Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats."— Presentation transcript:

1 1 Security and Protection Chapter 9

2 2 The Security Environment Threats Security goals and threats

3 3 Basics of Cryptography Relationship between the plaintext and the ciphertext

4 4 Monoalphabetic substitution –each letter replaced by different letter Given the encryption key, –easy to find decryption key Secret-key crypto called symmetric-key crypto Secret-Key Cryptography

5 5 Public-Key Cryptography All users pick a public key/private key pair –publish the public key –private key not published Public key is the encryption key –private key is the decryption key

6 6 Digital Signatures Computing a signature block What the receiver gets (b)

7 7 Authentication Using Passwords The use of salt to defeat precomputation of encrypted passwords Salt Password,,,,

8 8 Authentication Using a Physical Object Magnetic cards –magnetic stripe cards –chip cards: stored value cards, smart cards

9 9 Authentication Using Biometrics A device for measuring finger length.

10 10 Countermeasures Limiting times when someone can log in Automatic callback at number prespecified Limited number of login tries A database of all logins Simple login name/password as a trap –security personnel notified when attacker bites

11 11 Mobile Code Sandboxing Applets can be interpreted by a Web browser

12 12 Protection Mechanisms Protection Domains (1) Examples of three protection domains

13 13 Protection Domains (2) A protection matrix

14 14 Protection Domains (3) A protection matrix with domains as objects

15 15 Access Control Lists (1) Use of access control lists of manage file access

16 16 Access Control Lists (2) Two access control lists

17 17 Capabilities (1) Each process has a capability list

18 18 Cryptographically-protected capability Generic Rights 1.Copy capability 2.Copy object 3.Remove capability 4.Destroy object Capabilities (2) ServerObjectRightsf(Objects, Rights, Check)

19 19 Windows NT(W2K) Security Access Control Scheme –name/password –access token associated with each process object indicating privileges associated with a user –security descriptor access control list used to compare with access control list for object

20 20 Access Token (per user/subject) Security ID (SID) Group SIDs Privileges Default Owner Default ACL

21 21 Security Descriptor (per Object) Flags Owner System Access Control List (SACL) Discretionary Access Control List (DACL)

22 22 Access Control List ACL Header ACE Header Access Mask SID ACE Header Access Mask SID......

23 23 Access Mask Generic All Generic Execute Generic Write Generic Read Access System Security Maximum allowed Delete Read Control Write DAC Write Owner Synchronize Generic Access Types Standard Access Types Specific Access Types

24 24 Access Control Using ACLs When a process attempts to access an object, the object manager in W2K executive reads the SID and group SIDs from the access token and scans down the object’s DACL.W2K If a match is found in SID, then the corresponding ACE Access Mask provides the access rights available to the process.

Download ppt "1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats."

Similar presentations

©2006 Microsoft Corporation. All rights reserved. Windows Vista Security Tidbits Steve Riley Senior Security Strategist Microsoft Corporation

©2006 Microsoft Corporation. All rights reserved. Windows Vista Security Tidbits Steve Riley Senior Security Strategist Microsoft Corporation
Chapter 15 Security and Protection Copyright © 2008.

Chapter 15 Security and Protection Copyright © 2008.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

1 Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
CSE 513 Introduction to Operating Systems Class 10 - Security Jonathan Walpole Dept. of Comp. Sci. and Eng. Oregon Health and Science University.

CSE 513 Introduction to Operating Systems Class 10 - Security Jonathan Walpole Dept. of Comp. Sci. and Eng. Oregon Health and Science University.
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Security. 2 Security in the real world Security decisions based on: –Value, Locks, Police Some observations: –Not all locks are the same –People pay for.

Security. 2 Security in the real world Security decisions based on: –Value, Locks, Police Some observations: –Not all locks are the same –People pay for.
1 Pertemuan 23 Sistem Keamanan Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5.

1 Pertemuan 23 Sistem Keamanan Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5.
Avishai Wool lecture 13 - 1 Introduction to Systems Programming Lecture 13 Security.

Avishai Wool lecture Introduction to Systems Programming Lecture 13 Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy.

6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy.

Similar presentations

Ads by Google