly) Security Policies III A subject can read an object only if: The clearance level of the subject is at least as high as the clearance level of the information The subject has a need to know about all compartments for which the information is classified 10/14/2018 Acc661 Aud of Adv Acctg Systems, Spring 2003 (Gangolly)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.