Presentation is loading. Please wait.

Presentation is loading. Please wait.

J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring 2003 1 Chapters 9 & 10, Modern Operating Systems by A. S. Tanenbaum Group E.

Similar presentations


Presentation on theme: "J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring 2003 1 Chapters 9 & 10, Modern Operating Systems by A. S. Tanenbaum Group E."— Presentation transcript:

1 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Chapters 9 & 10, Modern Operating Systems by A. S. Tanenbaum Group E IA705, Spring 2003 IA 705, Prof. Brown, Spring 2003

2 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Chapter 9, UNIX & Linux Modern Operating Systems by A. S. Tanenbaum Group E IA705, Spring 2003

3 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Jose Paloschavez

4 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring The Security Environment Threats Intruders Accidental Data Loss

5 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Basics of Cryptography Secret-Key Cryptography Public-Key Cryptography One-Way Functions Digital Signatures

6 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Authentication Using Passwords Authentication Using a Physical Object Authentication Using Biometrics Countermeasures

7 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Matt Troxler

8 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Attacks from the Inside Trojan Horses Login Spoofing Logic Bombs Trap Doors Buffer Overflow

9 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Design Principles for Security Public Design - easier to service. Default = Deny Access - easier to trace errors. Check access occasionally, not just a login or file open procedure

10 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Design Principles Cont’d Minimal permissions for all users/processes. Ease of use - difficult interfaces usually result in wide-open environments. Keep it simple - Tight and efficient code is easy to review and lock down.

11 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring External Attacks (Viruses) How they function “Dropper” tool is used to deploy a virus Infected file is distributed (preferably publicly) Users go get (or receive unknowingly) and install the infected file Payload of the file runs, does whatever the virus does

12 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Classifications of Viruses Companion virus - runs in place of a legitimate file Executables - virus code imbeds itself in another.exe (overwriting) Parasitic viruses - overwriting, but the original files still work after infection. Cavity virus - virus embeds itself in unused portions of legit. files Memory Resident - Lives in memory, little disk activity Boot Sector - lives at the first sector of the HDD Device Driver - gets loaded as a legit. file in kernel mode Macro - attached to a file that appears innocent Source Code - requires some knowledge of programming

13 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring How Viruses Spread Downloads Storage Space (fixed or removable disks, memory, etc.)

14 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Antivirus and Anti-Antivirus… and so on… Date hiding – Date disguising – Parent folder… Size hiding – Compression Bitwise hiding – Look for decryption routine/key Polymorphic – Look for morphing routine code Checksums – Delete or overwrite – Encrypt

15 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Securing Mobile Code Sandboxing Interpretation Code Java Security

16 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Protection Mechanisms Protection Domains Access Control Lists Capabilities

17 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Trusted Systems and Multilevel Security Trusted Computing Base Formal Models Bell-La Padula Model Biba Model Orange Book

18 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Covert Channels

19 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Chapter 10, UNIX & Linux Modern Operating Systems by A. S. Tanenbaum Group E IA705, Spring 2003

20 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Jim Boggs

21 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring History UNICS PDP-11 UNIX & Portable UNIX Berkeley UNIX Standard UNIX & POSIX MINIX Linux

22 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Overview of UNIX UNIX Goals & Interfaces Goals –Handle Multiple Processes & Users –Design Principles Interfaces Standard Library Utility Programs Users User Mode Hardware UNIX OS Kernel Mode User Interface Library Interface System Call Interface

23 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Overview of UNIX UNIX Shell & Utility Programs Shell –Ordinary program providing command line interface –Standard input/output –Flexibility (wild cards, standard I/O,flags, pipes) –Shell Scripts Utility Programs –File & Directory Commands –Filters –Development Tools & Text Processing –System Administration

24 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Overview of UNIX Kernel Structure Simplified Kernel Drawing Here

25 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Processes in UNIX Concepts and Process Management Active Entities are Processes –Foreground & Background –Parent & Child –ID for Each –Single & Multiple Threads Process Management System Calls –Means for Processes to Communicate –Based on POSIX –Examples

26 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Processes in UNIX Implementation Process Table –Scheduling Parameters –Memory Image –Signals –Miscellaneous Use Structure –Machine Registers –System Call State –File Descriptor –Accounting –Kernel Stack

27 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Processes in UNIX Threads UNIX –Supported in Kernel, but Process-oriented –Difficult Thought Process in Using Multiple Threads Fork & other Examples Linux –Kernel-oriented –Clone –Detailed Sharing –Non-portability

28 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Processes in UNIX Scheduling UNIX –Designed for Response to Interactive Processes –Process-oriented Queue Management –Get Processes Rapidly out of the Kernel Linux –Thread-oriented –Classes of Linux Threads Real-time FIFO Real-time Round Robin Timesharing

29 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Processes in UNIX Booting UNIX Get Kernel Running Set Message Buffer Allocate Kernel Data Structure System Configuration (drivers) –Static Links –Dynamic Loads Begin Process 0 Init Login

30 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Memory Management in UNIX Concepts Text Segment Data Segment Stack Segment Space Saving Techniques –Shared Text Segments –Memory-mapped Files No POSIX System Calls

31 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Memory Management in UNIX Implementation in UNIX Swapping –Early Concept –Moving Process from Memory to Disk –Moving Process from Disk to Memory Paging –Entire Process Need Not be in Memory –Kernel and Paging Daemon –Replacement Algorithm

32 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Memory Management in UNIX Implementation in Linux Default Allocation to each Process Copy-on-Write Three-level Paging Kernel is Never Paged Out Buddy Algorithm

33 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring John Lagas

34 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring I/O in UNIX Concepts

35 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring

36 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring UNIX File System Concepts

37 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring

38 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Security in UNIX Concepts

39 J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring


Download ppt "J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring 2003 1 Chapters 9 & 10, Modern Operating Systems by A. S. Tanenbaum Group E."

Similar presentations


Ads by Google