Presentation is loading. Please wait.

Presentation is loading. Please wait.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14b: Security II.

Published byGwendoline Conley Modified over 8 years ago

Similar presentations

Presentation on theme: "Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14b: Security II."— Presentation transcript:

1 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14b: Security II

2 14.2 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14: Security Cryptography as Security Tool User Authentication Implementing Security Defenses Firewalling to Protect Systems and Networks

3 14.3 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Cryptography as a Security Tool Broadest security tool available Internal to computer, source and destination of messages known and protected  OS creates, manages, protects process IDs, communication ports Source and destination of messages on network cannot be trusted without cryptography  Local network – IP address? – Consider unauthorized host added  WAN / Internet – how to establish authenticity – Not via IP address

4 14.4 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Cryptography Means to constrain potential senders (sources) and / or receivers (destinations) of messages Based on secrets (keys) Enables  Confirmation of source  Receipt only by certain destination  Trust relationship between sender and receiver

5 14.5 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Encryption Constrains set of possible receivers of message Encryption algorithm consists of Set K of keys Set M of Messages Set C of ciphertexts (encrypted messages) A function E : K → (M → C)  For each k  K, E k is a function for generating ciphertexts from messages A function D : K → (C → M).  For each k  K, D k is a function for generating messages from ciphertexts

6 14.6 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Encryption (Cont.) Encryption algorithm must provide essential property: Given ciphertext c  C, a computer can compute m such that E k (m) = c only if it possesses k A computer holding k can decrypt ciphertexts to the plaintexts used to produce them A computer not holding k cannot decrypt ciphertexts Should be infeasible to derive k from ciphertexts

7 14.7 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Symmetric Encryption Same key used to encrypt and decrypt k must be kept secret DES was most commonly used symmetric block- encryption algorithm (created by US Govt) Encrypts one block of data at a time Keys too short; now considered insecure Triple-DES considered more secure Algorithm used 3 times using 2 or 3 keys

8 14.8 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Symmetric Encryption 2001 NIST adopted new block cipher - Advanced Encryption Standard (AES) Keys of 128, 192, or 256 bits, works on 128 bit blocks RC4 is most common symmetric stream cipher ; known vulnerabilities Encrypts/decrypts stream of bytes  e.g., wireless transmission Key is input to pseudo-random-bit generator  Generates an infinite keystream

9 14.9 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Secure Communication over Insecure Medium

10 14.10 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Asymmetric Encryption Public-key encryption each user has two keys: public key  published key used to encrypt data private key  key known only to individual user  used to decrypt data

11 14.11 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Asymmetric Encryption Since one key is public, decryption must be difficult Most common: RSA block cipher  Makes use of prime numbers  Efficient algorithm for testing number primeness  No efficient algorithm for finding prime factors of number

12 14.12 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Asymmetric Encryption (Cont.) Computationally infeasible to derive k d,N from k e,N,  k e need not be secret; can be disseminated k e is public key k d is private key N is product of two large, randomly chosen prime numbers p and q (e.g., 512 bits each) Encryption algorithm is E ke,N (m) = m k e mod N, where k e satisfies k e k d mod (p−1)(q −1) = 1 Decryption algorithm is then D kd,N (c) = c k d mod N

13 14.13 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Asymmetric Encryption Example E.g., p = 7 and q = 13 N = 7 ∗ 13 = 91 (p−1)(q−1) = 72 Select k e : relatively prime to 72 and< 72, yielding 5 Calculate k d such that k e k d mod 72 = 1, yielding 29 Keys Public key, k e,N = 5, 91 Private key, k d,N = 29, 91

14 14.14 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Asymmetric Encryption Example Keys Public key, k e,N = 5, 91 Private key, k d,N = 29, 91 Encrypt message 69 with public key results in cyphertext 62 E ke,N (m) = m k e mod N = 69 ^ 5 mod 91 = 62 Cyphertext decoded with private key D kd,N (c) = c k d mod N = 62 ^ 29 mod 91 = 69

15 14.15 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Encryption using RSA Asymmetric Cryptography

16 14.16 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Cryptography (Cont.) Symmetric cryptography based on transformations Asymmetric based on mathematical functions Asymmetric much more computationally intensive Typically not used for bulk data encryption

17 14.17 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14: Security Cryptography as Security Tool User Authentication Implementing Security Defenses Firewalling to Protect Systems and Networks

18 14.18 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication Constrains set of potential senders of message Complementary to encryption Can also prove message unmodified

19 14.19 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication Algorithm components: A set K of keys A set M of messages A set A of authenticators A function S : K → (M → A)  For each k  K, S k is a function for generating authenticators from messages A function V : K → (M × A → {true, false}).  For each k  K, V k is a function for verifying authenticators on messages

20 14.20 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication (Cont.) For message m, computer can generate authenticator a  A (such that V k (m, a) = true) only if it possesses k Thus, computer holding k can generate authenticators on messages so that any other computer possessing k can verify them Computer not holding k cannot generate authenticators on messages that can be verified using V k

21 14.21 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication (Cont.) Since authenticators are generally exposed, it must not be feasible to derive k from authenticators Practically, if V k (m,a) = true, we know m has not been modified If we share k with only one entity, we know where the message originated

