Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319.

Published byGriffin Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319."— Presentation transcript:

1 Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319

2 Bugs and Flaws Security Bug – Vulnerability in the software Security Flaw – Vulnerability in the architecture or design About 50%-50%

3 Today’s Environment Security bug and flaws account for the majority of compromises We are better at protecting the perimeter with Firewalls, IPS, etc. More demands for functionality has made software more complex As complexity increases security decreases

4 Approaches Bake Security In from the start – From Architecture to Design to Implementation to Testing – Correct approach Bolt Security on at the end – Often not enough time – Much harder to do

5 Security “The security that a product provides must be evaluated based upon the availability, integrity, and confidentiality that it claims to provide.” Need to really understand how technology works to determine the proper level of security that is truly in place.

6 Waterfall Model Architect the system Write Specification Requirements Design Implement = code Test Deploy

7 System Architecture Conceptually understand the system structure and behavior and its relationship to its environment Outline the main goals the system must achieve Big picture

8 System Architecture Architectural Description for a software intensive system – ISO/IEC/IEEEE 42010 Security needs to be considered while architecting the system

9 Stakeholder Stakeholder – Individual, team, or organization with interest in the system View – representation of the system from a particular perspective “The architect needs to capture the goals that the system is supposed to accomplish for each stakeholder.”

10 Computer Architecture Computer hardware Operating system Network

11 Computers

12 Buses Most systems today have 64-bit address and data buses

13 CPU

14 Registers PC (Program Counter) – address of next instruction General Registers – Hold data Special Registers – SP (Stack pointer) – PSW (Program Status Word) Bit of negative result Bit for Zero result

15 PSW Bit for mode – User mode (where applications run) – Privileged (Kernel, Supervisor) mode for Operating System I/O

16 Stack Pointer Local Variables Return Address Parameters Local Variable Return Address Parameters

17 Multicore Processor

18 Multiprocessing (See page 311)

19 Process Program loaded in memory Multiprogramming OS – more than one process (program) can be loaded in memory (See page 319) Preemptive multitasking – time sharing

20 Figure 4-6 on Page 314

21 Process Table

22 Interrupts Timer Device – When a device needs to communicate with the CPU – Disk completed I/O operation

23 Interrupts

24 Threads Instructions generated by a process when it has a specific activity that needs to be carried out by the operating system. Microsoft Word – Open a file – Print a document – Save a file

25 Mulithreading

26 Code Injection Attack Attacker injects instructions into a running process. Keylogger, send out malware, If running at privilege mode OWASP Top Ten – https://www.owasp.org/index.php/Top_10_2013- Top_10 https://www.owasp.org/index.php/Top_10_2013- Top_10 – A9 Using Components with Known Vulnerabilities

27 Process Scheduling Responsibility of the operating system Process priorities – Low priority background process – High priority process hogging the system resources Denial of Services attack

28 Software Deadlock A has resources 1 and requests 2 B has resource 2 and requests 1

Download ppt "Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319."

Similar presentations

Processes and Threads Chapter 3 and 4 Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee Community College,

Processes and Threads Chapter 3 and 4 Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee Community College,
Secure Operating Systems Lesson 2: OS Fundamentals.

Secure Operating Systems Lesson 2: OS Fundamentals.
More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
Chapter 3 Process Description and Control

Chapter 3 Process Description and Control
Interrupts Chapter 8 – pp 209-214 Chapter 10 – pp 258-264 Appendix A – pp 537 & 543-545.

Interrupts Chapter 8 – pp Chapter 10 – pp Appendix A – pp 537 &
Computer Organization. This module surveys the physical resources of a computer system. –Basic components CPUMemoryBus I/O devices –CPU structure Registers.

Computer Organization. This module surveys the physical resources of a computer system. –Basic components CPUMemoryBus I/O devices –CPU structure Registers.
CMPT 300: Operating Systems I Dr. Mohamed Hefeeda

CMPT 300: Operating Systems I Dr. Mohamed Hefeeda
Thursday, June 08, 2006 The number of UNIX installations has grown to 10, with more expected. The UNIX Programmer's Manual, 2nd Edition, June, 1972.

Thursday, June 08, 2006 The number of UNIX installations has grown to 10, with more expected. The UNIX Programmer's Manual, 2nd Edition, June, 1972.
Figure 2.8 Compiler phases. 2.8.1 Compiling. Figure 2.9 Object module. 2.8.2 Linking.

Figure 2.8 Compiler phases Compiling. Figure 2.9 Object module Linking.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.

OS Fall ’ 02 Introduction Operating Systems Fall 2002.
Page 1 Processes and Threads Chapter 2 2.1 Processes 2.2 Threads 2.3 Interprocess communication 2.4 Classical IPC problems 2.5 Scheduling.

Page 1 Processes and Threads Chapter Processes 2.2 Threads 2.3 Interprocess communication 2.4 Classical IPC problems 2.5 Scheduling.
1 Process Description and Control Chapter 3. 2 Process Management—Fundamental task of an OS The OS is responsible for: Allocation of resources to processes.

1 Process Description and Control Chapter 3. 2 Process Management—Fundamental task of an OS The OS is responsible for: Allocation of resources to processes.
Processes 1 CS502 Spring 2006 Processes Week 2 – CS 502.

Processes 1 CS502 Spring 2006 Processes Week 2 – CS 502.
OS Spring’03 Introduction Operating Systems Spring 2003.

OS Spring’03 Introduction Operating Systems Spring 2003.
Chapter 7 Interupts DMA Channels Context Switching.

Chapter 7 Interupts DMA Channels Context Switching.
Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.

Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.
Midterm Tuesday October 23 Covers Chapters 3 through 6 - Buses, Clocks, Timing, Edge Triggering, Level Triggering - Cache Memory Systems - Internal Memory.

Midterm Tuesday October 23 Covers Chapters 3 through 6 - Buses, Clocks, Timing, Edge Triggering, Level Triggering - Cache Memory Systems - Internal Memory.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.

1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.
Operating Systems CS208. What is Operating System? It is a program. It is the first piece of software to run after the system boots. It coordinates the.

Operating Systems CS208. What is Operating System? It is a program. It is the first piece of software to run after the system boots. It coordinates the.

Similar presentations

Ads by Google