File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold.

Slides:

Advertisements

Similar presentations

Internet Protocol Security (IP Sec)

Advertisements

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

Understand Database Security Concepts

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Access Control Methodologies

DESIGNING A PUBLIC KEY INFRASTRUCTURE

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 7 HARDENING SERVERS.

File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

Database Security Managing Users and Security Models.

Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Working with Workgroups and Domains

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Securing Operating Systems Chapter 10. Security Maintenance Practices and Principles Basic proactive security can prevent many problems Maintenance involves.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.

Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.

Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

Module 14: Configuring Server Security Compliance

IOS110 Introduction to Operating Systems using Windows Session 8 1.

Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities.

Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013.

Operating System Security Fundamentals Dr. Gabriel.

Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.

Chapter 10: Rights, User, and Group Administration.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

Database Role Activity. DB Role and Privileges Worksheet.

Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.

Chapter 2 Securing Network Server and User Workstations.

© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.

Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Managing Applications, Services, Folders, and Libraries Lesson 4.

The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.

1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.

C Copyright © 2007, Oracle. All rights reserved. Security New Features.

Computer Security Sample security policy Dr Alexei Vernitski.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

19 Copyright © 2008, Oracle. All rights reserved. Security.

SQL Server Security & Intrusion Prevention

Configuring Windows Firewall with Advanced Security

Chapter 5 : Designing Windows Server-Level Security Processes

IS3440 Linux Security Unit 9 Linux System Logging and Monitoring

Lesson 16-Windows NT Security Issues

IS4680 Security Auditing for Compliance

Operating System Concepts

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold

Overview What we are going to cover Brief History File Systems General Security Practices Specific Practices for File Systems

What is File System Security? File system security: the policies and procedures for ensuring the protection of one’s files and file systems.

History of File System Security Roots Sensitive information was originally kept in file cabinets and other such physical barriers. Effective at keeping files from those who were not allowed to access them.

History of File System Security Relevance Transition from analog to digital file systems. Ideas put forth in the analog age of file systems are still relevant in digital security. Barriers Locks (Passwords) Authorities (Administrators)

History of File System Security Networking File system security became more important to digital systems as they became networked together. Access to systems and also the files within the systems.

Types of File Systems Disk Database Network Transactional/Special

Types of File Systems Disk A system for organizing and storing files on a physical drive. Hard Drive, Removable Storage, etc. Does not have to be directly connected to the computer. Many Different types Windows: NTFS, FAT32 (Primitive) Linux: ext, ext2, ext3, ext3cow, ext4

Types of File Systems Database Newer concept of managing files. Instead of hierarchy or structure, files are sorted by characteristics, type, or other such metadata. An example of a characteristic is Eye Color 

Types of File Systems Network Protocol for remote access on a server Common types: NFS, SMB, AFP, 9P Similar (Structurally): FTP, WebDAV

Types of File Systems Transactional/Special Transactional Logs events, transactions, or changes Groups related changes Used often in banking software Special Not Disk or Network Includes systems where files are arranged dynamically by software Used for temporary storage

General Security Practices Entity Authentication Properties of an entity (what it has, is, etc.) Usernames & Passwords Password defenses Checkers, generators, aging, limiting logins Protecting password file Cryptography Encryption algorithms Securing data transactions

Access Control Access control refers to how subjects may manipulate objects Halts users from accessing restricted files It determines what privileges (if any) a user has over a particular object Observe Alter

Access Control: Windows NT Types of permissions: Read Write Execute Changing of ownership Changing permissions Delete

Access Control: UNIX Types: Read Write Execute For files and directories, respectively: View contents, view contents Append, rename/create Run, search within With 777 you have permission to access this bread.

Security Models Types of security models: Bell-LaPadula (BLP) Clark-Wilson Biba Harrison-Ruzzo-Ullman (HRU)

Types of File System Security In: Disk File Systems Database File Systems Network File Systems

Disk File System Security Tactics: Encryption Access Control Passwords Permissions By denying access by some users to certain files, you can protect the files data and integrity.

Disk File System Security Workarounds: Encryption: Stealing secret keys Breaking secret keys Access Control: Interception of password Social engineering Brute force attacks on passwords

Disk File System Security Prevention: Encryption: More powerful ciphers Regular changing of encryption scheme Access Control: Password defenses checkers generators aging limiting logins Employ awareness of social engineering vulnerabilities

Database File System Security: Apache Permissions Restrict access to upper level files SSI (Server Side Includes) These extra features can create weakness within a database Protect system settings within config files

Database File System Security: Oracle Virtual Private Database customizable, policy-based access control down to the row level Data Encryption Protects data, even in media theft Enterprise User Security Centralized security management Secure Application Roles Powerful way of setting access control Enterprise Manager Grid Control Tools for setting configurations

Database File System Security: MySQL Take the time to audit SQL logins for null or weak passwords Frequently check group and role memberships Physically secure the SQL Server Enable logging of all user login events Disable SQL Mail capability unless absolutely necessary Remove the Guest user from databases to keep unauthorized users out Secure the “sa” account with a strong password Choose only the network libraries you absolutely require

Network File System Security Entity authentication Firewall Intrusion Prevention System (IPS) Honeypots Decoy server containing fake, desirable information which is easily accessible used to lure away attackers and record their activity

Summary We covered the history of file system security, basic theory, types of file systems, security for those systems, and potential threats. ? Well science shows that general policies, such as access control, password protection, permissions, encryption, and roles can significantly improve security on any kind of file system.

QUESTIONS?!1?!1 ?!?!?!!!!ONE

Chris uses Windows XP Media Center Edition 2005 sp2 Bobby uses the Ubuntu release Edgy