Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating System Security & Smartphones

Published byOsborne Sullivan Modified over 6 years ago

Similar presentations

Presentation on theme: "Operating System Security & Smartphones"— Presentation transcript:

1 Operating System Security & Smartphones
Md Shahrear Iqbal PhD student QRST Lab, School of computing queen’s university, Kingston, Ontario, Canada.

2 CISC 324: Security & Protection

3 Concepts Protection: Security:
Mechanisms and policy to keep programs and users from accessing or changing stuff they should not do Internal to OS Chapter 14 in Silbershatz Security: Issues external to OS Authentication of user, validation of messages, malicious or accidental introduction of flaws, etc. Chapter 15 of Silbershatz

4 Goals of Protection In one protection model, computer consists of a collection of objects, hardware or software Each object has a unique name and can be accessed through a well- defined set of operations Protection problem - ensure that each object is accessed correctly and only by those processes that are allowed to do so Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

5 Principles of Protection
Guiding principle – principle of least privilege Programs, users and systems should be given just enough privileges to perform their tasks Limits damage if entity has a bug, gets abused Can be static (during life of system, during life of process) Or dynamic (changed by process as needed) – domain switching, privilege escalation “Need to know” a similar concept regarding access to data Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

6 Principles of Protection (Cont.)
Must consider “grain” aspect Rough-grained privilege management easier, simpler, but least privilege now done in large chunks For example, traditional Unix processes either have abilities of the associated user, or of root Fine-grained management more complex, more overhead, but more protective File ACL lists, RBAC Domain can be user, process, procedure Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

7 The Security Problem System secure if resources used and accessed as intended under all circumstances Unachievable Intruders (crackers) attempt to breach security Threat is potential security violation Attack is attempt to breach security Attack can be accidental or malicious Easier to protect against accidental than malicious misuse Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

8 Security Violation Categories
Breach of confidentiality Unauthorized reading of data Breach of integrity Unauthorized modification of data Breach of availability Unauthorized destruction of data Theft of service Unauthorized use of resources Denial of service (DOS) Prevention of legitimate use Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

9 Security Measure Levels
Impossible to have absolute security, but make cost to perpetrator sufficiently high to deter most intruders Security must occur at four levels to be effective: Physical Data centers, servers, connected terminals Human Avoid social engineering, phishing, dumpster diving Operating System Protection mechanisms, debugging Network Intercepted communications, interruption, DOS Security is as weak as the weakest link in the chain But can too much security be a problem? Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

10 Program Threats Many variations, many names Trojan Horse Trap Door
Code segment that misuses its environment Exploits mechanisms for allowing programs written by users to be executed by other users Spyware, pop-up browser windows, covert channels Up to 80% of spam delivered by spyware-infected systems Trap Door Specific user identifier or password that circumvents normal security procedures Could be included in a compiler How to detect them? Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

11 Program Threats (Cont.)
Logic Bomb Program that initiates a security incident under certain circumstances Stack and Buffer Overflow Exploits a bug in a program (overflow either the stack or memory buffers) Failure to check bounds on inputs, arguments Write past arguments on the stack into the return address on stack When routine returns from call, returns to hacked address Pointed to code loaded onto stack that executes malicious code Unauthorized user or privilege escalation Slides from Operating System Concepts – 9th Edition, Silberschatz, Galvin, Gagne

12 Smartphone Security

13 Security Risks Asset

14 Security Risks Asset Threat Hacker Malware

15 Security Risks Vulnerable Operating Systems Vulnerable Apps
New Technologies Asset Threat Vulnerability Risk malware

16 Existing Security for fighting Malware

17 Smart City Smart City Smart People Smart Econ. Smart Env. Smart Gov. Smart Living Smart Mobility Embrace creativity Inclusive society 21st century education Entrepreneurship & innovation Productivity Local & global interconnectedness Green buildings Green energy Green urban planning Enabling supply & demand side policy Transportation & open data Healthy ICT & eGov Safe Culturally vibrant & happy Clean & non-motorized options Integrated ICT Mixed-modal access Government: exercise control over the actions of the members, citizens, or inhabitants of communities, societies, and states a native or naturalized member of a state or nation who owes allegiance to its government and is entitled to its protection(distinguished from alien ). 2.an inhabitant of a city or town, especially one entitled to its privileges or franchises. A smart city (also smarter city) uses digital technologies to enhance performance and well being, to reduce costs and resource consumption, and to engage more effectively and actively with its citizens Key enabling technologies for Smart Cities include the Internet of Things (IoT), public Wi-Fi, ubiquitous cellular coverage and smartphone apps.   Smartphone and smartphone apps, will be the face of the Smart City and bridge the users to the Internet of Things (IoT) devices, information, services and the community.    Smart City mobile applications are cornerstones of a Smart City.  

18 Smartphone Smart Country Smart Security Framework Smart communication
API for apps Prevention Monitor and Control Framework management API for anti-virus Provide custom monitors Maintaining separate execution profiles Reporting suspicious activity Execution zones Service providers Security modes Smart communication Data safety Surveillance Behavioral analysis and detection Controlling malware Offload computation Maintain a list of trusted devices Maintain application status Smart Phone Report malware Maintain device context Maintain relationship between apps Fine-grained access control Smart Country Smart Security Framework

19 Implementation View Applications Application framework Restricted Zone
New App Zone Trusted App Zone Untrusted App Zone High Privilege App Zone App 6 App 8 App 1 App 2 App 3 App 5 App 4 App 7 Zone and Policy Manager App Market Application framework Secure Communication K Application Status and Relationship Management Context Management Package Installer Policy Management Permission Checker Trusted Device Management Computation Offloading Management Security Mode Management High Privilege App Service Provider Zone Management Data Safety Management API Management Hardware OS Sensors App Behavior Surveillance Custom Telephony/SMS Communication Channels K

20 Job & Grad Life

21 Questions

Download ppt "Operating System Security & Smartphones"

Similar presentations

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.

1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
What we will cover… Protection and Security in OS.

What we will cover… Protection and Security in OS.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
CS 149: Operating Systems April 30 Class Meeting Department of Computer Science San Jose State University Spring 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

CS 149: Operating Systems April 30 Class Meeting Department of Computer Science San Jose State University Spring 2015 Instructor: Ron Mak
Operating Systems Protection & Security.

Operating Systems Protection & Security.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
Silberschatz and Galvin  1999 20.1 Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.

Silberschatz and Galvin  Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Protection.

Protection.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,

Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
Computer & Network Security

Computer & Network Security
Network Security CSC332. Dr. Munam Ali Shah PhD: University of Bedfordshire MS: University of Surrey M.Sc: University of Peshawar Serving COMSATS since.

Network Security CSC332. Dr. Munam Ali Shah PhD: University of Bedfordshire MS: University of Surrey M.Sc: University of Peshawar Serving COMSATS since.
Operating system Security By Murtaza K. Madraswala.

Operating system Security By Murtaza K. Madraswala.

Similar presentations

Ads by Google