1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.

Slides:



Advertisements
Similar presentations
Protection Goals of Protection Domain of Protection Access Matrix
Advertisements

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed.
Bilkent University Department of Computer Engineering
What we will cover… Protection and Security in OS.
1999 Chapter 8-Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based.
Reasons for Protection n Prevent users from accessing information they shouldn’t have access to. n Ensure that each program component uses system resources.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Chapter 14: Protection.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.
Chapter 14: Protection.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 14: Protection.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Protection.
Page 19/4/2015 CSE 30341: Operating Systems Principles Raid storage  Raid – 0: Striping  Good I/O performance if spread across disks (equivalent to n.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Operating Systems Protection & Security.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Protection.
Protection & Security Introduction to Operating Systems: Module 16.
14.1 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 14: Protection Goals of Protection Principles of Protection Domain of Protection.
Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 AE4B33OSS Chapter 14: Protection Goals of Protection Principles of Protection Domain.
Silberschatz, Galvin, and Gagne  Applied Operating System Concepts Module 18: Protection Goals of Protection Domain of Protection Access Matrix.
Silberschatz, Galvin and Gagne  Operating System Concepts Chapter 18: Protection Goals of Protection Objects and Domains Access Matrix Implementation.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Protection (Chapter 14)
Cosc 4740 Chapter 13: Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique.
Protection Nadeem Majeed Choudhary
CE Operating Systems Lecture 21 Operating Systems Protection with examples from Linux & Windows.
Modul ke: Fakultas Program Studi Proteksi SISTEM OPERASI Misbahul Fajri, ST., MTI. 14 FASILKOM Teknik Informatika.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Apr 11, 2005 Chapter 14: Protection Goals.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Apr 11, 2005 Goals of Protection Operating.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Goals of Protection Operating system consists of a collection.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 14: Protection.
11.1 CSE Department MAITSandeep Tayal 11: Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation.
CSE Operating System Principles Protection.
18.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 18: Protection Goals of Protection Domain of Protection Access Matrix.
Chapter 17: System Protection Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 17: Protection Goals of Protection Principles.
Saurav Karmakar. Chapter 14: Protection  Goals of Protection  Principles of Protection  Domain of Protection  Access Matrix  Implementation of Access.
PROTECTION.
Operating Systems Protection Alok Kumar Jagadev.
Chapter 14: Protection Modified by Dr. Neerja Mhaskar for CS 3SH3.
Chapter 14: System Protection
Operating System Concepts
Chapter 14: Protection.
Chapter 14: Protection.
Chapter 14: Protection.
Chapter 14: Protection.
Chapter 14: Protection.
Chapter 14: Protection.
Security.
Chapter 14: Protection.
Chapter 14: Protection.
Chapter 14: Protection.
Chapter 14: Protection.
Operating System Concepts
CSE 542: Operating Systems
Chapter 14: Protection.
Operating System Concepts
Presentation transcript:

1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually accompanied by detection and response mechanisms Security = protecting the confidentiality, integrity, and availability of a system according to the rules set out by a specific policy. Policy = the set of allowable states of a system.

2 Goals of Protection Let’s say we have a valuable resource like an O.S. collection of objects, hardware & software Objects have unique names Accessed through well-defined set of operations Goals of protection: Ensure each object accessed correctly & only by authorized processes according to some policy. A policy is a statement of what states (and operations) are allowed (i.e., secure/authorized), and what are not allowed (i.e., nonsecure/unauthorized) for a specific system.

3 Protection Protection Domains Access Matrix Implementation Language-Based Protection

4 Protection Domains Access-right = Rights-set = subset of all valid operations that can be performed on the object (i.e., the policy!) Domain = set of access-rights

5 Domain Implementation Example-I: UNIX Examples of object Files, laser printers, and servers… Access control bits (UNIX) Three categories of user (owner, group, world) Three types of access privileges (read, write, execute) One bit per operation ( = rwxr-x----) Domain is implemented as the “user-id” OS can do domain switching to execute some task accomplished via file system Each file has associated domain bit (setuid bit) When file executed and setuid=on, user-id set to owner of the file being executed When execution completes, user-id is reset “ps” is a setuid program, as is “lpr”.

