Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Slides:



Advertisements
Similar presentations
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Advertisements

Internet of Things Security Architecture
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
VM: Chapter 5 Guiding Principles for Software Security.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.
Student Name: Group.  Developed by Microsoft  Alliance with Nokia in 2011  4 main functions:  Outlook Mobile  Windows Media Player for Windows Mobile.
Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.
ANDROID™ OS Security A brief synopsis of the Android Operating System and its security. By Daniel Angelis.
Applied Cryptography for Network Security
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Sujeeth Narayan1 Smartphones Security CS 691 Sujeeth Narayan.
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.
Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.
Presentation By Deepak Katta
OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
IC3 Chapter 8 Computer Fundamentals
Data Security.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
1.1 System Performance Security Module 1 Version 5.
Week #7 Objectives: Secure Windows 7 Desktop
CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.
Troubleshooting Windows Vista Security Chapter 4.
© 2009 Research In Motion Limited Advanced Java Application Development for the BlackBerry Smartphone Trainer name Date.
The Protection of Information in Computer Systems Part I. Basic Principles of Information Protection Jerome Saltzer & Michael Schroeder Presented by Bert.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.
Chapter 2 Securing Network Server and User Workstations.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security fundamentals Topic 2 Establishing and maintaining baseline security.
Security Vulnerabilities in A Virtual Environment
Wireless and Mobile Security
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Fall 2008CS 334: Computer SecuritySlide #1 Design Principles Thanks to Matt Bishop.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
Operating Systems Morrison / WellsCLB: A Comp Guide to IC 3 3E 1 Morrison / Wells.
Ms. Tracy  Identify the purpose of an operating system.  Identify different operating systems.  Describe computer user interaction with multiple.
1 Lesson 8 Operating Systems Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,
June 1, 2004© Matt Bishop [Changed by Hamid R. Shahriari] Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Slide #13-1 Design Principles CS461/ECE422 Computer Security I Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Android and IOS Permissions Why are they here and what do they want from me?
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
CS457 Introduction to Information Security Systems
Security+ All-In-One Edition Chapter 1 – General Security Concepts
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Configuring Windows Firewall with Advanced Security
Secure Software Confidentiality Integrity Data Security Authentication
Introduction to Computers
Security in Networking
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
How to Mitigate the Consequences What are the Countermeasures?
Securing Windows 7 Lesson 10.
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Design Principles Thanks to Matt Bishop 2006 CS 395: Computer Security.
Presentation transcript:

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security

Outline Introduction about Symbain OS. Vulnerability in Mobile OS. Symbian OS security features. Symbian OS and Principles of Secure Design. References.

Introduction to the Symbian OS It is a mobile OS. Open-design OS. 1# in most smartphone sales. Symbian OS is the leading OS in the "smart mobile device" market e.g. Fujitsu, Huawei, LG Electronics Nokia, Samsung Electronics, Sharp and Sony Ericsson

Vulnerability in Mobile OS Become more attractive targets of various malware. – Some of them are allowing access to previously locked system files – Changing how the operating system works. – Worm program. – Hide applications. – … etc. More advanced, more opportunities to be attacked. – Bluejacking.

Vulnerability in Mobile OS, Cont. User mistakes.  User may become the reason for the vulnerability! e.g. deleting critical information. Technical failure  System does not work properly e.g. data corruption.

Symbian security features, Security in Symbian OS categorized in: – Device security mechanisms: Where it concerns the protection of the device itself. – Application security: First lines of attack and for some apps it grants them access to major files. – Communications security: Since it is a mobile device, different kinds of connectivity issues might be involved. – Platform security: An architecture which provides more lines of defending against malicious and bad intended programs. – Content security: It forces protecting the content of the information. Details in next slides,,

Device security mechanisms:  Device protection: Symbian devices are not well protected against physical attack. Some users may take advantage of the device locked feature.  Device authentication: Some apps need to identify the devices e.g. IMEI number.  User authentication: Users needs to authenticate themselves e.g. PIN code.  Mobile hardware: The point of the focus here is the device integrity e.g. removing the memory card unintentionally Symbian security features

Symbian security features, Cont. Application security: Applications grant access for example network, devices interface, messaging framework. Of course the user always has the option to cancel the installation. But it is going to cause a serious problem if it falls in the wrong hands. To prevent that, applications need to identify themselves by Secure Identifier SID or Vendor Identifier VID “Symbian Signed”.

Symbian security features, Cont. Communications security: Symbian devices usually have various connection methods that cause large number of attacks To prevent this, using strong authentication methods is recommended, e.g. using The Internet protocol version 6 (IPv6) instead of using Internet protocol version 4 (IPv4). Local connectivities e.g. Bluetooth and IrDA has fewer issues because of its short range.

Symbian security features, Cont. platform security  Capabilities : Symbian OS controls access to the capabilities by device configuration and the signature of the application. user capabilities : it grants access to local services e.g. Bluetooth or USB connections. system capabilities: it grants access to software events e.g. read key pressing or sending message to an application. restricted capabilities: it grants access to file system administration operations e.g. formating a drive device manufacturer capabilities: it grants WRITE access to write on TCB which allows to write on \sys or \resource directory. This This capability is from manufacturer- approved category that applications need to have a permission from device manufacturer.

Symbian security features, Cont. Platform Security, Cont.: – Digital Sign: All Symbian applications must be signed before they can be installed – Data Caging: It means that the applications and the users have access only to certain areas of the file system.

Symbian security features, Cont. Content Security: Information content security can be done by protecting its confidentiality, integrity, and availability. – Confidentiality: Defines the privacy level of the information. There may be different levels of confidentiality, which are defined by the author and the policies of the system. –Integrity: Classifies information according to its importance to operations. At the highest level of integrity, the information s hould remain valid at all times. –Availability: Information must be accessible without interruption for operational reasons.

Symbian OS and Principles of Secure Design Least Privilege Fail Safe Defaults Economy of Mechanism Complete Mediation Defense in depth Open Design Separation of Privilege Least Common Mechanism Psychological Acceptability

Refreneses ID-AB3D07E6-83C A13F-75A65498F444.html#GUID- AB3D07E6-83C A13F-75A65498F444 symbianresources.com/tutorials/general/security/PlatformSecurity.pdf OSOverview.pdf Server_Framework_%28Fundamentals_of_Symbian_C%2B%2B%2 9#Overview J:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.