Security in Operating System
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
568
On Slideshare
568
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
21
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Security
  • 2. THE SECURITY ENVIRONMENTGoal ThreatData confidentiality Exposure of dataData integrity Tampering with dataSystem availability Denial of service
  • 3. Intruders• In the security literature, people who are nosing around places wherethey have no business being are called intruders or sometimesadversaries (News Paper)• Intruders act in two different ways.• Passive intruders just want to read files they are not authorized to read.• Active intruders are more malicious; they want to make unauthorized changesto data.• In a sense, an intruder is like someone with a gun who tries to kill aspecific person; a virus writer is more like a terrorist bomber who justwants to kill people in general, rather than some particular person
  • 4. Accidental Data Loss1. Acts of God: fires, floods, earthquakes, wars, riots, or ratsgnawing tapes or floppy disks.2. Hardware or software errors: CPU malfunctions,unreadable disks or tapes, telecommunication errors,program bugs.3. Human errors: incorrect data entry, wrong tape or diskmounted, wrong program run, lost disk or tape, or someother mistake.
  • 5. (b) Public Key Cryptography(a) Private Key Cryptography
  • 6. User Authentication• Authentication Using Passwords• Complex Password, One time Password, Challenge and Response• Authentication Using a Physical Object• Smart Card, ID Card
  • 7. • Authentication Using Biometrics
  • 8. Design Principles for Security• System design should be public• The default should be no access• Check for current authority• Give each process the least privilege possible• The protection mechanism should be simple, uniform, and built intothe lowest layers of the system.• The scheme chosen must be psychologically acceptable.Golden Rule – Make it simple stupid
  • 9. PROTECTION MECHANISMS
  • 10. Motivation - Protection Domains• A computer system contains many “objects” that need to beprotected. These objects can be hardware (e.g., CPUs, memorysegments, disk drives, or printers), or they can be software (e.g.,processes, files, databases, or semaphores)• Each object has a unique name by which it is referenced, and a finiteset of operations that processes are allowed to carry out on it. Theread and write operations are appropriate to a file; up and downmake sense on a semaphore.• It is obvious that a way is needed to prohibit processes from accessingobjects that they are not authorized to access.
  • 11. Protection Domains• A domain is a set of (object, rights) pairs. Each pair specifies an objectand some subset of the operations that can be performed on it. Aright in this context means permission to perform one of theoperations.
  • 12. • At every instant of time, each process runs in some protection domain. Inother words, there is some collection of objects it can access, and for eachobject it has some set of rights. Processes can also switch from domain todomain during execution. The rules for domain switching are highly systemdependent.
  • 13. Access Control Lists• In practice, actually storing the matrix is rarely done because it islarge and sparse.• Most domains have no access at all to most objects, so storing a verylarge, mostly empty, matrix is a waste of disk space.• The technique consists of associating with each object an (ordered)list containing all the domains that may access the object, and how.This list is called the Access Control List or ACL
  • 14. • Here we see three processes, each belonging to a different domain. A , B , and C , and three filesF1 , F2 , and F3 .• Each file has an ACL associated with it. File F1 has two entries in its ACL (separated by asemicolon). The first entry says that any process owned by user A may read and write the file. Thesecond entry says that any process owned by user B may read the file.• All other accesses by these users and all accesses by other users are forbidden.