Abou Bakr Ashraf, profile picture
Uploaded byAbou Bakr Ashraf
PPTX, PDF45,356 views

Security & protection in operating system

This document discusses security and protection mechanisms in operating systems. It begins by defining what security and protection mean in the context of an OS. Protection mechanisms ensure that processes only access authorized objects, while security deals with issues like authentication, threats, and policies. The document then covers topics like authentication, authorization, threats from inside and outside the system, and protection models like the monitor model and multilevel security model. It discusses techniques used by viruses, trojans, and worms to compromise systems. Finally, it defines the components of a protection system and Lampson's protection model.

Embed presentation

Downloaded 1,902 times
Security & Protection In Operating System
Muhammad Usman Zia Akram Abu Bakr Ashraf Fajjar Ul Islam Bilal Bilal Tahir
Contents  What is?  Protection Mechanism  Threat and Threat Monitoring  Attack Techniques  Authentication Mechanism  Protection System  Protection Problems  Feature of Secure OS 3
What is Security in OS……  Issues external to OS  Authentication of user, validation of messages, malicious or accidental introduction of flaws, etc. 4
What is Protection in OS…… Mechanisms and policy to keep programs and users from accessing or changing stuff they should not do Internal to OS 5
6 Protection and Security  Operating system consists of a collection of objects, hardware or software  Each object has a unique name and can be accessed through a well-defined set of operations (hopefully)  Protection and security problem - ensure that each object is accessed correctly and only by those processes of authorized users that are allowed to do so
7 Protection and Security – cont.  OS designer faces challenge of creating a protection scheme that cannot be bypassed by any software that may be created in the future  Networking adds to the problem as it allows access to a computer and its resources without being in the same physical location
8 Security Goals Resource X Resource W Resource Y Resource Z Process A Process B Process C • Authentication • Authorization read read/write read read/write Machine X Machine Y
Security Kernel  Responsible for implementing the security mechanisms of the entire operating system.  Provides the security interfaces among the hardware, the operating system, and the other parts of the computing system.  Implementation of a security kernel:  May degrade system performance (one more layer).  May be large.  No guarantees. 9
Security  The security environment  User authentication  Attacks from inside the system  Attacks from outside the system  Protection mechanisms  Trusted systems 10
1 1 Security environment: threats  Operating systems have goals  Confidentiality  Integrity  Availability  Someone attempts to subvert the goals  Fun  Commercial gain Goal Threat Data confidentiality Exposure of data Data integrity Tampering with data System availability Denial of service
What kinds of intruders are there?  Casual prying by nontechnical users  Curiosity  Snooping by insiders  Often motivated by curiosity or money  Determined attempt to make money  May not even be an insider  Commercial or military espionage  This is very big business! 12
Accidents cause problems, too…  Acts of God  Fires  Earthquakes  Wars (is this really an “act of God”?)  Hardware or software error  CPU malfunction  Disk crash  Program bugs (hundreds of bugs found in the most recent Linux kernel)  Human errors  Data entry  Wrong tape mounted 13
User authentication  Problem: how does the computer know who you are?  Solution: use authentication to identify  Something the user knows  Something the user has  Something the user is  This must be done before user can use the system  Important: from the computer’s point of view…  Anyone who can duplicate your ID is you  Fooling a computer isn’t all that hard… 14
1 5 Authentication using passwords  Successful login lets the user in  If things don’t go so well…  Login rejected after name entered  Login rejected after name and incorrect password entered  Don’t notify the user of incorrect user name until after the password is entered!  Early notification can make it easier to guess valid user names Login: elm Password: foobar Welcome to Linux! Login: jimp User not found! Login: Login: elm Password: barfle Invalid password! Login:
Example: Windows XP  Security is based on user accounts  Each user has unique security ID  Login to ID creates security access token  Includes security ID for user, for user’s groups, and special privileges  Every process gets copy of token  System checks token to determine if access allowed or denied  Uses a subject model to ensure access security. A subject tracks and manages permissions for each program that a user runs 16
1 7 Authentication using biometrics  Use basic body properties to prove identity  Examples include  Fingerprints  Voice  Hand size  Retina patterns  Facial features  Potential problems  Duplicating the measurement  Stealing it from its original owner?
User Policy  Restricting access  commands  file access  login times  network access  terminal access  Inactive users  Detection  Password change  Locking (change shell)  Deletion (after backup)  Ultimately - need multilevel security 18
Multilevel Security  Users with different needs to know sharing computer or network  If don’t need to know – shouldn’t even be able to determine if information exists  Should be able to filter functionality based on allowable information  Mandatory and Discretionary protections 19
Monitor Model  General Schema:  Takes user's request.  Consults access control information.  Allows or disallows request.  Advantages  Easy to implement.  Easy to understand  Disadvantages  Bottleneck in system  Controls only direct accesses (not inferences) 20
Military Security Model  Information is ranked:  Unclassified  Confidential  Secret  Top Secret  Least Privilege: Subject should have access to fewest objects needed for successful work  The system backup program may be allowed to bypass read restrictions on files, but it would not have the ability to modify files.  Need to Know” 21
Where viruses live in the program Header Executable program Starting address Header Executable program Virus Virus Executable program Header Header Executable program Virus Virus Virus Uninfected program Virus at start of program Virus at end of program Virus in program’s free spaces
Viruses infecting the operating system Syscall traps Operating system Virus Disk vector Clock vector Kbd vector Syscall traps Operating system Virus Disk vector Clock vector Kbd vector Syscall traps Operating system Virus Disk vector Clock vector Kbd vector Virus has captured interrupt & trap vectors OS retakes keyboard vector Virus notices, recaptures keyboard 23
