Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental.

Published byWinifred Richards Modified over 9 years ago

Similar presentations

Presentation on theme: "Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental."— Presentation transcript:

1 Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental or intentional misuse; –Security is to prevent intentional misuse.  We will first cover Security and then Protection.

2 Operating Systems 2 K. Salah The Security Problem Security must consider external environment of the system, and protect it from: –unauthorized access. –malicious modification or destruction Easier to protect against accidental than malicious misuse.

3 Operating Systems 3 K. Salah Examples of Security Flaws  Early UNIX  lpr could remove a file after printing  mkdir could be used to get access to passwords  MULTICS (predecessor to UNIX)  was possible to get access to users' files  How: replace system editor, works fine but also steals the file.  Called “Trojan Horse”: In the story of Homer's Iliad, one army gave another a present of a wooden horse, army hidden inside. Trojan horse appears helpful, but really does something harmful.  Command.com  del *.*  A program that emulates a login prompt

4 Operating Systems 4 K. Salah Worm and Viruses  Internet worm (Morris, 1988) A worm is a self­replicating program:  Used rsh, finger, or sendmail  May not do harm, but dragged down many machines. Virus and Trojan horse do harms.  Viruses  Actually inside a program (worm separate)  Trojan horse does not spread, virus spreads usually through e-mail.  Example: add code to end of program Replace first line (``entry point'') with jump to this code, end of virus jumps to real entry point Virus has control, tries to replicate, also does malicious things  Anti­virus programs look for viruses (some use virtual memory!)

5 Operating Systems 5 K. Salah The Morris Internet Worm

6 Operating Systems 6 K. Salah Generic Security Attacks  Request disk space or pages and read them  Try illegal system calls  While logging in hit ctrl­C  Do everything you're not supposed to  Trojan horse  Trap door or back door: –Specific user identifier or password that circumvents normal security procedures. –Could be included in a compiler. –Used for field services or debugging, and might be only know to programmers.  Logic bomb  Email virus

7 Operating Systems 7 K. Salah General Design Principles for Security  Make system design public  Make default no access  Check for current authority  Give processes least access possible  Don't build security into insecure system -- i.e., don't try to build security on top of UNIX

8 Operating Systems 8 K. Salah Threat Monitoring Check for suspicious patterns of activity – i.e., several incorrect password attempts may signal password guessing. Audit log – records the time, user, and type of all accesses to an object; useful for recovery from a violation and developing better security measures. Scan the system periodically for security holes; done when the computer is relatively unused. Short or easy-to-guess passwords Unauthorized set-uid programs Unauthorized programs in system directories Unexpected long-running processes Improper directory protections Improper protections on system data files Dangerous entries in the program search path (Trojan horse) Changes to system programs: monitor checksum values

9 Operating Systems 9 K. Salah Authentication  Make sure user is who they say  Typical approach: passwords  Stored in encrypted file anyone can see it ­­ supposedly won't help  Reality  dictionary searchers  encrypt and compare  stupidity of users  Other types of Authentication  ATM­style card + password  Fingerprints, retina scan  SecureIDs  Signature analysis  Digital Signature by VeriSign

10 Operating Systems 10 K. Salah Encryption Encrypt clear text into cipher text. Properties of good encryption technique: –Relatively simple for authorized users to incrypt and decrypt data. –Encryption scheme depends not on the secrecy of the algorithm but on a parameter of the algorithm called the encryption key. –Extremely difficult for an intruder to determine the encryption key. Data Encryption Standard substitutes characters and rearranges their order on the basis of an encryption key provided to authorized users via a secure mechanism. Scheme only as secure as the mechanism.

11 Operating Systems 11 K. Salah Encryption (Cont.) Public-key encryption based on each user having two keys: –public key – published key used to encrypt data. –private key – key known only to individual user used to decrypt data. Must be an encryption scheme that can be made public without making it easy to figure out the decryption scheme. The security of cryptosystem is a function of two things: –The strength of the algorithm –The length of the key: 32,64,112,128,256  64-bit takes 600,000 years to break on a supercomputer, assuming the algorithm is unbreakable.

12 Operating Systems 12 K. Salah Protection and Protection Domains  Specifically, how to protect files, CPU, etc.  Policy: what should be protected from whom  Mechanism: how does OS enforce policy  Protection Domains –Objects : things that need to be protected, files; for example, CPU, memory, printer –Rights: permission to perform some operation on object –Domain: set of (object, rights) pairs

13 Operating Systems 13 K. Salah Protection Domains  Domain - a set of (object, rights) pairs  Protection matrix Maintaining such a matrix is a waste. Store by rows or by columns. Readenter Read Write writeenter write Domain 1 2 3 File1 File2 Printer Domain2 Domain3

14 Operating Systems 14 K. Salah Domain Implementation System consists of 2 domains: –User –Supervisor UNIX –Domain = user-id –Domain switch accomplished via file system.  Each file has associated with it a domain bit (setuid bit).  When file is executed and setuid = on, then user-id is set to owner of the file being executed. When execution completes user-id is reset.

15 Operating Systems 15 K. Salah Protection Mechanisms Access Control Lists (By columns) an object maintains a list of granted domains –File1: (Alice, student, R-X), (*, staff, RWX) –In UNIX, a file has rwx for the owner, group, and others. Capabilities (By rows) a domain maintains a list of accessible objects –Domain1: (File1, R--), (Domain2, Enter)

Download ppt "Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental."

Similar presentations

Protection Goals of Protection Domain of Protection Access Matrix

Protection Goals of Protection Domain of Protection Access Matrix
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
Security & Protection 1.

Security & Protection 1.
October 15, 2002Serguei A. Mokhov, 1 UNIX Security 2: A Quick Recap SOEN321 - Information Systems Security Revision 1.3 Date: September.

October 15, 2002Serguei A. Mokhov, 1 UNIX Security 2: A Quick Recap SOEN321 - Information Systems Security Revision 1.3 Date: September.
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.

1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Module 6.0: Security and Protection

Module 6.0: Security and Protection
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
What we will cover… Protection and Security in OS.

What we will cover… Protection and Security in OS.
Reasons for Protection n Prevent users from accessing information they shouldn’t have access to. n Ensure that each program component uses system resources.

Reasons for Protection n Prevent users from accessing information they shouldn’t have access to. n Ensure that each program component uses system resources.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.

CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.
Security 1 © 2000 Franz Kurfess Course Overview Principles of Operating Systems  Introduction  Computer System Structures  Operating System Structures.

Security 1 © 2000 Franz Kurfess Course Overview Principles of Operating Systems  Introduction  Computer System Structures  Operating System Structures.
1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.

1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

Similar presentations

Ads by Google