Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 9 Security 9.1 The security environment

Published byArron Johnson Modified over 7 years ago

Similar presentations

Presentation on theme: "Chapter 9 Security 9.1 The security environment"— Presentation transcript:

1 Chapter 9 Security 9.1 The security environment
9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from outside the system 9.6 Protection mechanisms 9.7 Trusted systems

2 The Security Environment Threats
Security goals and threats

3 Intruders Common Categories Casual prying by nontechnical users
Snooping by insiders Determined attempt to make money Commercial or military espionage

4 Accidental Data Loss Common Causes Acts of God
fires, floods, wars Hardware or software errors CPU malfunction, bad disk, program bugs Human errors data entry, wrong tape mounted

5 Operating System Security Trojan Horses
Free program made available to unsuspecting user Actually contains code to do harm Place altered version of utility program on victim's computer trick user into running that program

6 Login Spoofing (a) Correct login screen (b) Phony login screen

7 Logic Bombs Company programmer writes program potential to do harm
OK as long as he/she enters password daily ff programmer fired, no password and bomb explodes

8 Trap Doors (a) Normal code. (b) Code with a trapdoor inserted

9 Buffer Overflow (a) Situation when main program is running
(b) After program A called (c) Buffer overflow shown in gray

10 Generic Security Attacks
Typical attacks Request memory, disk space, tapes and just read Try illegal system calls Start a login and hit DEL, RUBOUT, or BREAK Try modifying complex OS structures Try to do specified DO NOTs Convince a system programmer to add a trap door Beg admin's sec’y to help a poor user who forgot password

11 The TENEX – password problem
Famous Security Flaws (a) (b) (c) The TENEX – password problem

12 Design Principles for Security
System design should be public Default should be n access Check for current authority Give each process least privilege possible Protection mechanism should be simple uniform in lowest layers of system Scheme should be psychologically acceptable And … keep it simple

13 Network Security External threat Goals of virus writer
code transmitted to target machine code executed there, doing damage Goals of virus writer quickly spreading virus difficult to detect hard to get rid of Virus = program can reproduce itself attach its code to another program additionally, do harm

14 Virus Damage Scenarios
Blackmail Denial of service as long as virus runs Permanently damage hardware Target a competitor's computer do harm espionage Intra-corporate dirty tricks sabotage another corporate officer's files

15 How Viruses Work (1) Virus written in assembly language
Inserted into another program use tool called a “dropper” Virus dormant until program executed then infects other programs eventually executes its “payload”

16 How Viruses Work (2) Recursive procedure that finds executable files on a UNIX system Virus could infect them all

17 How Viruses Work (3) An executable program With a virus at the front
With the virus at the end With a virus spread over free space within program

18 How Viruses Work (4) After virus has captured interrupt, trap vectors
After OS has retaken printer interrupt vector After virus has noticed loss of printer interrupt vector and recaptured it

19 How Viruses Spread Virus placed where likely to be copied When copied
infects programs on hard drive, floppy may try to spread over LAN Attach to innocent looking when it runs, use mailing list to replicate

20 Antivirus and Anti-Antivirus Techniques
(a) A program (b) Infected program (c) Compressed infected program (d) Encrypted virus (e) Compressed virus with encrypted compression code

21 Antivirus and Anti-Antivirus Techniques
Examples of a polymorphic virus All of these examples do the same thing

22 Antivirus and Anti-Antivirus Techniques
Integrity checkers Behavioral checkers Virus avoidance good OS install only shrink-wrapped software use antivirus software do not click on attachments to frequent backups Recovery from virus attack halt computer, reboot from safe disk, run antivirus

23 The Internet Worm Consisted of two programs
bootstrap to upload worm the worm itself Worm first hid its existence Next replicated itself on new machines

24 Mobile Code (1) Sandboxing
(a) Memory divided into 1-MB sandboxes (b) One way of checking an instruction for validity

25 Applets can be interpreted by a Web browser
Mobile Code (2) Applets can be interpreted by a Web browser

26 Mobile Code (3) How code signing works

27 Java Security (1) A type safe language Checks include …
compiler rejects attempts to misuse variable Checks include … Attempts to forge pointers Violation of access restrictions on private class members Misuse of variables by type Generation of stack over/underflows Illegal conversion of variables to another type

28 Examples of specified protection with JDK 1.2
Java Security (2) Examples of specified protection with JDK 1.2

29 Protection Mechanisms Protection Domains (1)
Examples of three protection domains

30 Protection Domains (2) A protection matrix

31 A protection matrix with domains as objects
Protection Domains (3) A protection matrix with domains as objects

32 Access Control Lists (1)
Use of access control lists of manage file access

33 Access Control Lists (2)
Two access control lists

34 Capabilities (1) Each process has a capability list

35 f(Objects, Rights, Check)
Capabilities (2) Cryptographically-protected capability Generic Rights Copy capability Copy object Remove capability Destroy object Server Object Rights f(Objects, Rights, Check)

36 Trusted Systems Trusted Computing Base
A reference monitor

37 Formal Models of Secure Systems
(a) An authorized state (b) An unauthorized state

38 Multilevel Security (1)
The Bell-La Padula multilevel security model

39 Multilevel Security (2)
The Biba Model Principles to guarantee integrity of data Simple integrity principle process can write only objects at its security level or lower The integrity * property process can read only objects at its security level or higher

40 Orange Book Security (1)
Symbol X means new requirements Symbol -> requirements from next lower category apply here also

41 Orange Book Security (2)

42 Covert Channels (1) Encapsulated server can still leak to collaborator via covert channels Client, server and collaborator processes

43 A covert channel using file locking
Covert Channels (2) A covert channel using file locking

44 Covert Channels (3) Pictures appear the same
Picture on right has text of 5 Shakespeare plays encrypted, inserted into low order bits of color values Hamlet, Macbeth, Julius Caesar Merchant of Venice, King Lear Zebras

Download ppt "Chapter 9 Security 9.1 The security environment"

Similar presentations

Chapter 9 Security 9.1 The security environment

Chapter 9 Security 9.1 The security environment
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.

1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

1 Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
CSE 513 Introduction to Operating Systems Class 10 - Security Jonathan Walpole Dept. of Comp. Sci. and Eng. Oregon Health and Science University.

CSE 513 Introduction to Operating Systems Class 10 - Security Jonathan Walpole Dept. of Comp. Sci. and Eng. Oregon Health and Science University.
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Pertemuan 23 Sistem Keamanan Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5.

1 Pertemuan 23 Sistem Keamanan Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5.
CS 333 Introduction to Operating Systems Class 20 - Security Jonathan Walpole Computer Science Portland State University.

CS 333 Introduction to Operating Systems Class 20 - Security Jonathan Walpole Computer Science Portland State University.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Buffer Overflow Attacks Figure 9-21. (a) Situation when the main program is running. (b) After the procedure A has been called. (c) Buffer overflow shown.

Buffer Overflow Attacks Figure (a) Situation when the main program is running. (b) After the procedure A has been called. (c) Buffer overflow shown.

Similar presentations

Ads by Google