Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Privacy Enhancing Technologies Elaine Shi Lecture 4 Principles of System Security slides partially borrowed from Jonathan Katz.

Published byDelphia Kennedy Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Privacy Enhancing Technologies Elaine Shi Lecture 4 Principles of System Security slides partially borrowed from Jonathan Katz."— Presentation transcript:

1 1 Privacy Enhancing Technologies Elaine Shi Lecture 4 Principles of System Security slides partially borrowed from Jonathan Katz

2 2 Roadmap Privacy and System Security Principle of least privilege Principle of Privilege Separation

3 3 Why System Security? System security is necessary for privacy. –e.g. If OS is cpmpromised, data can be breached.

4 4 System security Several meanings of “system security” here: –Security of the entirety of what is being protected –Operating-system security –Host security

5 5 Principle of least privilege A subject should be given only the privileges it needs to accomplish its task –E.g., only allow access to information it needs –E.g., only allow necessary communication The function of a subject (not its identity) should determine this –I.e., if a subject needs some privileges to complete a specific task, it should relinquish those privileges upon completion –If reduced privileges are sufficient for a given task, the subject should request only those privileges

6 6 Principle of least privilege Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job.[Jerome Saltzer 74]

7 7 Example User account management: normal user does not have administrator's privilege. A CEO share his office key only with his assistant, but not anyone else.

8 8 More example A web server should not run with root privilege if root privilege is not needed.

9 9 Privilege Separation Divided system into parts which are limited to the specific privileges they require in order to perform a specific task. E.g., –OS ensures isolation between apps –Hypervisor ensures isolation between OS

10 10 OS ensures isolation between apps If one of the application is buggy and thus is compromised or crashed, it will not affect the behavior of other applications OS App

11 11 Hypervisor ensures isolation between OS Hardware OS Hypervisor OS

12 12 Homework Can you give some more examples in real life that indicate principle of least privilege and privilege separation?

13 13 Reading list [Saltzer and Schroeder 1975] The Protection of Information in Computer SystemsThe Protection of Information in Computer Systems

Download ppt "1 Privacy Enhancing Technologies Elaine Shi Lecture 4 Principles of System Security slides partially borrowed from Jonathan Katz."

Similar presentations

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.
Operating System Security

Operating System Security
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
VM: Chapter 5 Guiding Principles for Software Security.

VM: Chapter 5 Guiding Principles for Software Security.
SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.

SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.

1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
C. Edward Chow Presented by Mousa Alhazzazi C. Edward Chow Presented by Mousa Alhazzazi Design Principles for Secure.

C. Edward Chow Presented by Mousa Alhazzazi C. Edward Chow Presented by Mousa Alhazzazi Design Principles for Secure.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Lecture 7 Access Control

Lecture 7 Access Control
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.

Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Similar presentations

Ads by Google