Operating System Security: Threats, Encryption, and Authentication - Prof. M. Ali, Study notes of Operating Systems

A chapter from 'operating system concepts' by silberschatz, galvin and gagne, focusing on security. It covers the security problem, program and system threats, cryptography as a security tool, user authentication, and implementing security defenses. Topics include security violations, standard security attacks, security measure levels, symmetric and asymmetric encryption, message authentication codes, digital signatures, key distribution, man-in-the-middle attacks, digital certificates, ssl, user authentication, and implementing security defenses.

Typology: Study notes

Pre 2010

Uploaded on 02/13/2009

koofers-user-bxk
koofers-user-bxk 🇺🇸

10 documents

1 / 43

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Chapter 15: Security
Chapter 15: Security
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b

Partial preview of the text

Download Operating System Security: Threats, Encryption, and Authentication - Prof. M. Ali and more Study notes Operating Systems in PDF only on Docsity!

Chapter 15: SecurityChapter 15: Security

15.^

Chapter 15: Security^ Chapter 15: Security

„^ The Security Problem „^ Program Threats „^ System and Network Threats „^ Cryptography as a Security Tool „^ User Authentication „^ Implementing Security Defenses „^ Firewalling to Protect Systems and Networks „^ Computer-Security Classifications „^ An Example: Windows XP

15.^

The Security Problem^ The Security Problem

„^ Security must consider external environment of the system, andprotect the system resources „^ Intruders (crackers) attempt to breach security „^ Threat^ is potential security violation „^ Attack^ is attempt to breach security „^ Attack can be accidental or malicious „^ Easier to protect against accidental than malicious misuse

15.^

Security Violations^ Security Violations

„^ Categories^ z^ Breach of confidentiality^ z^ Breach of integrity^ z^ Breach of availability^ z^ Theft of service^ z^ Denial of service „^ Methods^ z^ Masquerading (breach authentication)^ z^ Replay attack^ ^ Message modification^ z^ Man-in-the-middle attack^ z^ Session hijacking

15.^

Security Measure Levels^ Security Measure Levels

„^ Security must occur at four levels to be effective:^ z^ Physical^ z^ Human^ ^ Avoid

social engineering, phishing, dumpster diving

z^ Operating System z^ Network „ Security is as week as the weakest chain

15.^

Program Threats^ Program Threats

„^ Trojan Horse^ z^ Code segment that misuses its environment^ z^ Exploits mechanisms for allowing programs written by users to beexecuted by other users^ z^ Spyware, pop-up browser windows, covert channels „^ Trap Door^ z^ Specific user identifier or password that circumvents normal securityprocedures^ z^ Could be included in a compiler „^ Logic Bomb^ z^ Program that initiates a security incident under certain circumstances „^ Stack and Buffer Overflow^ z^ Exploits a bug in a program (overflow either the stack or memorybuffers)

15.^

Layout of Typical Stack Frame^ Layout of Typical Stack Frame

15.^

Modified Shell Code^ Modified Shell Code

#include <stdio.h> int main(int argc, char *argv[]) {^ execvp(‘‘\bin\sh’’,‘‘\bin \sh’’, NULL);^ return 0; }

15.^

Program Threats (Cont.)^ Program Threats (Cont.)

„^ Viruses^ z^ Code fragment embedded in legitimate program^ z^ Very specific to CPU architecture, operating system,applications^ z^ Usually borne via email or as a macro^ ^ Visual Basic Macro to reformat hard drive

Sub AutoOpen() Dim^ oFS^ Set^ oFS =CreateObject(’’Scripting.FileSystemObject’’)^ vs^ =^ Shell(’’c:command.com

/k^ format

c:’’,vbHide) End Sub

15.^

Program Threats (Cont.)^ Program Threats (Cont.)

„^ Virus dropper

inserts virus onto the system

„^ Many categories of viruses, literally many thousands of viruses^ z^ File^ z^ Boot^ z^ Macro^ z^ Source code^ z^ Polymorphic^ z^ Encrypted^ z^ Stealth^ z^ Tunneling^ z^ Multipartite^ z^ Armored

15.^

System and Network Threats^ System and Network Threats „ Worms – use^ spawn

mechanism; standalone program

„^ Internet worm^ z^ Exploited UNIX networking features (remote access) and bugsin^ finger

and^ sendmail

programs

z^ Grappling hook

program uploaded main worm program

„^ Port scanning^ z^ Automated attempt to connect to a range of ports on one or arange of IP addresses „^ Denial of Service^ z^ Overload the targeted computer preventing it from doing anyuseful work^ z^ Distributed denial-of-service (

DDOS ) come from multiple sites

at once

15.^

The Morris Internet Worm^ The Morris Internet Worm

15.^

Secure Communication over Insecure Medium^ Secure Communication over Insecure MediumOperating System Concepts

15.^

Silberschatz, Galvin and Gagne ©

Encryption^ Encryption

„^ Encryption algorithm consists of^ z^ Set of

K^ keys z Set of M^ Messages z Set of C^ ciphertexts (encrypted messages) z A function^ E^ :^ K^ →^ ( M

C ). That is, for each

k^ ∈^ K ,^ E ( k ) is a function for generating ciphertexts from messages.^ ^ Both^ E^ and

E ( k ) for any^ k^ should be efficiently computable functions. z^ A function^ D

:^ K^ →^ ( C^ →^ M ). That is, for each

k^ ∈^ K ,^ D ( k ) is a function for

generating messages from ciphertexts.^ ^ Both^ D^ and

D ( k ) for any^ k^ should be efficiently computable functions. „^ An encryption algorithm must provide this essential property: Given a ciphertext

c^ ∈^ C ,

a computer can compute

m^ such that^ E (

k )( m ) =^ c^ only if it possesses

D ( k ).

z^ Thus, a computer holding

D ( k ) can decrypt ciphertexts to the plaintexts used to produce them, but a computer not holding

D ( k ) cannot decrypt ciphertexts.

z^ Since ciphertexts are generally exposed (for example, sent on the network), it isimportant that it be infeasible to derive

D ( k ) from the ciphertexts