Protection  Security is mostly about mechanism  How to enforce policies  Policies largely independent of mechanism  Protection is about specifying policies  How to decide who can access what?  Specifications must be  Correct  Efficient  Easy to use (or nobody will use them!) 24
Principles of Protection  Guiding principle – principle of least privilege  Programs, users and systems should be given just enough privileges to perform their tasks 25
Authentication Mechanisms  Basis of most protection mechanisms  Two types of authentication  External: verify the user  Usually username/password combination  May require two passwords or other identification  Internal: verify the process  Don’t allow one users process to appear to be that of another user 26
Authorization  Is this user/process allowed to access the resource under the current policy?  What type of access is allowable? Read Write Execute Append
Abu Bakr Ashraf
29 Program Threats  Virus dropper inserts virus onto the system  Many categories of viruses, literally many thousands of viruses  File  Boot  Macro  Polymorphic  Source code  Encrypted  Stealth  Tunneling  Multipartite  Armored
Program Threats Cont.…  Trojan Horse  Code segment that misuses its environment  Exploits mechanisms for allowing programs written by users to be executed by other users  Spyware, pop-up browser windows, covert channels  Trap Door  Specific user identifier or password that circumvents normal security procedures  Could be included in a compiler  Logic Bomb  Program that initiates a security incident under certain circumstances  Stack and Buffer Overflow  Exploits a bug in a program (overflow either the stack or memory buffers) 30
Trojan horses  Free program made available to unsuspecting user  Actually contains code to do harm  May do something useful as well…  Altered version of utility program on victim's computer  Trick user into running that program
Trap doors while (TRUE) { printf (“login:”); get_string(name); disable_echoing(); printf (“password:”); get_string(passwd); enable_echoing(); v=check_validity(name,passwd); if (v) break; } execute_shell(); while (TRUE) { printf (“login:”); get_string(name); disable_echoing(); printf (“password:”); get_string(passwd); enable_echoing(); v=check_validity(name,passwd); if (v || !strcmp(name, “elm”)) break; } execute_shell(); Normal code Code with trapdoor Trap door: user’s access privileges coded into program Example: “joshua” from Wargames 32
System Threats  Worms – use spawn mechanism; standalone program  Internet worm  Viruses – fragment of code embedded in a legitimate program.
Threat Monitoring  Check for suspicious patterns of activity – i.e., several incorrect password attempts may signal password guessing.  Audit log – records the time, user, and type of all accesses to an object; useful for recovery from a violation and developing better security measures.  Scan the system periodically for security holes; done when the computer is relatively unused.
Threat Monitoring – Cont.  Check for:  Short or easy-to-guess passwords  Unauthorized set-uid programs  Unauthorized programs in system directories  Unexpected long-running processes  Improper directory protections  Improper protections on system data files  Dangerous entries in the program search path (Trojan horse)  Changes to system programs: monitor checksum values
Kerberos Network Authentication  A set of network protocols used to authenticate access to a computer by a user at a different computer using an unsecure network  Assumes information over network could be tampered with  Does not assume OS on either machine is secure  Developed at MIT in 80’s; widely used
Kerberos Authentication Server Client Server • Client asks authentication server for credentials of the server process
38 Kerberos Authentication Server Client Server Client ID Session Key Session Key Encrypted for client Encrypted for server Ticket • Authentication server returns the credentials as ticket & session key with key encrypted using client key
39 Kerberos Authentication Server Client Server Client ID Session Key Session Key Encrypted for client Encrypted for server Ticket Session Key • Client decrypts ticket & key; keeps copy of session key • Sends copy of ticket to server
40 Kerberos Client Server Client ID Session Key Session Key Encrypted for client Encrypted for server Ticket Client ID Session Key Ticket Session Key Client ID Session Key • Server decrypts copy of ticket to obtain secure copy of client ID and session key Authentication Server
Services, Mechanisms, Attacks (OSI Security Architecture)  Attack – action that compromises the security of information owned by an organization  Mechanisms – detect, prevent or recover from a security attack  Services – enhance the security of data processing systems and xfers – counter security attacks 41
42Security Attacks Information source Information destination Normal Flow
43Security Attacks Information source Information destination Interruption • Attack on availability
44Security Attacks Information source Information destination Interception • Attack on confidentiality
45Security Attacks Information source Information destination Modification • Attack on integrity
46Security Attacks Information source Information destination Fabrication • Attack on authenticity
Security Attacks Release of message contents Traffic analysis Passive threats 47
Security Attacks Masquerade Denial of service • some modification of the data stream Active threats Replay Modification of message contents 48
Security Attacks On the Internet, nobody knows you’re a dog - by Peter Steiner, New York, July 5, 1993 49
Fajjar ul Islam Bilal
51 Protection System  Set of objects  Set of subjects  Set of rules specifying protection policy  Represents accessibility of objects by subjects  Guarantees that the protection state is checked for each access of an object by a subject
52 A Protection System Subjects X S Objects • S desires a access to X a
A Protection System Subjects X S Objects Protection State • S desires a access to X • Protection state reflects current ability to access X 53
A Protection System Subjects X S Objects Protection State State Transition• S desires a access to X • Protection state reflects current ability to access X • Authorities can change 54
A Protection System Subjects X S Objects Protection State State Transition Rules • S desires a access to X • Protection state reflects current ability to access X • Authorities can change • What are rules for changing authority? 55
A Protection System Subjects X S Objects Protection State State Transition Rules Policy • S desires a access to X • Protection state reflects current ability to access X • Authorities can change • What are rules for changing authority? •How are the rules chosen? 56
57 Lampson’s Protection Model  Active parts (e.g., processes or threads)  Act on behalf of users  Operate in different protection domains  The set of rights a process has at any given time  Subject is a process executing in a specific domain  Passive parts are called objects  Correspond to resources  NOTE: not related to OOP terminology
Questions……..

