Download Announcements - Operating Systems - Notes | CMSC 412 and more Study notes Operating Systems in PDF only on Docsity!
Announcements
z^
Reading Chapter 19
z^
MT#2 re-grade requests due by end of class
Computer Threat Model
z^
must consider acceptable risks– value of item to be protected– $2,000 of computer time to steal 50 cents of data
- this is a sufficient deter someone•^ but
computers keep getting faster
z^
Basic Ideas:– confine access to only the highest level needed
- run programs as root only if needed• don’t give system access to all users
Authentication (cont.)
z^
How does a user know what computer they are using?
z^
Need to have
mutual authentication
- computer presents some information that only it could contain– example: Windows --
to login - user software can’t trap that information• assumes that the kernel itself is secure
z^
telephone example:– never give banking/credit card info over the phone unless you
placed the phone call• i.e. you use the telco namespace for authentication
Example (UNIX passwords)
z^
use a function that is hard to invert–
“easy” to compute f(x) given x– hard to compute x given f(x)– the function used is a variation on the DES algorithm
-^ changes selected items in the transformation matrix to preventhardware attacks -^
store only f(x) in the filesystem
z^
to login:–
user supplies a password x’– compute f(x’) and compare to f(x) z^
salt–
add an extra two characters to x so that the same x will producedifferent values on different machines z^
dictionary attach–
if its to easy to compute f(x)– can “guess” many passwords and try them out
Viruses
z^
Most common on systems with little security– easy to write to boot blocks, system software– never run untrusted software with special privileges– Don’t perform daily operations with root/system privileges
z^
Possible to write system independent viruses– MS Word virus
- uses macros to call into the OS
Access Matrix
z^
Abstraction of protection for objects in a system.– Rows are domains (users or groups of users)– Columns are objects (files, printers, etc.)– Items are methods permitted by a domain on an objects
- read, write, execute, print, delete, …
z^
Representing the Table– simple representation (dense matrix) is large– sparse representation possible: each non-zero in the matrix– observation: same column used frequently
- represent groups of users with a name and just store that
- create a default policy for some objects without a value z^
Revocation of access– when are access rights checked?– selective revocation vs. global
Capabilities
z^
Un-forgeable Key to access something
z^
Implementation: a string– I.e. a long numeric sequence for a copier)
z^
Implementation: A protected memory region
- tag memory (or procedures) with access rights
- example - x86 call gate abstraction
- permit rights amplification