Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.
Operating System Security
Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Chapter 6 Security Kernels.
Lecture 1: Overview modified from slides of Lawrie Brown.
Database Management System
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
1 An Overview of Computer Security computer security.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
Figure 1.1 Interaction between applications and the operating system.
Applied Cryptography for Network Security
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Towards Application Security On Untrusted OS
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Presented by, Sai Charan Obuladinne MYSEA Technology Demonstration.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Ajmer Singh PGT(IP) Software Concepts. Ajmer Singh PGT(IP) Operating System It is a program which acts as an interface between a user and hardware.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
© G. Dhillon, IS Department Virginia Commonwealth University Principles of IS Security Formal Models.
G53SEC 1 Reference Monitors Enforcement of Access Control.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
CSC8320. Outline Content from the book Recent Work Future Work.
Security Architecture and Design Chapter 4 Part 3 Pages 357 to 377.
Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
CE Operating Systems Lecture 3 Overview of OS functions and structure.
G53SEC 1 Access Control principals, objects and their operations.
Secure Operating System. Mandatory Protection Systems Problem of discretionary access control: untrusted processes can modify protection states Mandatory.
Chapter 7 Securing Commercial Operating Systems. Chapter Overview Retrofitting Security into a Commercial OS History of Retrofitting Commercial OS's Commercial.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
G53SEC 1 Reference Monitors Enforcement of Access Control.
(a) What is the output generated by this program? In fact the output is not uniquely defined, i.e., it is not always the same. So please give three examples.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
UNIX System Protection. Unix History Developed by Dennis Ritchie and Ken Thompson at AT&T Bell Labs Adapted some ideas from the Multics project in 1969.
C o n f i d e n t i a l 1 Course: BCA Semester: III Subject Code : BC 0042 Subject Name: Operating Systems Unit number : 1 Unit Title: Overview of Operating.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Chapter 3 Operating System Organization
Operating Systems Security
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
Design Principles and Common Security Related Programming Problems
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 5: Security Architecture and Models.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Chapter 1: Introduction
UNIX System Protection
Chapter 27 Security Engineering
How to Mitigate the Consequences What are the Countermeasures?
Security in SDR & cognitive radio
Cryptography and Network Security
Presentation transcript:

Chapter 1 Introduction

Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure Operating System Threats to a Secure Operating System Define the problem (roughly)

What is an Operating System? Provides/controls access to the various hardware resources in the system. Runs and administers processes. Tasks:  Mechanisms that enable high performance (efficient use) of computer systems.  Fair process administration.  Control access to resources to provide security.

Figure of an Operating System

Why is security an issue? Processes share data and interact in other ways: – The output of one process is often used by other processes. – Processes can share information, often across computers or networks. – Sometimes the shared information is bad- intentioned and wants to share other information which should not be shared. The challenge is to develop operating systems which can share information without allowing this behavior.

The state of Security in Operating Systems Formal security models and mechanisms have been defined, but they do not completely apply to practical systems. Two kinds of operating systems: – Constrained, very secure systems – General purpose systems with a low level of security assurance. Recent advances are improving both kinds of operating systems.

What is a Secure Operating System? A Secure Operating System provides security mechanisms that ensure that the system's security goals are enforced despite the threats faced by the system. It is an ideal, because it is impossible to write a bug-free program. It is an oxymoron in the sense that an OS is too complicated to be secure.

Security Goals Define the operations that can be executed by a system while still preventing unauthorized operations. Should be defined at a high abstraction level. Should be implementable and demonstrable.

Basic Concepts in Information Security Confidentiality: Keeping data from being given to forbidden parties. Integrity: Keeping data from being modified except by authorized parties Availability: Making it possible for data to be accessed by those who are supposed to access it.

Basic Parties and concepts in Operating Systems Security Subjects: Programs/processes (acting on a user's behalf) Objects: files, sockets and other system resources. Operations: What the subjects can do on the objects (e.g. read, write, append, update, execute, etc.)

The Security Quandary Security goals should be defined so they can be verified: functional goals are insufficient. Confidentiality and integrity goals are so restrictive that they prevent function in favor of security. New technology, for example virtual machine technology, may bridge the gap. Also, general purpose OS's may now be capable of expressing and enforcing security goals.

The Trust Model A system's Trust Model consists of the software and data upon which the system depends for system security. For an OS, it is called its “Trusted Computing Base” (TCB) Ideally, the TCB should be minimal. In a monolithic OS there are no boundaries, so the TCB is the whole OS! Some programs outside the OS may have to be in the TCB also.

Requirements of the TCB The TCB must mediate all security-sensitive operations The TCB and its data must be verifiably correct. It must be possible to verify that the TCB cannot be altered by processes outside it.

Assumed Threats Powerful attacker. Can inject operations from the network and may be in control of some of the software in the system. Attacker is actively trying to violate security.

The Task of The Secure OS developer Protect the TCB from the threats mentioned in the previous slide. That way, can maintain security by limiting interactions of processes with data in the system. Protecting the TCB is more difficult because it interacts with many untrusted processes. Countermeasures for each threat are needed.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.