Download presentation
1
SE571 Security in Computing
Chap4: Protection in General-Purpose Operating Systems
2
Objectives Protection features provided by general-purpose operating systems: protecting memory, files, and the execution environment Controlled access to objects User authentication SE571 Security in Computing Dr. Ogara
3
Operating System Functions
access control identity and credential management information flow audit and integrity protection Each of these activities has security implications SE571 Security in Computing Dr. Ogara
4
Memory Protection Protection can be built into the hardware mechanisms that control efficient use of memory SE571 Security in Computing Dr. Ogara
5
Memory Protection Types of memory protection Fences Relocation
Base/bound registers Tagged architecture Segmentation Paging Combined paging with segmentation SE571 Security in Computing Dr. Ogara
6
Types of Memory Protection
Fence Used to confine users to one side of a boundary Simplest form of memory protection was introduced in single-user operating systems Provide a lower bound (a starting address) but not an upper one Fences may be fixed or variable SE571 Security in Computing Dr. Ogara
7
Types of Memory Protection
Problem very restrictive because a predefined amount of space was always reserved for the operating system, whether it was needed or not. If less than the predefined space was required, the excess space was wasted. Conversely, if the operating system needed more space, it could not grow beyond the fence boundary. SE571 Security in Computing Dr. Ogara
8
Types of Memory Protection
Fixed Fence Used to confine users to one side of a boundary simplest form of memory protection was introduced in single-user operating systems SE571 Security in Computing Dr. Ogara
9
Types of Memory Protection
Variable Fence Uses fence register containing the address of the end of the operating system. location of the fence can be changed A fence register protects only in one direction. In other words, an operating system can be protected from a single user, but the fence cannot protect one user from another user SE571 Security in Computing Dr. Ogara
10
Figure 4-1 Fixed Fence. SE571 Security in Computing Dr. Ogara
11
Figure 4-2 Variable Fence Register.
SE571 Security in Computing Dr. Ogara
12
Types of Memory Protection
Relocation process of taking a program written as if it began at address 0 and changing all addresses to reflect the actual address at which the program is located in memory SE571 Security in Computing Dr. Ogara
13
Types of Memory Protection
Base/Bounds Registers /Second Registers Upper address limit, in the same way that a base or fence register is a lower address limit Provides an upper bound that can be useful in knowing how much space is allotted and in checking for overflows into “forbidden” areas Protects outside users from errors in any other user’s program SE571 Security in Computing Dr. Ogara
14
Figure 4-3 Pair of Base/Bounds Registers.
SE571 Security in Computing Dr. Ogara
15
Types of Memory Protection
Tagged Architecture every word of machine memory has one or more extra bits to identify the access rights to that word SE571 Security in Computing Dr. Ogara
16
Figure 4-5 Example of Tagged Architecture.
SE571 Security in Computing Dr. Ogara
17
Types of Memory Protection
Segmentation Involves the simple notion of dividing a program into separate pieces. Each piece has a logical unity, exhibiting a relationship among all of its code or data values Allows a program to be divided into many pieces having different access rights Each segment has a unique name SE571 Security in Computing Dr. Ogara
18
Types of Memory Protection
Segmentation Security benefits Segmentation offers these security benefits: Each address reference is checked for protection. Many different classes of data items can be assigned different levels of protection. Two or more users can share access to a segment, with potentially different access rights. A user cannot generate an address or access to an unpermitted segment. SE571 Security in Computing Dr. Ogara
19
Types of Memory Protection
Paging program is divided into equal-sized pieces called pages, and memory is divided into equal- sized units called page frames all pages in the paging approach are of the same fixed size, so fragmentation is not a problem Each page can fit in any available page in memory, and thus there is no problem of addressing beyond the end of a page SE571 Security in Computing Dr. Ogara
20
Types of Memory Protection
Combined Paging with Segmentation Combines two approaches Paging offers implementation efficiency, while segmentation offers logical protection characteristics SE571 Security in Computing Dr. Ogara
21
Control of Access to General Objects
Objects which need protection memory a file or data set on an auxiliary storage device an executing program in memory a directory of files a hardware device a data structure, such as a stack SE571 Security in Computing Dr. Ogara
22
Control of Access to General Objects
Objects which need protection a table of the operating system instructions, especially privileged instructions passwords and the user authentication mechanism the protection mechanism itself SE571 Security in Computing Dr. Ogara
23
Control of Access to General Objects
Directory Works like file directory Listing of objects accessible by a single subject Each user has a file directory, which lists all the files to which that user has access. Every file has a unique owner who possesses “control” access rights Rights to files: read, write, and execute SE571 Security in Computing Dr. Ogara
24
Figure 4-10 Directory Access.
