Your SlideShare is downloading. ×
0
Protection & Security   Organized By: V.A.                          V.A.                        CSED,TU
Disclaimer  This is NOT A COPYRIGHT           MATERIALContent has been taken mainly from the following books:   Operating ...
Protection – Goals & Principle    Each Object has a Unique Name and can be accessed through a well-defined set     of Ope...
Domain Structure    Access-right = <object-name, rights-set>     where rights-set is a subset of all valid operations tha...
Access Matrix    View Protection as a MATRIX (access matrix)    Rows represent Domains    Columns represent Objects   ...
Access Control Matrix    Access control matrix consists of triple parts such as subject, object, and access     operation...
Access Matrix           VA.           CSED,TU
Use of Access Matrix    If a Process in Domain Di tries to do “op” on object Oj, then “op” must be in the     ACCESS MATR...
Access Matrix – Showing Switch           VA.           CSED,TU
Role Based Access Control           VA.           CSED,TU
Sample Access Matrix The Derivative forms of access control matrix such as Access Control List (ACL) and Capability List (...
Access Control List            VA.            CSED,TU
ACL  When we look for Insurance Data we can write:                       VA.                       CSED,TU
C-List         VA.         CSED,TU
C-List  When we look for Alice’s C-list we can write:                          VA.                          CSED,TU
ACL vs CL            VA.            CSED,TU
Security    Security must consider External Environment of the System and protect     the system resources    Intruders ...
Security Violations    Categories         Breach of confidentiality         Breach of integrity         Breach of avai...
Security Attacks            VA.            CSED,TU
Reference ListOperating Systems Concepts By Silberschatz & Galvin,       Operating systems By D M Dhamdhere,      System P...
Thnx…VA.CSED,TU
Upcoming SlideShare
Loading in...5
×

Security & Protection

1,447

Published on

Published in: Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,447
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
138
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Security & Protection"

  1. 1. Protection & Security Organized By: V.A. V.A. CSED,TU
  2. 2. Disclaimer This is NOT A COPYRIGHT MATERIALContent has been taken mainly from the following books: Operating Systems Concepts By Silberschatz & Galvin , Operating systems By D M Dhamdhere, System Programming By John J Donovan etc… VA. CSED,TU
  3. 3. Protection – Goals & Principle  Each Object has a Unique Name and can be accessed through a well-defined set of Operations.  Ensure that each Object is accessed correctly and only by those Processes that are allowed to do so.  Guiding Principle – Principle of Least Privilege  Programs, users and systems should be given just enough privileges to perform their tasks VA. CSED,TU
  4. 4. Domain Structure  Access-right = <object-name, rights-set> where rights-set is a subset of all valid operations that can be performed on the object.  Domain = Set of Access-Rights  Domain can be realized in variety of ways: Each User, Each Process and Each Procedure. VA. CSED,TU
  5. 5. Access Matrix  View Protection as a MATRIX (access matrix)  Rows represent Domains  Columns represent Objects  Access (i, j) is the Set Of Operations that a process executing in Domaini can invoke on Objectj VA. CSED,TU
  6. 6. Access Control Matrix  Access control matrix consists of triple parts such as subject, object, and access operation.  A SUBJECT is an Active Entity in a computer system such as User, Program, Process and Thread.  An OBJECT is a Passive Entity or System Resource such as File, Directory, Database Record and Printer.  In Access Control Matrix’s schema, the Subjects and Objects are placed in a table. Each row represents a Subject and each column represents an Object.  The data inside the table are Set Of Access Operations such as read, write, and execute. The access operations are responsible for interactions between subjects and objects. VA. CSED,TU
  7. 7. Access Matrix VA. CSED,TU
  8. 8. Use of Access Matrix  If a Process in Domain Di tries to do “op” on object Oj, then “op” must be in the ACCESS MATRIX.  Can be Expanded to DYNAMIC PROTECTION.  Operations to ADD, DELETE access rights.  Special Access Rights:  Owner of Oi  Copy op from Oi to Oj  Control – Di can modify Dj access rights  Transfer – Switch from domain Di to Dj VA. CSED,TU
  9. 9. Access Matrix – Showing Switch VA. CSED,TU
  10. 10. Role Based Access Control VA. CSED,TU
  11. 11. Sample Access Matrix The Derivative forms of access control matrix such as Access Control List (ACL) and Capability List (C-list) are better applied. VA. CSED,TU
  12. 12. Access Control List VA. CSED,TU
  13. 13. ACL When we look for Insurance Data we can write: VA. CSED,TU
  14. 14. C-List VA. CSED,TU
  15. 15. C-List When we look for Alice’s C-list we can write: VA. CSED,TU
  16. 16. ACL vs CL VA. CSED,TU
  17. 17. Security  Security must consider External Environment of the System and protect the system resources  Intruders (crackers) attempt to breach security  THREAT is potential security violation  ATTACK is attempt to breach security  Attack can be accidental or malicious  Easier to protect against accidental than malicious misuse VA. CSED,TU
  18. 18. Security Violations  Categories  Breach of confidentiality  Breach of integrity  Breach of availability  Theft of service  Denial of service  Methods  Masquerading (breach authentication)  Replay attack  Message modification  Man-in-the-middle attack  Session hijacking VA. CSED,TU
  19. 19. Security Attacks VA. CSED,TU
  20. 20. Reference ListOperating Systems Concepts By Silberschatz & Galvin, Operating systems By D M Dhamdhere, System Programming By John J Donovan, www.os-book.com www.cs.jhu.edu/~yairamir/cs418/os2/sld001.htmhttp://gaia.ecs.csus.edu/~zhangd/oscal/pscheduling.html http://www.edugrid.ac.in/iiitmk/os/os_module03.htm http://williamstallings.com/OS/Animations.html etc… VA. CSED,TU
  21. 21. Thnx…VA.CSED,TU
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×