22 14.22 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication – Hash Functions Basis of authentication Creates small, fixed-size block of data message digest (hash value) from m Hash Function H must be collision resistant on m Infeasible to find m’ ≠ m such that H(m) = H(m’) If H(m) = H(m’), then m = m’ Message has not been modified

23 14.23 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication – Hash Functions Common message-digest functions include: MD5 – produces 128-bit hash SHA-1 - which outputs 160-bit hash

24 14.24 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication - MAC Symmetric encryption used in message- authentication code (MAC) algorithm Cryptographic checksum generated from message using secret key Can securely authenticate short values

25 14.25 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication – Digital Signature Based on asymmetric keys and digital signature algorithm Authenticators produced are digital signatures Useful – anyone can verify authenticity of message

26 14.26 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Authentication (Cont.) Why authentication (if subset of encryption)? Fewer computations (except for RSA digital signatures) Authenticator usually shorter than message Sometimes want authentication but not confidentiality  Signed patches

27 14.27 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Key Distribution Delivery of symmetric key is challenge Sometimes done out-of-band  E.g., using snail mail Asymmetric keys proliferate – stored on key ring Even asymmetric key distribution needs care  E.g., man-in-the-middle attack

28 14.28 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Digital Certificates Proof of who or what owns public key Public key digitally signed a trusted party Trusted party receives proof of ID from entity Certifies public key belongs to entity Certificate authority is trusted party – Their public keys included with web browser distros They vouch for other authorities via digitally signatures

29 14.29 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Man-in-the-middle Attack on Asymmetric Cryptography

30 14.30 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Implementation of Cryptography Can be done at various layers of ISO Reference Model SSL at Transport layer Network layer is typically IPSec  IKE for key exchange  Basis of Virtual Private Networks (VPNs) Why not just at lowest level? Might need more knowledge than available at low levels  E.g., User authentication; e-mail delivery

31 14.31 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition User Authentication Crucial to identify users correctly Protection systems depend on user ID User identity most often established through passwords Special case of either protection keys or capabilities Passwords must be kept secret Frequent change of passwords History to avoid repeats Use of “non-guessable” passwords Log all invalid access Unauthorized transfer

32 14.32 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition User Authentication Passwords may be encrypted or used only once Does encrypting passwords solve the exposure problem?  Might solve sniffing  Consider shoulder surfing  Consider Trojan horse keystroke logger  How are passwords stored at authenticating site? – Hash function..

33 14.33 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Passwords Encrypt to avoid having to keep secret But keep secret anyway  (e.g., UNIX uses superuser-only readable file) Use algorithm that’s easy to compute; difficult to invert Only encrypted password stored, never decrypted Add “salt” to avoid same password being encrypted to same value

34 14.34 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Passwords One-time passwords Use function based on seed to compute a password Hardware device / key fob to generate the password  Changes very frequently

35 14.35 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Passwords Biometrics Some physical attribute (fingerprint, hand scan) Multi-factor authentication Need two or more factors for authentication  e.g., USB “dongle”, biometric measure, and password

36 14.36 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14: Security Cryptography as Security Tool User Authentication Implementing Security Defenses Firewalling to Protect Systems and Networks

37 14.37 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Implementing Security Defenses Defense in depth Most common security theory Multiple layers of security Security policy describes what is being secured Vulnerability assessment compares real state of system / network compared to security policy

38 14.38 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Implementing Security Defenses Intrusion detection to find system / network intrusions Signature-based detection spots known patterns Anomaly detection spots differences from normal  Can detect zero-day attacks False-positives and false-negatives a problem

39 14.39 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Implementing Security Defenses Virus protection Search all programs (or programs at execution) for known virus patterns Run programs in sandbox => can’t damage system Auditing, accounting, and logging of all or specific system or network activities Practice safe computing – avoid sources of infection, download from only “good” sites, etc

40 14.40 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14: Security Cryptography as Security Tool User Authentication Implementing Security Defenses Firewalling to Protect Systems and Networks

41 14.41 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Firewalling to Protect Systems and Networks Network firewall placed between trusted and untrusted hosts Firewall limits access between security domains Can be tunneled or spoofed Tunneling allows disallowed protocol to travel within allowed protocol (e.g., telnet inside of HTTP) Firewall rules typically based on host name or IP address (which can be spoofed)

42 14.42 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Firewalling to Protect Systems and Networks Personal firewall is software layer on given host Can monitor / limit traffic to and from host Application proxy firewall understands application protocol; can control them (e.g., SMTP) System-call firewall monitors all important system calls Applies rules to them  (e.g., this program can execute that system call)

43 14.43 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Network Security Through Domain Separation Via Firewall

44 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition End of Chapter 14b

Download ppt "Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 2 nd Edition Chapter 14b: Security II."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)

Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Modified from Silberschatz, Galvin and Gagne Lecture 22 Chapter 15: Security.

Modified from Silberschatz, Galvin and Gagne Lecture 22 Chapter 15: Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt.

Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Chapter 15: Security. 15.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Jan 10, 2005 Chapter 15: Security The Security.

Chapter 15: Security Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Jan 10, 2005 Chapter 15: Security The Security.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Similar presentations

Ads by Google