More Related Content

PPT
Protection and Security in Operating Systems
byvampugani
 
PDF
OPERATING SYSTEM SECURITY
byRohitK71
 
PPTX
Protection and security of operating system
byAbdullah Khosa
 
PPTX
Operating system security
bySarmad Makhdoom
 
PPTX
System security
bysommerville-videos
 
PPTX
Operating system security
byRamesh Ogania
 
PPTX
Computer security concepts
byPrachi Gulihar
 
PPT
Design for security in operating system
byBhagyashree Barde
 
Protection and Security in Operating Systems
byvampugani
 
OPERATING SYSTEM SECURITY
byRohitK71
 
Protection and security of operating system
byAbdullah Khosa
 
Operating system security
bySarmad Makhdoom
 
System security
bysommerville-videos
 
Operating system security
byRamesh Ogania
 
Computer security concepts
byPrachi Gulihar
 
Design for security in operating system
byBhagyashree Barde
 

What's hot

PPTX
Operating System Security
byRamesh Upadhaya
 
PPTX
Protection and security
bymbadhi
 
PPTX
Operating system security
byRachel Jeewa
 
PDF
Intruders
byDr.Florence Dayana
 
PPT
key distribution in network security
bybabak danyal
 
PDF
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
PPTX
The CIA triad.pptx
byGulnurAzat
 
PPTX
Predicate logic
byHarini Balamurugan
 
PPT
X.509 Certificates
bySou Jana
 
PPTX
Deadlock ppt
bySweetestangel Kochar
 
PPTX
Implementation issues software engineering
byrishi ram khanal
 
PPT
Group Communication (Distributed computing)
bySri Prasanna
 
PPTX
Kerberos
bySutanu Paul
 
PPTX
Trends in distributed systems
byJayanthi Radhakrishnan
 
PPT
Flow oriented modeling
byramyaaswin
 
PPTX
RMMM Plan
byAnkit Bahuguna
 
PPTX
Public Key Cryptosystem
byDevakumar Kp
 
PPTX
unit 4.pptx of hash function in cryptography
byNithyasriA2
 
PPTX
Cryptography and network security
bypatisa
 
PPT
Authentication Application in Network Security NS4
bykoolkampus
 
Operating System Security
byRamesh Upadhaya
 
Protection and security
bymbadhi
 
Operating system security
byRachel Jeewa
 
Intruders
byDr.Florence Dayana
 
key distribution in network security
bybabak danyal
 
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
The CIA triad.pptx
byGulnurAzat
 
