Operating System Vulnerability and Control(LINUX,UNIX and WINDOWS)
Definition of VulnerabilityA Vulnerability is a weakness which allows an attacker to reduce system’s information assurance.A Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
Windows Vulnerabilities Passwords Peer-to-peer file sharing Vulnerabilities in embedded automation features in Microsoft Outlook and Outlook Express that can allow execution of rogue code.
LINUX Vulnerabilities Missing permission checks Uninitialized data Memory mismanagement
Why is Control important inOperating Systems?A key problem facing designers of traditional and embedded operating systems is the question of how to build adaptive software systems that are robust, predictable, and efficient across a range of operating conditions.
Architecture of ControlSystems Modern control systems architectures can be considered analogous to today’s information networks. It is composed of several phases, including reconnaissance, traffic analysis, profiling of vulnerabilities, launching attacks, escalating privilege, maintaining access, and covering evidence.
Control provided by UNIX OSMAC : Mandatory Access ControlDAC : Discretionary Access Control If both DAC and MAC apply to an object, MAC wins.
What a trusted and secure OSshould contain? Memory protection Enforce separation Simplicity Open design Complete mediation Ease of use
How does TCB help in securityof OS? TCB stands for TRUSTRED COMPUTING BASE. In OS kernel is the lowest-level part, is responsible for various processes like inter- process communication, message passing, and so on. A Security Kernel is a part of kernel that deals with security.
Trust implies reliance and the TCB, is everything in the OS that we rely on to enforce security. If everything outside TCB is subverted, we still have a trusted system. If anything in TCB is subverted , then the security of the system is broken.
Example of trusted OS are SCOMP which was developed by Honeywell. It has less than 10,000 loc in its security kernel, and strives for simplicity. Windows XP has 40,000,000 loc but still has numerous dubious features.
Next Generation SecureComputing Base(NGSCB) Itis a product by Microsoft. NGSCB was formerly known as Palladium. NGSCB is designed to work with a special hardware called as Trusted Computing Group (TCG). Open systems like PCs offer a poor job of protecting secrets. NGSCB is called as “a virtual set-top box inside the PC”.
The TCG is a tamper-resistant hardware, which is installed within the PC as a special hardware. The tamper-resistant will provide a secure place to store all secrets. NGSCB/TCG is a general security- enhancing technology, with DRM as one potential application.
Design goals of NGSCB To provide high assurance. To provide authentication operation.