6 Domain Implementation Example-II: Multics Rings Nested domain structure (“rings”) Let D i and D j be any two domain rings If j < i  D i  D j lower-level = more privileges each process maintains current ring number

7 Access Matrix Column: defines who can perform what operation on the object Row: Operations allowed on what objects, per-domain

8 Dynamic Access Matrices Extend for dynamic protection: Operations to add, delete access rights transfer – switch from domain D i to D j owner of O i copy op from O i to O j control – D i can modify D j ’s access rights

9 Switching Domains Switching domains: add domains as objects!

10 Access Matrix with Copy Rights Asterisk denotes that access right can be copied within column (for the object)

11 Access Matrix With Owner Rights Ownership: can add new rights, remove some rights

12 Control: Modifying Access Matrix Control: process executing in one domain can modify another domain Example: D2 changes D4

13 Implementation of Access Matrix Access list for objects Maintain list per object Capability (object) list for domains Maintain list of objects + operations per domain Object name = capability Check in capability list for access Pros and cons of access list & capability list? Determine the set of access rights for each domain? Revocation of capabilities?

14 Language-Based Protection Specification of protection in programming language: Allows high-level description of policies for allocation and use of resources Protection in Java: Dynamically load untrusted classes over a network Important to provide protection! Class loader: Find and load object Define namespace seen by different classes

15 Security The Security Problem Program Threats System & Network Threats Counter-measures to Threats Threat Monitoring Cryptography

16 Security problem Confidentiality: ensuring objects are available/understandable only to authorized peers E.g., no unauthorized read access Integrity: ensuring objects have not been maliciously or accidentally modified. No introduction of inconsistency. Availability: ensuring objects are available without delay and operate correctly (to authorized peers) No malicious destruction of resources (i.e., objects)

17 Threats Program Threats: program cause security breaches Trojan Horse, Login Spoofing, Trap/Back Door, Stack/Buffer Overflow, Virus System & Network Threats: Abuse services and network connection to cause security breaches Worms, Port Scanning, (Distributed) Denial of Service

18 Trojan Horse Code (segment) that misuses its environment. Objective of Trojan Get executed by someone Once executed copy/mail/modify some critical files Example: In /tmp put a program named ls Administrator goes to /tmp, types ls... If the path “.” is in front of his search path... Bingo!

19 Login Spoofing Write a fake login program Fake program shows the usual login prompt.... Unsuspecting user comes in and tries to log in Types loginID Types password The Spoof login store the pair away and terminates Normal logins come back up User simply thinks he mistyped his password... In the meantime, the attacker found a valid pair!

20 Trap Doors Modification at the source level Programmer introduces a loophole to bypass the login process. Loophole ignores password for a specific login Who can use it? (programmer, attacker) How to prevent it... Code review Sometimes in compiler (very difficult)

21 Buffer Overflow Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else.... Return Address Main's Local Variables Stack Foo()'s local var Fixed Sized-Array

22 Buffer Overflow Return Address Main's Local Variables Stack Foo()'s local var Long string that overflows... It wipes out the return address Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else....

23 Buffer Overflow Return Address Main's Local Variables Stack Foo()'s local var Long string that overflows... It wipes out the return address If string is well aligned with place of return address, it can be a meaninfull address Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else....

24 Buffer Overflow Return Address Main's Local Variables Stack Foo()'s local var Long string that overflows... It wipes out the return address If string is well aligned with place of return address... It can be a meaninfull address Malicious Code! Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else....

25 Virus Self-reproducing Attach to host machine Dormant for a while Activate at some point and Destroy Steal Spreading via Program copying, , Web-pages, …

26 Worms Slightly different from virus Self-reproduces; take up resources Do not need a host-program Use vulnerabilities to spread across the net Break system through infestation; worst outbreak can take worldwide networks down. Worms propagate themselves; Virus require action by the user to perpetuate themselves Example: Morris Worms, CodeRed

27 Other System & Network Threats Port scanning Automated attempt to connect to a range of ports on one or a range of IP addresses Denial of Service Overload the targeted computer preventing it from doing any useful work Distributed denial-of-service (DDOS) come from multiple sites at once

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.