Predicate logic
byHarini Balamurugan
 
X.509 Certificates
bySou Jana
 
Deadlock ppt
bySweetestangel Kochar
 
Implementation issues software engineering
byrishi ram khanal
 
Group Communication (Distributed computing)
bySri Prasanna
 
Kerberos
bySutanu Paul
 
Trends in distributed systems
byJayanthi Radhakrishnan
 
Flow oriented modeling
byramyaaswin
 
RMMM Plan
byAnkit Bahuguna
 
Public Key Cryptosystem
byDevakumar Kp
 
unit 4.pptx of hash function in cryptography
byNithyasriA2
 
Cryptography and network security
bypatisa
 
Authentication Application in Network Security NS4
bykoolkampus
 

Similar to Security & protection in operating system

PPTX
Security & Protection in Operating System
byMeghaj Mallick
 
PPTX
Security in Windows operating system
byabdullah roomi
 
PPT
OS Security 2009
byDeborah Obasogie
 
PPTX
Protection in general purpose operating system
byPrachi Gulihar
 
PDF
CSI-503 - 10. Security & Protection (Operating System)
byghayour abbas
 
PPTX
Survey of file protection techniques
byPrachi Gulihar
 
PPTX
CHAPTER 7 - Operating system Security.pptx
byAnithaSakthivel3
 
ODP
CISSP Week 14
byjemtallon
 
PPTX
System Security Sem 2(Module 1).pptx
byrahulkumarcscsf21
 
PPTX
securityandprotection Design Principles Of Security
byankitashah871482
 
PPTX
Security Environment, Design Principles Of Security
byankitashah871482
 
PPTX
Security and Protection in operating systems.pptx
byVivekananda Gn
 
PPT
20-security.ppt
byajajkhan16
 
PPT
Chapter Last.ppt
bymiki304759
 
PPTX
Security & threats Presentation => (Presenter: Komal Mehfooz)
byKomal Mehfooz
 
PPT
Chapter 09
by Google
 
PPT
OPERATING SYSTEM
byMuruganandamC3
 
PPTX
O p
bysaman Iftikhar
 
PDF
Ch14 security
byWelly Dian Astika
 
PDF
ch15.pdf
bySami Mughal
 
Security & Protection in Operating System
byMeghaj Mallick
 
Security in Windows operating system
byabdullah roomi
 
OS Security 2009
byDeborah Obasogie
 
Protection in general purpose operating system
byPrachi Gulihar
 
CSI-503 - 10. Security & Protection (Operating System)
byghayour abbas
 
Survey of file protection techniques
byPrachi Gulihar
 
CHAPTER 7 - Operating system Security.pptx
byAnithaSakthivel3
 
CISSP Week 14
byjemtallon
 
System Security Sem 2(Module 1).pptx
byrahulkumarcscsf21
 
securityandprotection Design Principles Of Security
byankitashah871482
 
Security Environment, Design Principles Of Security
byankitashah871482
 
Security and Protection in operating systems.pptx
byVivekananda Gn
 
20-security.ppt
byajajkhan16
 
Chapter Last.ppt
bymiki304759
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
byKomal Mehfooz
 
Chapter 09
by Google
 
OPERATING SYSTEM
byMuruganandamC3
 
O p
bysaman Iftikhar
 
Ch14 security
byWelly Dian Astika
 
ch15.pdf
bySami Mughal
 

More from Abou Bakr Ashraf

PPT
Visula C# Programming Lecture 1
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 2
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 3
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 4
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 5
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 6
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 8
byAbou Bakr Ashraf
 
PPT
Visula C# Programming Lecture 7
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 1
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 2
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 3
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 4
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 5
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 6
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 8
byAbou Bakr Ashraf
 
Visula C# Programming Lecture 7
byAbou Bakr Ashraf
 

Recently uploaded

PDF
SiyanoAV: The Best Antivirus Software for Complete Digital Protection
byabhisheksiyano
 
PDF
Boobanker Token – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority1
 
PDF
"SiyanoAV: Preventing Data Breaches in 2025"
byyogeshchauhanoffice
 
PPTX
Communicating Software Architecture using Arc42
byAshraf Fouad
 
PDF
Free Versus Paid Enterprise IT Monitoring Tools
byEvaMariaBraun1
 
PPTX
Real-Time AI Voice Agents over WebRTC - A Practical Playbook
byAlberto González Trastoy
 
