Operating System Security, Lecture notes of Computer Security

This document will explore System Access threats, Malicious Software , Intrusion Detection Systems, Buffer Overflow , Compile TIME defences and Access control Schemes.

Typology: Lecture notes

2019/2020

Uploaded on 12/03/2020

cliff-kuuzha
cliff-kuuzha 🇿🇼

6 documents

1 / 41

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
and
Operating
Systems:
Internals
Chapter 15
Design Operating
System
Principles
Security
Eighth Edition
By William Stallings
Presented by Cliff Kuuzha
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29

Partial preview of the text

Download Operating System Security and more Lecture notes Computer Security in PDF only on Docsity!

and

Operating

Systems:

Internals

Chapter 15

Design

Operating

System

Principles

Security

Eighth Edition

Malicious threats

fall

Intruders

gener

al

System Access

Threats

System

acces

s

into

two

Malicious

Software

 Programs that exploit vulnerabilities in computing systems

 Also referred to as malware

 Can be divided into two categories:

 parasitic

 fragments of programs that cannot exist independently

of some

actual application program, utility, or system program

 viruses, logic bombs, and backdoors are examples

 independent

 self-contained programs that can be scheduled and run

by the

Countermeasur

es

 RFC 4949 ( Internet Security Glossary) defines intrusion

detection as a security

service that monitors and analyzes system events for the purpose

of finding,

and providing real-time or near real-time warning of, attempts to

access

system resources in an unauthorized manner

 Intrusion detection systems (IDSs) can be classified as:

 host-based IDS

 monitors the characteristics of a single host and

the events occurring within that host for

suspicious activity

 network-based IDS

Authenticatio

n

 In most computer security contexts, user authentication is the

fundamental building block and the primary line of defense

 RFC 4949 defines user authentication as the process of

verifying an identity claimed by or for a system entity

 An authentication process consists of two steps:

 identification step

 presenting an identifier to the security system

 verification step

 presenting or generating authentication

information that corroborates the binding between

the entity and the identifier

possess

es

(dynamic

biometrics)

keycards, smart

cards, and

by voice pattern,

handwriting

 referred to as a

token

rhyth

m

Means of

Authentication

 Something the individual knows  Something the individual

is

 examples include a password,

(static biometrics)

a personal identification  examples include

recognition number (PIN), or answers to by

fingerprint, retina, and

a prearranged set of questions face

 Something the individual (^)  Something the individual

does

 examples include electronic

 examples include

protecting a local

system or

network-based security

threats

point, so that all

incoming

outside world via wide

area

must pass through the

firewall

Traditionally, a firewall

is a

the traffic that is

authorized to

with computers outside a

network

Firewalls

Design goals:

 Can be an effective means of

1 ) The firewall acts as a choke

network of

systems from traffic and all outgoing traffic

while affording access to the

networks and the Internet

2 ) The firewall enforces the local

security policy, which defines

dedicated computer that

interfaces

pass (^) and has special security

precautions built into it in

order to

3 ) The firewall is secure against protect sensitive files

Buffer Overflow

Attacks

 Also known as a buffer overrun

 Defined in the NIST (National Institute of Standards

and

Technology) Glossary of Key Information Security

Terms as:

“A condition at an interface under which more input can be

placed

into a buffer or data-holding area than the capacity allocated,

overwriting

other information. Attackers exploit such a condition to crash

a system or

Memory Before After Contains

Address gets(str2) gets(str2) Value of

............

bffffbf 4 34fcffbf 34fcffbf argv

4... 3...

bffffbf 0 01000000 01000000 argc

........

bffffbec c6bd034 0 c6bd034 0 return addr

... @... @

bffffbe 8 08fcffbf 08fcffbf old base ptr

........

bffffbe 4 00000000 01000000 valid

........

bffffbe 0 80640140 00640140

. d. @. d. @

bffffbdc 54001540 4e50555 4 str1[4-

7] T.. @ N P U T

bffffbd 8 53544152 42414449 str1[0-

3] S T A R B A D I

bffffbd 4 00850408 4e50555 4 str2[4-7]

.... N P U T

bffffbd 0 30561540 42414449 str2[0-3]

0 V. @ B A D I

............

Figure 15. 2 Basic Buffer Overflow Stack Values

 To exploit

any

vulnerability in some

program

externally sourced data

under

will be stored in the

processes

Exploiting Buffer

Overflow

 To identify a buffer overflow

type of buffer

that can be triggered

using

overflow the

the attackers control

attacker needs:

 To understand how

that buffer

memory, and hence the

potential for corrupting

adjacent memory locations

overflows by

instrumenting

systems and updates

and can

existing vulnerable

programs

These defenses involve

changes to

virtual address space of

processes

 choose a high-level

language

overflows

standar

ds

 alter the

properties of

 or to make predicting

the

sufficiently

difficult to attacks

 include additional

code to

frame

Defens

es

Compile-time

Runtime

 Aim to prevent or detect buffer  Can be deployed

in operating

programs when they are compiled provide some

protection for

 Possibilities:

that does not permit buffer

the memory

management of the

 encourage safe coding

 these changes act

librarie

s

 one possibility is to write the program

using a

has a strong notion of variable type

and what

augment compilers to automatically

insert range

languages does come at a cost in

resource use,

that must execute at runtime

standard semantics but includes

additional

extend beyond the local variable

space in the

rewrite any unsafe coding constructs

 an example is the OpenBSD project

which

UNIX-like operating system

 among other technology changes,

programmers

existing code base, including the

operating

against classic stack overflow

attacks is to

set up and then check its stack

frame for any

mechanisms, is a GNU Compile

Collection

function entry and exit code

Compile-time

Techniques

Choice of programming languageLanguage extensions

and use of safe

modern high-level programming language that  there have been a number of proposals

to

constitutes permissible operations on them checks on pointer references

 the flexibility and safety provided by these  Libsafe is an example that implements

the

both at compile time and also in additional code checks to ensure that the copy

operations do not

stack frame

Safe coding techniquesStack protection

mechanisms

 programmers need to inspect the

code and 

an effective method for protecting

programs

File System

Access

Control

 Identifies a user to the system

 Associated with each user there can be a profile that

specifies permissible operations and file accesses

 The operating system can then enforce rules based on the user

profile

 The database management system, however, must control

access to specific records or even portions of records

 The database management system decision for access

depends not only on the user’s identity but also on the

specific parts of the data being accessed and even on the