Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Protection and Security CSCI 444/544 Operating Systems Fall 2008."— Presentation transcript:

1 Protection and Security CSCI 444/544 Operating Systems Fall 2008

2 Agenda Protection goals and principle User authentication and access control Security vulnerabilities Cryptography as a security tool

3 Goals Protection more important as computer systems develop Multiple users have access to same resources Computers connected to network Increasing importance to electronic commerce Goals: Ensure users only do what they are supposed to do Prevent accidental misuse –Example: Mistakenly overwrite command interpreter. –Relatively easy to solve by making hard to do Prevent malicious abuse –Example: Break into accounting system and transfer $1million –Hard to completely eliminate

4 Principle of Protection Guiding principle – principle of least privilege Programs, users and systems should be given just enough privileges to perform their tasks

5 Components of Protection Mechanism Authentication Make sure system knows who are you Authorization Determine what the user is and is not allowed to do Access enforcement Make sure no loopholes in the system Auditing Record what users and programs are doing for later analysis/prosecution

6 Authentication How do you prove who you are? Passwords Secret piece of information known only by user System should not store in readable form –One-way transformations must be used when check Disadvantage: Relatively easy to crack –Humans choose poor passwords Short passwords are easy to find with brute force Common words found in dictionaries Key Physical possession of item proves identity Should not be forgeable or able to be copied Advantage: If stolen, user is aware Disadvantage: Relatively expensive to make

7 Authorization Determination Access rights represented with access matrix One domain (e.g., user) per row One resource (e.g., files) per column Each entry indicates privileges of domain for resource File AFile BFile CFile D User 1RW User 2RW -- User 3RWR-- User 4RWR - User 5RWR -

8 Representation of Access Matrix Access matrix is sparsely populated Condense information by expressing in two forms –Access control list: Per column –Capability: Per row

9 Access Control Lists Access Control Lists: (ACLs) For each resource, indicate users that can perform operations –General form: Each resource has list of pairs Disadvantage –Tedious to have separate entry for every user Optimization –Group users into classes –UNIX example: Three classes of users: self, group, everyone else Three privileges: read, write, execute Advantage: Easy to revoke privileges

10 Access Control Lists Use of access control lists for managing file access R

11 Capabilities For each user, indicate resources that can be accessed –General form: Each user has list of pairs Compare against ACL – May built-in with handle to resources – More efficient access right checking Important concern – a user should not be able to tamper its capabilities Disadvantage – Difficult to revoke capabilities, since they are distributed throughout the system

12 Implementing Capabilities Kernel-space capability list (C-list) –User programs use handles (e.g. file descriptor) to refer to them

13 Implementing Capabilities Tagged architecture Memory words containing capabilities are tagged – user programs can only read those words –Only kernel can change those words Cryptographically-protected capabilities C-list is in user space, but – capability is formed cryptographically so that user cannot tamper it. – does not require hardware support

14 Access Control Protection can be applied to non-file resources Solaris 10 provides role-based access control to implement least privilege Privilege is right to execute system call or use an option within a system call Can be assigned to processes Users assigned roles granting access to privileges and programs

15 Role-based Access Control in Solaris

16 Revocation of Access Rights Access List – Delete access rights from access list. Simple Immediate Capability List – Scheme required to locate capability in the system before capability can be revoked.

17 Access Enforcement Responsibilities of security kernel Protecting identification and authorization information Enforcing access controls Requirements Must run in protected mode As small and simple as possible Paradox More powerful protection mechanism --> Larger and more complex security kernel --> More likely to have implementation bugs --> More security holes

18 The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt to breach security Threat is potential security violation Attack is attempt to breach security Attack can be accidental or malicious Easier to protect against accidental than malicious misuse

19 Security Violations Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service Methods Masquerading (breach authentication) Replay attack –Message modification Man-in-the-middle attack Session hijacking

20 Program Threats Trojan Horse Code segment that misuses its environment Exploits mechanisms for allowing programs written by users to be executed by other users Spyware, pop-up browser windows, covert channels Trap Door Specific user identifier or password that circumvents normal security procedures Could be included in a compiler Logic Bomb Program that initiates a security incident under certain circumstances Stack and Buffer Overflow Exploits a bug in a program (overflow either the stack or memory buffers)

21 System and Network Threats Virus fragment of malicious code embedded in legitimate code spread by copying infected program over network or floppy disk Worm Capable of spreading itself from machine to machine Grappling hook program uploaded main worm program Port scanning Automated attempt to connect to a range of ports on one or a range of IP addresses Denial of Service Overload the targeted computer preventing it from doing any useful work Distributed denial-of-service (DDOS) come from multiple sites at once

22 Security Services Authentication Access Control Confidentiality Integrity

23 Security Mechanisms Cryptography Encryption/Decryption –Symmetric Key –Asymmetric Key (Public-key system) Entity or Message Authentication –Public-key and Hash function Digital Signature Key distribution

Download ppt "Protection and Security CSCI 444/544 Operating Systems Fall 2008."

Similar presentations

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.
Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.

1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
Module 6.0: Security and Protection

Module 6.0: Security and Protection
Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)

Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed.

Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed.
Bilkent University Department of Computer Engineering

Bilkent University Department of Computer Engineering
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
What we will cover… Protection and Security in OS.

What we will cover… Protection and Security in OS.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.

CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.
Lecture 21 Chapter 14: Protection Chapter 15: Security

Lecture 21 Chapter 14: Protection Chapter 15: Security
1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.

1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.

Similar presentations

Ads by Google