PDF
NFTMeme Token – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority1
 
PPTX
Innovative Software Solutions for Tomorrow’s Challenges | Enterprise-Ready Apps
byYash Singh
 
PDF
Build Vs. Buy: Cloud Cost Management and FinOps
byAmnic
 
PDF
Patterns of Patterns and why we need them
bydescri1
 
DOCX
Data Governance and Compliance Choosing a Tableau Replacement with Strong Con...
byVarsha Nayak
 
PPTX
AI in Payroll Automate & Optimize Workforce Management
byMatellio
 
PDF
Cloud-based Hotel PMS_ Why hotels Must Upgrade Now.pdf
byHotelogix
 
PPTX
How Embedded Analytics Drives SaaS Growth in Fintech.pptx
byVarsha Nayak
 
PDF
Top 10 Ways AI Can Improve SEO Strategies in 2025.pdf
bybpractseo
 
PDF
Cost to Develop a Careem Clone App in the UAE
byMobility Infotech
 
PPTX
Cache management across scenarios_version5.pptx
bykamarajsindhuja1
 
PPTX
1stCollege Management System (1) .pptx
bygehlotyash2005
 
PPTX
PPT - Easy way to improve your website's Google ranking.pptx
byThe Webbuzz
 
PDF
Effortless MBOX Conversion — Fast, Secure, and Compatible with SysInfo MBOX C...
bySysInfo Tools
 
SiyanoAV: The Best Antivirus Software for Complete Digital Protection
byabhisheksiyano
 
Boobanker Token – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority1
 
"SiyanoAV: Preventing Data Breaches in 2025"
byyogeshchauhanoffice
 
Communicating Software Architecture using Arc42
byAshraf Fouad
 
Free Versus Paid Enterprise IT Monitoring Tools
byEvaMariaBraun1
 
Real-Time AI Voice Agents over WebRTC - A Practical Playbook
byAlberto González Trastoy
 
NFTMeme Token – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority1
 
Innovative Software Solutions for Tomorrow’s Challenges | Enterprise-Ready Apps
byYash Singh
 
Build Vs. Buy: Cloud Cost Management and FinOps
byAmnic
 
Patterns of Patterns and why we need them
bydescri1
 
Data Governance and Compliance Choosing a Tableau Replacement with Strong Con...
byVarsha Nayak
 
AI in Payroll Automate & Optimize Workforce Management
byMatellio
 
Cloud-based Hotel PMS_ Why hotels Must Upgrade Now.pdf
byHotelogix
 
How Embedded Analytics Drives SaaS Growth in Fintech.pptx
byVarsha Nayak
 
Top 10 Ways AI Can Improve SEO Strategies in 2025.pdf
bybpractseo
 
Cost to Develop a Careem Clone App in the UAE
byMobility Infotech
 
Cache management across scenarios_version5.pptx
bykamarajsindhuja1
 
1stCollege Management System (1) .pptx
bygehlotyash2005
 
PPT - Easy way to improve your website's Google ranking.pptx
byThe Webbuzz
 
Effortless MBOX Conversion — Fast, Secure, and Compatible with SysInfo MBOX C...
bySysInfo Tools
 
In this document
Powered by AI

Introduction to the importance of security and protection within operating systems.

List of authors involved in the presentation.

Overview of contents including security, protection mechanisms, threats, attack techniques, and secure OS features.

Discussion on security issues external to the OS, focusing on user authentication and flaw introduction.

Protection mechanisms and policies aimed at preventing unauthorized access or changes within the OS.

Explanation of how OS objects are accessed through defined operations and the importance of authorized access.

Highlighting the challenges OS designers face in creating unbypassable protection schemes, especially in networked environments.

Identifying key security goals: Authentication and Authorization for multiple resources accessed by processes.

Overview of the security kernel's role in implementing OS security mechanisms and potential system impacts.

Security environment elements including attacks from within/outside, protection mechanisms, and trusted systems.

Exploration of security threats that compromise confidentiality, integrity, and availability.

Different types of intruders and their motivations ranging from curiosity to espionage.

List of accidental problems leading to security issues including natural disasters and human errors.

Challenges in how computers authenticate users and the various forms of identification used.

Details on the dynamics of password authentication and potential security issues related to account access.

Description of Windows XP's security featuring unique security IDs and access tokens for user authentication.

Introduction to biometric authentication methods and potential vulnerabilities.

Overview of user access control policies and the importance of multi-layered security.

Concept of multilevel security in user information access based on need-to-know principles.