SE571 Security in Computing Dr. Ogara
25
Control of Access to General Objects
Access Control List A table identifying subjects that can access a single object Each object and the list shows all subjects who should have access to the object and what their access is Each object has one access control list Directory is created for each object SE571 Security in Computing Dr. Ogara
26
Figure 4-12 Access Control List.
SE571 Security in Computing Dr. Ogara
27
Control of Access to General Objects
Access Control Matrix A table in which each row represents a subject, each column represents an object, and each entry is the set of access rights for that subject to that object Most subjects do not have access rights to most objects Implementation is rarely used SE571 Security in Computing Dr. Ogara
28
Control of Access to General Objects
Capability Is an unforgeable token that gives the possessor certain rights to an object Is a ticket that gives permission to a subject to have a certain type of access to an object For the capability to offer solid protection, the ticket must be unforgeable SE571 Security in Computing Dr. Ogara
29
Control of Access to General Objects
Kerberos Kerberos implements both authentication and access authorization by means of capabilities, called tickets, secured with symmetric cryptography Requires two systems, called the authentication server (AS) and the ticket-granting server (TGS), which are both part of the key distribution center (KDC) SE571 Security in Computing Dr. Ogara
30
Control of Access to General Objects
Kerberos A user presents an authenticating credential (a password) to the authentication server and receives a ticket (encrypted) showing that the user has passed authentication Uses shared encryption keys Implements single sign-on user signs on once and after that user’s actions are authorized without the user signing on again. SE571 Security in Computing Dr. Ogara
31
Control of Access to General Objects
Procedure-Oriented Access Control Procedure that controls access to objects Procedure forms a capsule around the object, permitting only certain specified accesses Implements the principle of information hiding because implementing an object are known only to the object’s control procedure SE571 Security in Computing Dr. Ogara
32
Control of Access to General Objects
Role-Based Access Control Allows us to associate privileges with groups, for example, administrators vs. regular users (lower privilege) SE571 Security in Computing Dr. Ogara
33
File Protection Mechanisms
Forms of Protection All-none protection User can read, modify, or delete a file belonging to any other user/OS files SE571 Security in Computing Dr. Ogara
34
File Protection Mechanisms
Forms of Protection Group protection Identify group of users, for example, Windows Administrators Power users Users Guests A user is recognized by two identifiers (usually numbers): a user ID and a group ID SE571 Security in Computing Dr. Ogara
35
File Protection Mechanisms
Individual Permissions Persistent permissions Temporary acquired permissions Per-object and per-user protection SE571 Security in Computing Dr. Ogara
36
User Authentication Authentications in organizations and systems
Documents Voice recognition Fingerprint Retina matching SE571 Security in Computing Dr. Ogara
37
User Authentication Authentications uses any of three qualities to confirm a user’s identity Something the user knows - Passwords, PIN numbers, passphrases, a secret handshake, and mother’s maiden name are examples of what a user may know. Something the user has- Identity badges, physical keys, a driver’s license, or a uniform are common examples of things people have that make them recognizable. Something the user is(biometrics) - are based on a physical characteristic of the user, such as a fingerprint, the pattern of a person’s voice, or a face (picture). SE571 Security in Computing Dr. Ogara
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.