Operating system vulnerability and control


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Operating system vulnerability and control

  1. 1. Operating System Vulnerability and Control(LINUX,UNIX and WINDOWS)
  2. 2. Definition of VulnerabilityA Vulnerability is a weakness which allows an attacker to reduce system’s information assurance.A Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
  3. 3. UNIX operating systemvulnerabilities Setuid Problems Trojan Horses Terminal Troubles
  4. 4. Windows Vulnerabilities Passwords Peer-to-peer file sharing Vulnerabilities in embedded automation features in Microsoft Outlook and Outlook Express that can allow execution of rogue code.
  5. 5. LINUX Vulnerabilities Missing permission checks Uninitialized data Memory mismanagement
  6. 6. Why is Control important inOperating Systems?A key problem facing designers of traditional and embedded operating systems is the question of how to build adaptive software systems that are robust, predictable, and efficient across a range of operating conditions.
  7. 7. Architecture of ControlSystems Modern control systems architectures can be considered analogous to today’s information networks. It is composed of several phases, including reconnaissance, traffic analysis, profiling of vulnerabilities, launching attacks, escalating privilege, maintaining access, and covering evidence.
  8. 8. Control provided by UNIX OSMAC : Mandatory Access ControlDAC : Discretionary Access Control If both DAC and MAC apply to an object, MAC wins.
  9. 9. What a trusted and secure OSshould contain? Memory protection Enforce separation Simplicity Open design Complete mediation Ease of use
  10. 10. How does TCB help in securityof OS? TCB stands for TRUSTRED COMPUTING BASE. In OS kernel is the lowest-level part, is responsible for various processes like inter- process communication, message passing, and so on. A Security Kernel is a part of kernel that deals with security.
  11. 11.  Trust implies reliance and the TCB, is everything in the OS that we rely on to enforce security. If everything outside TCB is subverted, we still have a trusted system. If anything in TCB is subverted , then the security of the system is broken.
  12. 12.  Example of trusted OS are SCOMP which was developed by Honeywell. It has less than 10,000 loc in its security kernel, and strives for simplicity. Windows XP has 40,000,000 loc but still has numerous dubious features.
  13. 13. Next Generation SecureComputing Base(NGSCB) Itis a product by Microsoft. NGSCB was formerly known as Palladium. NGSCB is designed to work with a special hardware called as Trusted Computing Group (TCG). Open systems like PCs offer a poor job of protecting secrets. NGSCB is called as “a virtual set-top box inside the PC”.
  14. 14.  The TCG is a tamper-resistant hardware, which is installed within the PC as a special hardware. The tamper-resistant will provide a secure place to store all secrets. NGSCB/TCG is a general security- enhancing technology, with DRM as one potential application.
  15. 15. Design goals of NGSCB To provide high assurance. To provide authentication operation.
  16. 16. NGSCB Feature Groups Strong process isolation Sealed storage Secure path Attestation
  17. 17. Thus it important to know thevarious vulnerabilities in OSand control them too.
  18. 18. THANK YOU…..