Presentation is loading. Please wait.

Presentation is loading. Please wait.

Thirty Years Later: Lessons from the Multics Security Evaluation Paul A. Karger & Roger R. Schell Presented by: Sulaiman Alkhezi.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Thirty Years Later: Lessons from the Multics Security Evaluation Paul A. Karger & Roger R. Schell Presented by: Sulaiman Alkhezi."— Presentation transcript:

1 Thirty Years Later: Lessons from the Multics Security Evaluation Paul A. Karger & Roger R. Schell Presented by: Sulaiman Alkhezi

2 Outlines Multics security compared to now Multics security evaluation Thirty years later.. What happened next? What are their conclusions? About Multics

3 + Multics (Multiplexed Information and Computing Service) + Timesharing OS begun in 1965 and used until 2000 + Started as a joint project by MIT, Bell’s Lab, and General Electric Company (Bell’s Lab withdrew in 1969) + In 1970 GE sold its computer business to Honeywell, which offered Multics as a commercial product and sold a few dozen systems.

4 About Multics.. (Cont.) + What is special in Multics? It was probably the first attempt to integrate so many ideas effectively into one OS: - Virtual memory, - A hierarchical file system, - Shared memory multiprocessing, - Online reconfiguration, and - Security

5 Multics Security Compared to Now Multics offered considerably stronger security than most systems commercially available today. What factors contributed to this?

6 Multics Security Compared to Now Multics offered considerably stronger security than most systems commercially available today. What factors contributed to this?

7 Multics Security Compared to Now (Cont.) 1. Security as a Primary Original Goal Multics had a primary goal of security from the very beginning of its design

8 Multics Security Compared to Now (Cont.) 2. Security as a Standard Product Feature The US Air Force’s developed a set of security enhancements for Multics + Became a standard part of Multics + Shipped to ALL Multics users + Forced all application developers to follow those security rules.

9 Multics Security Compared to Now (Cont.) 3. No Buffer Overflows - Programming in PL/I for Better Security >> PL/I handles buffer overflows in a natural way, while a C programmer, for example, has to work very hard to avoid programming a buffer overflow error.

10 Multics Security Compared to Now (Cont.) 4. Minimizing Complexity Multics vs Security Enhanced Linux (SELinux) 628 KB 1,767 KB <

11 Multics Security Evaluation One of the major themes of the Multics Security Evaluation was to demonstrate the feasibility of malicious software attacks. >> sadly too successful !!! Published by Paul A. Karger & Roger R. Schell, 1974

12 Multics Security Evaluation (Cont.) Malicious Software: + Installed in 645 processors, none of them were discovered either by quality assurance or other testing + Failed to discover any kinds of malicious software (e.g. Trap doors during distribution, Boot-sector viruses, Compile Trap doors...etc)

13 What Happened Next? By US Air Force’s 1. Multics Security Enhancements A project start by Honeywell, MIT, MITRE corporation and US Air Force’s 2. Multics Kernel Design Project despite the fact that the work was quite successful, DoD was commanded by US Air Force to stop the project due to project costs >> Too expensive!! 3. Direction to stop the work

14 Thirty Years Later.. + Security has gotten worse, not better >> Weak Solutions in Open Environments !! - Systems that are weaker than Multics are considered for use in environments in excess of what even Multics could deliver without working around a security kernel. - Multics was designed to operate on closed environments.

15 Thirty Years Later.. (Cont.) + either (1) today’s systems are really much more secure than we claim; (2) today’s potential attackers are much less capable or motivated; (3) the information being processed is much less valuable; or (4) people are unwilling or unable to recognize the compelling need to employ much better technical solutions.

16 What They Concluded.. + In the nearly thirty years since the report, it has been demonstrated that the new technology some how provides an effective solution to many of today’s problems (e.g. malicious software) >> Unfortunately, the mainstream products of major vendors largely ignore these demonstrated technologies!!

17 What They Concluded.. (Cont.) + vendors would claim that the marketplace is not prepared to pay for a high assurance of security, while customers have said they have never been offered mainstream commercial products that give them such a choice.

18 What They Concluded.. (Cont.) + What about after another thirty years? either (1) there will be horrific cyber disasters that will deprive society of much of the value computers can provide, or (2) the available technology will be delivered, and hopefully enhanced, in products that provide effective security. >> We hope it will be the latter.

