Download presentation
Presentation is loading. Please wait.
Published byCorey Blake Modified over 9 years ago
1
Advanced Accounting Information Systems Day 23 Operating Systems Security October 16, 2009
2
Announcements –Quiz 5 –Assignment 4 – due today Task as IT auditor is to identify potential problems new owner may encounter with Threadchic –Midterm In class – systems documentation, sql queries Out of class – four essay questions, you pick the two to write on, maximum of two double-spaced pages per essay question –Covers systems development, IT auditing, internal controls
3
Objectives – Operating Systems Security Understand the core components of operating systems Understand the common implmentations of the main operating system components as well as the associated risk and control considerations Apply security principles and concepts to effectively secure operating systems
4
Blaster Worm Remote procedure call –Core operating system component implemented in the Windows family of products Allows a computer to invoke and execute programs from remote computers Present on every Windows computer and has highest level of privileges July 16, 2003 announcement of critical vulnerability that allowed attackers to send specially crafted malformed messages and thereby run any code of their choice on a computer with no restrictions –Attackers could then install any software on a machine Capture keystrokes to get passwords Impersonate users Read or delete any emails
5
Blaster Worm Department of Homeland Security issued high[profile alerts but many businesses and end users did not install patch August 11, 2003, MSBlaster worm was released in the wild –Within 204 hours, over 330,000 computers were infected –Resulted in denial of service for Windows users as infected computers frequently rebooted –Caused CSX Transportation Corporation to stop trains causing serious delays for commuter rail service near Washington DC –Caused Air Canada to delay flights –forced Maryland’s motor vehicle agency to close for a day –Kicked Swedish Internet users offline –Contributed to the major power blackout on the East Coast
6
Goal of Chapter For each environment – operating systems, applications, databases, telecommunication networks, data networks, and Web systems, we look at the risks that affect these environments and learn about controls to mitigate the risks Breach in one environment may affect other environments given that these environments depend on each other Most important environment that needs to be secured – operating system
7
Common Operating Systems Every command entered on a computer is managed and processed by the operating system –All data files, applications, and databases reside on the operating system Operating system – house that contains various safes ( applications and databases) – if someone breaks into the house, they can just pick up the safe and run, no matter how strong the security lock is on the safe –Thus compromise of operating system almost always leads to compromise of its contents including various applications and database
8
Operating Systems Operating system – software that controls the operation of a computer and directs the processing of programs by assigning storage space in memory and controlling input and out functions Interface between end user and various applications Must also manage the hardware present in the computer API – application programming interface Rainbow series books –Orange book – trusted computer system evaluation criteria – seven classes – see table 7.1
9
Orange Book summary chart Division D – minimum security –D systems that aren’t rated higher Division C – discretionary protection –C1 discretionary security protection –C2 – controlled access protection Division B Division A –A verified design
10
Common Operating Systems Windows Linux z/OS NetWare
11
Common Risks and Controls - Authentication Passwords Risks Controls Other authentication technologies
12
Common Risks and Controls - Authorization Permissions Risks Controls
13
Common Risks and Controls – Trust Relationships Why establish trust? –Data exchange between two systems without requiring user intervention to first authenticate and authorize the transaction –User movement across multiple systems without having to re-authenticate Risks Controls
14
Common Risks and Controls – Job Scheduling Risks Controls
15
Common Risks and Controls – File Systems Local File Systems Remote File Systems File and Directory Permissions Risks Controls
16
Common Risks and Controls – Software Updates Risks Controls
17
Assurance Considerations Number of workstations and servers on system Number of different operating systems used Criticality of the computers or data stored on the system Types of tools available for collection and analysis of data detailing the security controls
18
Vocabulary Review Access control list Active directory Application programming interface Authentication Authorization Baseline Biometrics brute-force attacks Common internet file system (CIFS) Dictionary attacks File system Jobs Malware netWare directory service (NDS) Network file system (NFS)
19
Vocabulary Review One-time password (OTP) One-way hash algorithms Operating system Password file Password hash Permissions piggybacking Root Salt Samba Secure shell (SSH) Server message block (SMB) Shadow file Smart card Tripwire Trust relationship
20
Questions for Monday Identify common risks to application security and suggest at least one control to mitigate each risk
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.