CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th

Units of Protection  Memory  I/O devices  Programs  Data

Levels of Protection  None  Isolation –No sharing of processes or resources  Share all or nothing –Public or private  Limit access : permissions  Limit users  Dynamic sharing

Protection Schemes  Control access to entities  Decryption –Protects data and memory  Access tokens –Protects devices and network nodes  General techniques –Authentication –Authorization

Authentication  Verifying that user is truly user  Types: –Physical : Check IP address of machine –User : User id and password –Process : Thread is associated with proper user process

Physical Authentication  Checks IP address of machine  How secure? –Same technique used by web sites –IP addresses can be changed  Requires knowledge  Change too much, won’t match protocol details

User Authentication  Key is password  How secure? –Password must be complex enough  Easy to guess if all lowercase  Mix of letters, digits, and special characters –Store encrypted  Hacker could read text file  Encryption code stored separately

Process Authentication  Most secure  Uses process status register –Changed with each context switch –Hacker program would cause context switch  Best hacker could do would be to deactivate this scheme

Firewalls  Protects  Allows mail only from trusted sources  Separates attachments to isolated areas

Web Traffic Security  Secure Sockets Layer –Included in https secure protocol  Authentication server –Uses credentials of user to create unique ticket and session key –Ticket encrypted using session key  Secure cookie encryption –Return to previous web site –Prevents reroutes

Software Authentication  Verify that software is authentic and can be trusted  Trusted source for downloaded software  Digital signature to ensure unaltered

Authorization schemes   Limit access to only approved users, processes, or procedures   Schemes: – –Permissions : mostly associated with users or groups – –Memory keys : protects data areas

Permissions  UNIX has simple file protection mask  Windows uses permission groups  These protect files and directories

Permission Policy Commands  Transfer  Grant  Delete  Copy access  Give access level  Remove access

Memory Keys  Used to protect specific data areas  Memory key is binary bit pattern attached to data location  Only process with same memory key can access

Security Access Matrix  Most operating systems combine security techniques  Combination is called “access matrix”  Trick is finding most security with least cost and least impact to efficiency

Ring Architecture  Concentric domains where innermost is most secure and outer is least  Files are placed in appropriate ring  Access to an inner ring is granted only through a monitored entry point –Entry requires appropriate authorization –Only one entry at a time; prevents piggybacking

Collapsed Access Matrix  Collection of access control data  Access Control List is column-based –List of all entities’ access to particular protected object  Capacity is row-based –List of all permissions of a particular entity

Encryption  Convert clear data to ciphered data and back again  Encrypt() and decrypt()  Types: –Private key : share encryption between trusted sources –Public key : support multiple interaction types

Private Key Encryption  Symmetric : same key used to encrypt and decrypt  Data Encryption Standard –Complex series of substitutions and permutations on smaller blocks –Pattern changes daily

Public Key Encryption  Two-part data encryption –Uses a public one that is available to anyone wishing to interact with data location –Data encrypted with private one –Decrypt function sent to requestor if passes authorization