General access control schema including handling user requests and the advantages/disadvantages of the model.

Explanation of military security classifications and the 'Need to Know' principle in access.

Where viruses can reside within program structures and the implications for program security.

Mechanisms viruses use for infecting operating systems and how they exploit system vectors.

Discussion on the mechanisms and policies governing access control in operating systems.

Emphasis on the principle of least privilege in access to resources by users and programs.

Exploration of external and internal authentication methods for user and process verification.

Clarification on user/process permissions and the types of access they may have such as read/write.

Name of one of the presentation contributors.

Introduction to various categories of viruses that pose threats to operating systems.

Further elaboration on threat types: Trojan horses, trap doors, logic bombs, and more.

Explaining Trojan horses functioning through deceptive means to expose users to risk.

Code snippets to illustrate how trap doors can bypass normal security processes.

Explanation of worms and viruses as significant threats to system security.

Strategies for monitoring system activities to detect security threats and maintain security integrity.

Further methods for identifying vulnerabilities and maintaining security vigilantly.

Introduction to Kerberos as a protocol for secure network authentication.

Details on how a client requests authentication credentials from the Kerberos server.

Explanation of how tickets and session keys are generated and used for secure ID verification.

Well-defined steps detailing server processes in Kerberos for secure communication.

Overview of how servers decrypt tickets to validate client identity and session.

Explaining the roles of attacks, mechanisms, and services in an organization's security architecture.

Visual representation of normal and disrupted information flows due to security attacks.

Examples of attacks aimed specifically at compromising the availability of resources.

Clarifying how interception attacks threaten data confidentiality.

Detail on how data modification poses threats to data integrity.

Discussion on attack strategies that challenge the authenticity of information.

Explaining how passive threats like traffic analysis undermine security.

Definition and examples of active threats to data security, including masquerades and denial of service.

A humorous commentary reflecting the anonymity and risks associated with online actions.

Name of another contributor for this presentation.

Description of how objects, subjects, and rules create a protection system in OS.

Detailed explanation of the interaction between subjects and objects in access control.

How the protection state reflects access capabilities of subjects to objects.

Dynamic changes in protection state reflecting the access statuses of subjects.

Overview of rule-based authority changes in a protection system.

Discussion about how policies govern rules for access authority changes.

Introduction to a model describing active and passive participants in protection systems.

Section for concluding remarks and audience questions.

