Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCD 303 Essential Computer Security Spring 2013 Lecture 6 - Desktop Security.

Published byNorma Preston Modified over 8 years ago

Similar presentations

Presentation on theme: "CSCD 303 Essential Computer Security Spring 2013 Lecture 6 - Desktop Security."— Presentation transcript:

1 CSCD 303 Essential Computer Security Spring 2013 Lecture 6 - Desktop Security

2 Overview Learning Objectives – Understand the functions of an Operating System including its security functions – Learn about the different levels of privilege – Learn about Windows Access Control

3 OS Design Decisions The kernel is the heart of the OS and manages most of the functionality of the OS including access to device hardware Have been competing designs for the kernel – Monolithic vs Micro Kernel vs Hybrid Kernel Designs – These design decisions affect ultimate security of OS Nice resource for Operating System Concepts http://www.brokenthorn.com/Resources/OSDevIndex.html VS

4 OS Design Decisions Monolithic Design – Integrate a great deal of functionality into OS core – Services are interdependent – Core system is larger – Every flaw in system is exposed through services that depend on that system

5 Monolithic Kernel Monolithic kernel where all services File system, device drivers as well as core functionality scheduling, memory allocation are a tight knit group sharing same space Do not confuse term modular kernel to be anything but monolithic Some monolithic kernels can be compiled to be modular What matters is that module is inserted to and run from same space that handles core functionality Examples of Monolithic Kernel?

6 Monolithic Kernel Diagram Kernel Space

7 Monolithic Kernel Pros and Cons Pros * More direct access to hardware for programs * Easier for processes to communicate between each other * If your device is supported, it should work with no additional installations * Processes react faster because there isn’t a queue for processor time Cons * Large install footprint * Large memory footprint * Less secure because everything runs in supervisor or privileged mode

8 Micro Kernel A micro kernel Core functionality is isolated from system services and device drivers For instance, VFS (virtual file system) and block device file systems are separate processes that run outside kernel's space, – Using IPC to communicate with kernel, other services and user processes – IPC means Interprocess Communication Example of Micro kernel? Minix

9 Micro Kernel Architecture Kernel Mode

10 Micro Kernel Pros and Cons Pros Portability Small memory footprint Security Better - not as much runs in supervisor or privileged mode Cons Hardware is more abstracted through drivers Hardware may react slower because drivers are in user mode Processes have to wait in a queue to get information Processes can’t get access to other processes without waiting

11 Hybrid Kernel Hybrid kernel is architecture based on combining aspects of microkernel and monolithic kernel architectures used in computer operating systems A hybrid kernel runs some services in kernel space to reduce performance overhead of traditional microkernel, while still running kernel code as servers in user space For instance, a hybrid kernel design may keep Virtual File System and bus controllers inside kernel and file system drivers and storage drivers as user mode programs outside the kernel – Such a design keeps the performance and design principles of a monolithic kernel. Whats an example of a Hybrid kernel?

12 Hybrid Kernel Architecture

13 Hybrid Kernel Pros and Cons Pros * Developer can pick and choose what runs in user mode and what runs in supervisor mode * Smaller install footprint than monolithic kernel * More flexible than other models Cons * Can suffer from same process lag as microkernel * Device drivers need to be managed by user (typically)

14 Operating Systems (OS) Functions What do OS's do? – The operating system's tasks, in the most general sense, fall into six categories: – Processor management – Memory management – Device management – Storage management – Application interface – User interface

15 Operating System Functions Picture from HowStuffWorks.com OS controls every task of your computer plus access to all the computer resources

16 OS Functions Processor Management – Allows multiple processes to share resources of processor fairly – Does this by scheduling processes to get execution time User Processes Microsoft Word, Foxfire or Skype System Processes: Print spooler, network connections, security accounts manager... plus many others Scheduler Tasks

17 Memory Storage and Management When an operating system manages computer's memory, there are two broad tasks to be accomplished: 1. Each process must have enough memory in which to execute, and respect memory boundaries of each other 2. Different types of memory must be used properly so that each process can run most effectively such as – Cache, RAM and Virtual Memory First task requires operating system to set up memory boundaries for types of software and for individual applications

18 Device Management Path between operating system and virtually all hardware not on computer's motherboard goes through special program called a Device Driver – Driver's function by translating between electrical signals – Hardware subsystems and high-level programming languages of operating system and application programs

19 Device Management Drivers are separate from operating system so that new functions can be added to the driver Thus to hardware subsystems – Without requiring operating system itself to be modified, recompiled and redistributed

20 Device Drivers Linux Windows Smart Card

21 Storage Management Manages and Organizes disk resources – Includes temporary devices too – CD and DVD drives, thumb drives, external drives Creates file systems for storing both OS types of files and user files Must somehow keep track of who can access these files – Access Control

22 Application Programming Interface (API)‏ Drivers provide a way for applications to make use of subsystems without having to know every detail of internal operations – Application Program Interfaces (APIs) let application programmers use OS functions without having to directly keep track of all the details in CPU's operation – Hides details of processor and other resources from the program

23 Application Programming Interface (API)‏ For Example – Microsoft Word or Open Office Word Processor – You click, “Save file” – If didn't have an API Word or Open Office would have to know all details of file system and ultimately call disk controller to create file on disk Instead, language program is written in, like C or Java has a function that is mapped to operating system API for creating file