19 References + Paul A. Karger, Roger R. Schell, Thirty Years Later: Lessons from the Multics Security Evaluation. IBM 2002 + http://en.wikipedia.org/wiki/Multics + http://www.multicians.org/ + Jonathan S. Shapiro, Extracting The Lessons of Multics. USENIX Security Conference 2004

Download ppt "Thirty Years Later: Lessons from the Multics Security Evaluation Paul A. Karger & Roger R. Schell Presented by: Sulaiman Alkhezi."

Similar presentations

P1-P2-M1-D1-D2.

P1-P2-M1-D1-D2.
Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
Secure Operating Systems Lesson 9: Multics. Where are we?  We now know all the background… so it’s time to figure out why Dr. Ford likes Multics so very.

Secure Operating Systems Lesson 9: Multics. Where are we?  We now know all the background… so it’s time to figure out why Dr. Ford likes Multics so very.
The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.

The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.
Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.

Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.
Linux vs. Windows. Linux  Linux was originally built by Linus Torvalds at the University of Helsinki in 1991.  Linux is a Unix-like, Kernal-based, fully.

Linux vs. Windows. Linux  Linux was originally built by Linus Torvalds at the University of Helsinki in  Linux is a Unix-like, Kernal-based, fully.
Princeton PC Users Group Hard Drive Disaster! By Paul Kurivchack March 14, 2005.

Princeton PC Users Group Hard Drive Disaster! By Paul Kurivchack March 14, 2005.
Security Systems Theory UG2 Module Introduction Themes 1. Top down design of security systems – security technologies as 'black boxes'. 2. Internal design.

Security Systems Theory UG2 Module Introduction Themes 1. Top down design of security systems – security technologies as 'black boxes'. 2. Internal design.
Windows vs.. Linux Security A comparison A comparison.

Windows vs.. Linux Security A comparison A comparison.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
OS Winter’03 Introduction (cont.) -History Operating Systems.

OS Winter’03 Introduction (cont.) -History Operating Systems.
TECHWARZ. (Multiplexed Information and Computing Service)  Multics was an extremely influential early time-sharing operating system.  Goal: Develop.

TECHWARZ. (Multiplexed Information and Computing Service)  Multics was an extremely influential early time-sharing operating system.  Goal: Develop.
 Introduction Introduction  Definition of Operating System Definition of Operating System  Abstract View of OperatingSystem Abstract View of OperatingSystem.

 Introduction Introduction  Definition of Operating System Definition of Operating System  Abstract View of OperatingSystem Abstract View of OperatingSystem.
Background History Note 1 Refer to Soltis: Appendix.

Background History Note 1 Refer to Soltis: Appendix.
Name:Shah Rushabh J Name:Shah Rushabh J Branch:Computer Engg.(3rd D) Branch:Computer Engg.(3rd D) Enrollment:130460107066 Enrollment:130460107066 Sub:Database.

Name:Shah Rushabh J Name:Shah Rushabh J Branch:Computer Engg.(3rd D) Branch:Computer Engg.(3rd D) Enrollment: Enrollment: Sub:Database.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Chapter 10 – UNIX. History In late 1960s, two employees of Bell Labs (Ken Thompson & Dennis Ritchie) designed a new operating system to overcome the constraints.

Chapter 10 – UNIX. History In late 1960s, two employees of Bell Labs (Ken Thompson & Dennis Ritchie) designed a new operating system to overcome the constraints.
SYS364 Evaluating Alternatives. Objectives of the Systems Analysis Phase determine, analyze, organize and document the requirements of a new information.

SYS364 Evaluating Alternatives. Objectives of the Systems Analysis Phase determine, analyze, organize and document the requirements of a new information.
Operating Systems. Operating systems  Between the hardware and the application software lies the operating system. The operating system is a program.

Operating Systems. Operating systems  Between the hardware and the application software lies the operating system. The operating system is a program.
1 ITSK 2611 Welcome. 2 Operating System 3 What is an OS Resource Manager –Disk –Memory –CPU Device Manager –Printers –Video Card –Sound Card Utility.

1 ITSK 2611 Welcome. 2 Operating System 3 What is an OS Resource Manager –Disk –Memory –CPU Device Manager –Printers –Video Card –Sound Card Utility.

Similar presentations

Ads by Google