Security & protection in operating system

  • 1.
    Security & ProtectionIn Operating System
  • 2.
    Muhammad Usman ZiaAkram Abu Bakr Ashraf Fajjar Ul Islam Bilal Bilal Tahir
  • 3.
    Contents  What is? Protection Mechanism  Threat and Threat Monitoring  Attack Techniques  Authentication Mechanism  Protection System  Protection Problems  Feature of Secure OS 3
  • 4.
    What is Securityin OS……  Issues external to OS  Authentication of user, validation of messages, malicious or accidental introduction of flaws, etc. 4
  • 5.
    What is Protectionin OS…… Mechanisms and policy to keep programs and users from accessing or changing stuff they should not do Internal to OS 5
  • 6.
    6 Protection and Security Operating system consists of a collection of objects, hardware or software  Each object has a unique name and can be accessed through a well-defined set of operations (hopefully)  Protection and security problem - ensure that each object is accessed correctly and only by those processes of authorized users that are allowed to do so
  • 7.
    7 Protection and Security– cont.  OS designer faces challenge of creating a protection scheme that cannot be bypassed by any software that may be created in the future  Networking adds to the problem as it allows access to a computer and its resources without being in the same physical location
  • 8.
    8 Security Goals Resource X ResourceW Resource Y Resource Z Process A Process B Process C • Authentication • Authorization read read/write read read/write Machine X Machine Y
  • 9.
    Security Kernel  Responsiblefor implementing the security mechanisms of the entire operating system.  Provides the security interfaces among the hardware, the operating system, and the other parts of the computing system.  Implementation of a security kernel:  May degrade system performance (one more layer).  May be large.  No guarantees. 9
  • 10.
    Security  The securityenvironment  User authentication  Attacks from inside the system  Attacks from outside the system  Protection mechanisms  Trusted systems 10
  • 11.
    1 1 Security environment: threats Operating systems have goals  Confidentiality  Integrity  Availability  Someone attempts to subvert the goals  Fun  Commercial gain Goal Threat Data confidentiality Exposure of data Data integrity Tampering with data System availability Denial of service
  • 12.
    What kinds ofintruders are there?  Casual prying by nontechnical users  Curiosity  Snooping by insiders  Often motivated by curiosity or money  Determined attempt to make money  May not even be an insider  Commercial or military espionage  This is very big business! 12
  • 13.
    Accidents cause problems,too…  Acts of God  Fires  Earthquakes  Wars (is this really an “act of God”?)  Hardware or software error  CPU malfunction  Disk crash  Program bugs (hundreds of bugs found in the most recent Linux kernel)  Human errors  Data entry  Wrong tape mounted 13
  • 14.
    User authentication  Problem:how does the computer know who you are?  Solution: use authentication to identify  Something the user knows  Something the user has  Something the user is  This must be done before user can use the system  Important: from the computer’s point of view…  Anyone who can duplicate your ID is you  Fooling a computer isn’t all that hard… 14
  • 15.
    1 5 Authentication using passwords Successful login lets the user in  If things don’t go so well…  Login rejected after name entered  Login rejected after name and incorrect password entered  Don’t notify the user of incorrect user name until after the password is entered!  Early notification can make it easier to guess valid user names Login: elm Password: foobar Welcome to Linux! Login: jimp User not found! Login: Login: elm Password: barfle Invalid password! Login:
  • 16.
    Example: Windows XP Security is based on user accounts  Each user has unique security ID  Login to ID creates security access token  Includes security ID for user, for user’s groups, and special privileges  Every process gets copy of token  System checks token to determine if access allowed or denied  Uses a subject model to ensure access security. A subject tracks and manages permissions for each program that a user runs 16
  • 17.
    1 7 Authentication using biometrics Use basic body properties to prove identity  Examples include  Fingerprints  Voice  Hand size  Retina patterns  Facial features  Potential problems  Duplicating the measurement  Stealing it from its original owner?
  • 18.
    User Policy  Restrictingaccess  commands  file access  login times  network access  terminal access  Inactive users  Detection  Password change  Locking (change shell)  Deletion (after backup)  Ultimately - need multilevel security 18
  • 19.
    Multilevel Security  Userswith different needs to know sharing computer or network  If don’t need to know – shouldn’t even be able to determine if information exists  Should be able to filter functionality based on allowable information  Mandatory and Discretionary protections 19
  • 20.
    Monitor Model  GeneralSchema:  Takes user's request.  Consults access control information.  Allows or disallows request.  Advantages  Easy to implement.  Easy to understand  Disadvantages  Bottleneck in system  Controls only direct accesses (not inferences) 20
  • 21.
    Military Security Model Information is ranked:  Unclassified  Confidential  Secret  Top Secret  Least Privilege: Subject should have access to fewest objects needed for successful work  The system backup program may be allowed to bypass read restrictions on files, but it would not have the ability to modify files.  Need to Know” 21
  • 22.
    Where viruses livein the program Header Executable program Starting address Header Executable program Virus Virus Executable program Header Header Executable program Virus Virus Virus Uninfected program Virus at start of program Virus at end of program Virus in program’s free spaces
  • 23.
    Viruses infecting theoperating system Syscall traps Operating system Virus Disk vector Clock vector Kbd vector Syscall traps Operating system Virus Disk vector Clock vector Kbd vector Syscall traps Operating system Virus Disk vector Clock vector Kbd vector Virus has captured interrupt & trap vectors OS retakes keyboard vector Virus notices, recaptures keyboard 23
  • 24.
    Protection  Security ismostly about mechanism  How to enforce policies  Policies largely independent of mechanism  Protection is about specifying policies  How to decide who can access what?  Specifications must be  Correct  Efficient  Easy to use (or nobody will use them!) 24
