Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design."— Presentation transcript:

1 Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William Stallings

2 Authentication Basis for most type of access control and accountability Identification step Verification step

3 Password-Based Authentication ID –Determines if use authorized to access system –Determines privileges for user –Discretionary access control

4 UNIX Password Scheme

5

6 Token-Based Authentication User posses object Memory cards Smart cards

7 Biometric Authentication Facial characteristics Fingerprints Hand geometry Retinal pattern

8 Biometric Authentication Iris Signature Voice

9 Cost versus Accuracy

10 Access Control Discretionary access control –Based on identity of requestor Mandatory access control –Based on comparing security labels with security clearances Role-based access control –Based on roles user has in system

11 Extended Access Control Matrix

12 Organization of the Access Control Function

13

14 Users, Roles, and Resources

15 Access Control Matrix Representation of RBAC

16

17 Intrusion Detection Host-based Network-based

18 Intrusion Detection Sensors –Collect data Analyzers User interface

19 Profiles of Behavior of Intruders and Authorized Users

20 Host-Based IDSs Anomaly detection –Collection of data relating to behavior of legitimated users over time Signature detection –Define set of rules or attack patters

21 Audit Records Native audit records –Operating system accounting software Detection-specific audit records –Generate audit records required by the IDS

22 Antivirus Approaches Detection Identification Removal

23 Generic Decryption CPU emulator Virus signature scanner Emulation control module

24 Digital Immune System

25 Behavior-Blocking Software Operation

26 Worm Countermeasures Signature-based worm scan filters Filter-based worm containment Payload-classification-based worm containment

27 Worm Countermeasures Threshold random walk scan detection Rate limiting Rate halting

28 Buffer Overflow Compile-time defenses Stack protection mechanisms

29 Buffer Overflow Run-time defenses Executable address space protection Address space randomization Guard pages

30 Windows Vista Security Access control scheme –Access token –Indicates privileges

31 Windows Security Structures

32 Access Mask

Download ppt "Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design."

Similar presentations

Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,

Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,
Chapter 15 Computer Security Techniques

Chapter 15 Computer Security Techniques
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Chapter 15 Operating System Security

Chapter 15 Operating System Security
CISSP Luncheon Series: Access Control Systems & Methodology

CISSP Luncheon Series: Access Control Systems & Methodology
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Malicious Software programs exploiting system vulnerabilities known as malicious software or malware program fragments that need a host program e.g. viruses,

Malicious Software programs exploiting system vulnerabilities known as malicious software or malware program fragments that need a host program e.g. viruses,
1 November 2004 1 Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.

1 November Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.
1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.
Chapter 14 Intrusion Detection. Hacker Capabilities.

Chapter 14 Intrusion Detection. Hacker Capabilities.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

Similar presentations

Ads by Google