Download Operating System Security: Threats, Encryption, and Authentication - Prof. M. Ali and more Study notes Operating Systems in PDF only on Docsity!
Chapter 15: SecurityChapter 15: Security
15.^
Chapter 15: Security^ Chapter 15: Security
^ The Security Problem ^ Program Threats ^ System and Network Threats ^ Cryptography as a Security Tool ^ User Authentication ^ Implementing Security Defenses ^ Firewalling to Protect Systems and Networks ^ Computer-Security Classifications ^ An Example: Windows XP
15.^
The Security Problem^ The Security Problem
^ Security must consider external environment of the system, andprotect the system resources ^ Intruders (crackers) attempt to breach security ^ Threat^ is potential security violation ^ Attack^ is attempt to breach security ^ Attack can be accidental or malicious ^ Easier to protect against accidental than malicious misuse
15.^
Security Violations^ Security Violations
^ Categories^ z^ Breach of confidentiality^ z^ Breach of integrity^ z^ Breach of availability^ z^ Theft of service^ z^ Denial of service ^ Methods^ z^ Masquerading (breach authentication)^ z^ Replay attack^ ^ Message modification^ z^ Man-in-the-middle attack^ z^ Session hijacking
15.^
Security Measure Levels^ Security Measure Levels
^ Security must occur at four levels to be effective:^ z^ Physical^ z^ Human^ ^ Avoid
social engineering, phishing, dumpster diving
z^ Operating System z^ Network Security is as week as the weakest chain
15.^
Program Threats^ Program Threats
^ Trojan Horse^ z^ Code segment that misuses its environment^ z^ Exploits mechanisms for allowing programs written by users to beexecuted by other users^ z^ Spyware, pop-up browser windows, covert channels ^ Trap Door^ z^ Specific user identifier or password that circumvents normal securityprocedures^ z^ Could be included in a compiler ^ Logic Bomb^ z^ Program that initiates a security incident under certain circumstances ^ Stack and Buffer Overflow^ z^ Exploits a bug in a program (overflow either the stack or memorybuffers)
15.^
Layout of Typical Stack Frame^ Layout of Typical Stack Frame
15.^
Modified Shell Code^ Modified Shell Code
#include <stdio.h> int main(int argc, char *argv[]) {^ execvp(‘‘\bin\sh’’,‘‘\bin \sh’’, NULL);^ return 0; }
15.^
Program Threats (Cont.)^ Program Threats (Cont.)
^ Viruses^ z^ Code fragment embedded in legitimate program^ z^ Very specific to CPU architecture, operating system,applications^ z^ Usually borne via email or as a macro^ ^ Visual Basic Macro to reformat hard drive
Sub AutoOpen() Dim^ oFS^ Set^ oFS =CreateObject(’’Scripting.FileSystemObject’’)^ vs^ =^ Shell(’’c:command.com
/k^ format
c:’’,vbHide) End Sub
15.^
Program Threats (Cont.)^ Program Threats (Cont.)
^ Virus dropper
inserts virus onto the system
^ Many categories of viruses, literally many thousands of viruses^ z^ File^ z^ Boot^ z^ Macro^ z^ Source code^ z^ Polymorphic^ z^ Encrypted^ z^ Stealth^ z^ Tunneling^ z^ Multipartite^ z^ Armored
15.^
System and Network Threats^ System and Network Threats Worms – use^ spawn
mechanism; standalone program
^ Internet worm^ z^ Exploited UNIX networking features (remote access) and bugsin^ finger
and^ sendmail
programs
z^ Grappling hook
program uploaded main worm program
^ Port scanning^ z^ Automated attempt to connect to a range of ports on one or arange of IP addresses ^ Denial of Service^ z^ Overload the targeted computer preventing it from doing anyuseful work^ z^ Distributed denial-of-service (
DDOS ) come from multiple sites
at once
15.^
The Morris Internet Worm^ The Morris Internet Worm
15.^
Secure Communication over Insecure Medium^ Secure Communication over Insecure MediumOperating System Concepts
15.^
Silberschatz, Galvin and Gagne ©
Encryption^ Encryption
^ Encryption algorithm consists of^ z^ Set of
K^ keys z Set of M^ Messages z Set of C^ ciphertexts (encrypted messages) z A function^ E^ :^ K^ →^ ( M
→ C ). That is, for each
k^ ∈^ K ,^ E ( k ) is a function for generating ciphertexts from messages.^ ^ Both^ E^ and
E ( k ) for any^ k^ should be efficiently computable functions. z^ A function^ D
:^ K^ →^ ( C^ →^ M ). That is, for each
k^ ∈^ K ,^ D ( k ) is a function for
generating messages from ciphertexts.^ ^ Both^ D^ and
D ( k ) for any^ k^ should be efficiently computable functions. ^ An encryption algorithm must provide this essential property: Given a ciphertext
c^ ∈^ C ,
a computer can compute
m^ such that^ E (
k )( m ) =^ c^ only if it possesses
D ( k ).
z^ Thus, a computer holding
D ( k ) can decrypt ciphertexts to the plaintexts used to produce them, but a computer not holding
D ( k ) cannot decrypt ciphertexts.
z^ Since ciphertexts are generally exposed (for example, sent on the network), it isimportant that it be infeasible to derive
D ( k ) from the ciphertexts