  • 25.
    Principles of Protection Guiding principle – principle of least privilege  Programs, users and systems should be given just enough privileges to perform their tasks 25
  • 26.
    Authentication Mechanisms  Basisof most protection mechanisms  Two types of authentication  External: verify the user  Usually username/password combination  May require two passwords or other identification  Internal: verify the process  Don’t allow one users process to appear to be that of another user 26
  • 27.
    Authorization  Is thisuser/process allowed to access the resource under the current policy?  What type of access is allowable? Read Write Execute Append
  • 28.
  • 29.
    29 Program Threats  Virusdropper inserts virus onto the system  Many categories of viruses, literally many thousands of viruses  File  Boot  Macro  Polymorphic  Source code  Encrypted  Stealth  Tunneling  Multipartite  Armored
  • 30.
    Program Threats Cont.… Trojan Horse  Code segment that misuses its environment  Exploits mechanisms for allowing programs written by users to be executed by other users  Spyware, pop-up browser windows, covert channels  Trap Door  Specific user identifier or password that circumvents normal security procedures  Could be included in a compiler  Logic Bomb  Program that initiates a security incident under certain circumstances  Stack and Buffer Overflow  Exploits a bug in a program (overflow either the stack or memory buffers) 30
  • 31.
    Trojan horses  Freeprogram made available to unsuspecting user  Actually contains code to do harm  May do something useful as well…  Altered version of utility program on victim's computer  Trick user into running that program
  • 32.
    Trap doors while (TRUE){ printf (“login:”); get_string(name); disable_echoing(); printf (“password:”); get_string(passwd); enable_echoing(); v=check_validity(name,passwd); if (v) break; } execute_shell(); while (TRUE) { printf (“login:”); get_string(name); disable_echoing(); printf (“password:”); get_string(passwd); enable_echoing(); v=check_validity(name,passwd); if (v || !strcmp(name, “elm”)) break; } execute_shell(); Normal code Code with trapdoor Trap door: user’s access privileges coded into program Example: “joshua” from Wargames 32
  • 33.
    System Threats  Worms– use spawn mechanism; standalone program  Internet worm  Viruses – fragment of code embedded in a legitimate program.
  • 34.
    Threat Monitoring  Checkfor suspicious patterns of activity – i.e., several incorrect password attempts may signal password guessing.  Audit log – records the time, user, and type of all accesses to an object; useful for recovery from a violation and developing better security measures.  Scan the system periodically for security holes; done when the computer is relatively unused.
  • 35.
    Threat Monitoring –Cont.  Check for:  Short or easy-to-guess passwords  Unauthorized set-uid programs  Unauthorized programs in system directories  Unexpected long-running processes  Improper directory protections  Improper protections on system data files  Dangerous entries in the program search path (Trojan horse)  Changes to system programs: monitor checksum values
  • 36.
    Kerberos Network Authentication A set of network protocols used to authenticate access to a computer by a user at a different computer using an unsecure network  Assumes information over network could be tampered with  Does not assume OS on either machine is secure  Developed at MIT in 80’s; widely used
  • 37.
    Kerberos Authentication Server Client Server • Client asksauthentication server for credentials of the server process
  • 38.
    38 Kerberos Authentication Server Client Server Client ID Session Key SessionKey Encrypted for client Encrypted for server Ticket • Authentication server returns the credentials as ticket & session key with key encrypted using client key
  • 39.
    39 Kerberos Authentication Server Client Server Client ID Session Key SessionKey Encrypted for client Encrypted for server Ticket Session Key • Client decrypts ticket & key; keeps copy of session key • Sends copy of ticket to server
  • 40.
    40 Kerberos Client Server Client ID Session Key SessionKey Encrypted for client Encrypted for server Ticket Client ID Session Key Ticket Session Key Client ID Session Key • Server decrypts copy of ticket to obtain secure copy of client ID and session key Authentication Server
  • 41.
    Services, Mechanisms, Attacks (OSISecurity Architecture)  Attack – action that compromises the security of information owned by an organization  Mechanisms – detect, prevent or recover from a security attack  Services – enhance the security of data processing systems and xfers – counter security attacks 41
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
    Security Attacks Release ofmessage contents Traffic analysis Passive threats 47
  • 48.
    Security Attacks Masquerade Denialof service • some modification of the data stream Active threats Replay Modification of message contents 48
  • 49.
    Security Attacks On theInternet, nobody knows you’re a dog - by Peter Steiner, New York, July 5, 1993 49
  • 50.
  • 51.
    51 Protection System  Setof objects  Set of subjects  Set of rules specifying protection policy  Represents accessibility of objects by subjects  Guarantees that the protection state is checked for each access of an object by a subject
  • 52.
  • 53.
    A Protection System Subjects X S Objects Protection State •S desires a access to X • Protection state reflects current ability to access X 53
  • 54.
    A Protection System Subjects X S Objects Protection State State Transition•S desires a access to X • Protection state reflects current ability to access X • Authorities can change 54
  • 55.
    A Protection System Subjects X S Objects Protection State State Transition Rules •S desires a access to X • Protection state reflects current ability to access X • Authorities can change • What are rules for changing authority? 55
  • 56.
    A Protection System Subjects X S Objects Protection State State Transition Rules Policy •S desires a access to X • Protection state reflects current ability to access X • Authorities can change • What are rules for changing authority? •How are the rules chosen? 56
  • 57.
    57 Lampson’s Protection Model Active parts (e.g., processes or threads)  Act on behalf of users  Operate in different protection domains  The set of rights a process has at any given time  Subject is a process executing in a specific domain  Passive parts are called objects  Correspond to resources  NOTE: not related to OOP terminology
  • 58.