systems security & audit operating systems security
TRANSCRIPT
![Page 1: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/1.jpg)
Systems Security & Audit
Operating Systems security
![Page 2: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/2.jpg)
Contents
Review on objective of operating system Things to protect and protection methods Trusted Operating System Protection of memory Protection of other objects
![Page 3: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/3.jpg)
Function of Operation System
Control the use of resources of the computerCPU timeMemory I/O File storage
![Page 4: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/4.jpg)
CPU time
Fair use No hogging by single process (multi-
processing) Managed by a scheduler
![Page 5: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/5.jpg)
Memory
Assign sufficient memory to run the program Return memory to OS after use Managed by programmer and later the
memory manager (part of OS)
![Page 6: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/6.jpg)
Objects that are protected
Memory Sharable I/O devices, e.g. disks Serially reusable I/O devices, e.g. printers Sharable programs and procedures Sharable data
![Page 7: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/7.jpg)
Process
A program in execution Requires CPU time and memory (address
space) to run Address space contains program code,
program’s data, and stack System calls are required to run the program
![Page 8: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/8.jpg)
Memory protection
Fence
Relocation
Base/Bounds Register
Tagged architecture
Segmentation
Paging
![Page 9: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/9.jpg)
Segregation of memory: Fence
Memory
System Memory
User memory
![Page 10: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/10.jpg)
Example: DOS
Memory
System Memory
User memory
00000
FFFFF
AFFFF
00010Interrupt Vectors
![Page 11: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/11.jpg)
COM files have fixed starting address
Memory
00000
00010
COM file1
I normally start here
COM file2
I am OK.This is mystarting point
![Page 12: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/12.jpg)
COM files have fixed starting address
Memory
00000
00010
COM file3
COM file2
Oops! I cannotrun
![Page 13: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/13.jpg)
EXE files areRELOCATABLE
Memory
00000
00010
COM file3
EXE file1
I can startanywhere
![Page 14: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/14.jpg)
Base and Bound Register
UserMemory
Application1
Base Address
Bound Address
I cannot go over this address
Application2
I am safehere
![Page 15: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/15.jpg)
Data
Tagged architecture
Tag
Machine Word
I have thedata address
I know whocan access this
address
![Page 16: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/16.jpg)
Segmentation
Memory
Segment 1
Segment 2
Segment 3
We haveDifferentSegment no.
Our addressStart fromzero
The CPU hasA no. of segment registers
![Page 17: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/17.jpg)
Segment of a process
Text (code)
Stack
Data
Room for growthMemoryassigned
![Page 18: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/18.jpg)
Paging
We are fixedsize
We are virtualmemory
![Page 19: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/19.jpg)
Paging
Technique used in virtual memory system to give a linear addressing space
Pages are of fixed size The actual storage location may be in
physical memory or in the hard disk MMU maps virtual memory to physical
memory using page tables
![Page 20: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/20.jpg)
Paging
Can run program that is too big to fit into the physical memory
Make programming easier as memory is assigned by MMU
The programmer (instructions he wrote) cannot access the physical memory directly
So MORE SAFE
![Page 21: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/21.jpg)
Operation System Layered system
Instructions have different privilege Operating system structured in layers More structure means better management
and better protection, but less efficient
![Page 22: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/22.jpg)
Layer system
Layer 0: Processor allocation Layer 1: Memory management Layer 2: Process communication Layer 3: Input/output management Layer 4: User programs
![Page 23: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/23.jpg)
Ring system: Pentium
Ring O: Kernel Ring 1: System calls Ring 2: Shared library Ring 3: User program
![Page 24: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/24.jpg)
Kernel
The core of the OS that manage the CPU, memory and I/O service
![Page 25: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/25.jpg)
Security kernel
The place where the security mechanism and policies are applied
It prevents unauthorized access to system resources
It implements the Reference Monitor concept
![Page 26: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/26.jpg)
Kernel
Part of the OS that performs the lowest level functions such as Synchronization Interprocess communication Message parsing Interrupt handling
![Page 27: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/27.jpg)
Separate Security KernelLevel
1. Hardware
2. Security KernelAccess controlAuthentication
3. Operating SystemResource allocationSharingHardware interactions
4. User tasks
![Page 28: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/28.jpg)
Intel Premium Chip Ring Structure
![Page 29: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/29.jpg)
Protection of shared objects
No protection Isolation Share via access limitation (ACL)
Refer Bell La Padula model Share by capabilities Limited use of an object (permissions) Process execution domain
Namespace Share all or share nothing (declared public or
private)
![Page 30: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/30.jpg)
File protection
Each file has a name and its data, the attributes. The attribute can be a protection field or a password
File system such as NTFS can provide DACL to each individual file
Encryption can also be applied to files
![Page 31: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/31.jpg)
Access Control Matrix
Operation System
Accounts Program
Accounting Data
Audit Trail
Sam
(Sysop)rwx rwx rw r
Alice
(Mgr)rx x rx -
Bob
(Auditor)rx r r r
![Page 32: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/32.jpg)
Access Control List
Operation System
Accounts Program
Accounting Data
Audit Trail
Sam
(Sysop)rwx rwx rw r
Alice
(Mgr)rx x rx -
Bob
(Auditor)rx r r r
![Page 33: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/33.jpg)
Capacity
Operation System
Accounts Program
Accounting Data
Audit Trail
Sam(Sysop)
rwx rwx rw r
Alice(Mgr)
rx x rx -
Bob(Auditor)
rx r r r
![Page 34: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/34.jpg)
ACL of Unix
Owner, Group, World Read, Write, Execute Example
drwxrwxrwx Alice Accounts -rw-r----- Alice Accounts
![Page 35: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/35.jpg)
ACL of Windows
Many defined groups including everyone Finer division of privilege:
Take ownership List folder content Delete etc.
Use of domains and trust Groups policy to associate with sites,
domains, and operating units in Active Directory
![Page 36: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/36.jpg)
Well-formed Transaction
Operation System
Accounts Program
Accounting Data
Audit Trail
Sam(Sysop)
rwx rwx r r
Alice(Mgr)
rx x - -
Accounts Program
rx r rw w
Bob(Auditor)
rx r r r
![Page 37: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/37.jpg)
Well-formed Transaction
Access Triple of User Program File
Refer the Clark Wilson model
![Page 38: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/38.jpg)
Access Control Model
ReferenceMonitor
Subject
Principal
Request Object
![Page 39: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/39.jpg)
Access Control Model
Principals The user or machine that has a name and a SID The local user is Machine\principal The domain user is Domain\Principal
Subject A program with a user identity
Request Set of operations: read/write/execute/append/erase
Object Resources, memory, files, registry, printer
![Page 40: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/40.jpg)
Windows authorization model
![Page 41: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/41.jpg)
Access Token
Security credentials of subjects
![Page 42: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/42.jpg)
Virtualization
A virtual machine is a collection of real or simulated hardware facilities: a CPU that runs an instructor set, an amount of addressable memory space, and some I/O devices. This enables programs designed for that CPU be executed on the host computer.
![Page 43: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/43.jpg)
Virtualization
It provides another layer of control between the OS and the application programs in the computer system. Thus fault in one virtual machine does not affect the operation of another virtual machine, and the whole system.
It is a sandbox for insecure operation
![Page 44: Systems Security & Audit Operating Systems security](https://reader036.vdocuments.mx/reader036/viewer/2022081506/56649e4f5503460f94b4644a/html5/thumbnails/44.jpg)
Reading
Security in Computing Chapter 6