24 User Interface User Interface (UI) brings structure to interaction between user and computer – In last decade, almost all development in user interfaces has been in area of graphical user interface (GUI), – Provides the “look and feel” of the computer MAC OS X

25 User Interface Windows Vista

26 Operating System Security Functions

27 OS Security functions Can ask … What are primary security functions of most (all) modern Operating Systems? Most OS implements two functions 1. User authentication 2. Access to resources 1. User authentication – 2 parts a. Positively identify the user – Compare to stored identity, user ID b. Authenticate the user – User must provide additional information – Password, biometric attribute, keycard

28 OS Security functions 2. Access to Authorized Resources – Decision based on access rules – Typical authorization based on user or group individual membership and – Labels attached to objects Example: Windows users with admin privilege – Allowed to both view and change user accounts

29 OS's Manage Privilege Level Two levels of privilege in modern CPU's This is offered by CPU itself, Intel, AMD 1. User mode – unprivileged 2. Kernel mode – more privileged OS runs in Kernel more privileged mode User programs run in User less privileged mode – User programs make calls to the OS To use the hardware resources Use the OS API to access hardware

30 User Powers Seems to be a need to have a user with greater powers – Root, superuser or administrator Yet, this comes with added risk – If user makes a mistake, can possibly damage the system – Or, if they get their identity stolen, attacker has full power to OS

31 User Powers Because of this risk problem from elevated power, concept of – “Least Privilege” Only want to operate with minimum of needed power to get job done – So, while I could always log in as Administrator, if I get my account hijacked or I get infected by malware while I am administrator Attackers then have full access to the machine's resources – Example: In Linux Ubuntu, have sudo command

32 Windows Security Features Windows has evolved from a minimal security model prior to Windows NT to something fairly robust in enterprise environments with Windows Vista, 7, Server 2003, Server 2008 and beyond Look at main features of Windows security common to all Windows versions

33 Access Control Gatekeeper to Windows Called Local Security Authority (LSA) Implemented in the service, lsass.exe What it Does 1. Validates access to objects 2. Checks user privilege 3. Creates audit messages

34 Access Control Allows subjects to access objects Subjects – Any entity that performs some action Subjects are not just people or users Subjects are actually processes in Windows Objects – securable objects Have associated Access Control Lists (ACL's) – Lists of permissible actions by subjects Securable Objects Files, directories, services, Registry Keys, Printers

35 35 Windows ACLs Sets of rights Basic: read, write, execute, delete, change permission, take ownership Generic: no access, read (read/execute), change (read/write/execute/delete), full control (all), special access (assign any basic rights) Directory: no access, read (read/execute files in directory), list, add, add and read, change (create, add, read, execute, write files; delete subdirectories), full control, special access

36 Access Control Components User Accounts Store an identifier and have associated privileges Allow access to objects and system resources Has associated Security Identifiers for internal use (SID) Windows has built-in accounts SYSTEM – powerful local machine account Administrator – All powerful, can be renamed but not deleted Groups Grouping user accounts with similar privileges Some built-in groups User Accounts in a group inherits the privileges of a group Examples of built-in groups Administrators, Back-up Operators, Guests and many others

37 Security Identifiers (SIDs)‏ User account has SID that uniquely identifies it

38 Access Control User Rights Say … you log onto a Windows System How are you authenticated and what authorizes you to access computer resources? The Log-on process You enter your User ID and password Entered credentials passed to LSASS subsystem, lsass.exe Will go over details when we discuss passwords If credentials are valid, a Token is created and attached to logon session

39 The Token Whats in a token? Contains a list of Security ID's associated with a user account – You can have multiple SIDs because you belong to multiple groups So, when user tries to access a resource such as a file, token is used by the LSASS subsystem How is token used? Object, say a file will have an Access Control List (ACL) that specifies SID's permitted to access the object If one of SID's in users token matches SID in Object's ACL, user granted access

40 Windows Privilege Levels In XP and other pre-Vista versions – Had 2 choices of privilege – 1. Administrator or 2. Normal user Administrator – access to everything Normal user – many system level tasks you needed to do, you couldn't do – Consequently, most people ran as Administrator most of the time

41 Windows Privilege Levels Vista and Windows 7 – Have more choices – Can operate as a restricted normal user and still be able to do almost everything in OS – And when necessary, you can be elevated to an administrator for a short time to accomplish some task – Called UAC – User Account Control http://technet.microsoft.com/en- us/library/cc772207%28v=WS.10%29.aspx

42 User Account Control What does it do? UAC allows an administrator to enter credentials during a non-administrator's user session to perform occasional administrative tasks without having to switch users, log off, or use the Run as command UAC also can also require administrators to specifically approve applications that will make "system-wide" changes before those applications are allowed to run, even in the administrator's user session

43 User Account Control Windows Vista and 7, how it works: Admin Approval Mode (AAM), by default, is not enabled for the Built-in Administrator Account in Windows Vista or 7 Built-in Administrator Account is disabled by default in Windows Vista, and first user account created is placed in local Administrators group, and AAM is enabled for that account

44 Benefits of UAC Admin Approval Mode helps prevent malicious programs from silently installing without an administrator's knowledge It also helps protect from inadvertent system-wide changes Lastly, it can be used to enforce a higher level of compliance where administrators must actively consent or provide credentials for each administrative process

45 Tasks Only Administrators Can Perform  Create, change, and delete user accounts and groups  Install and uninstall programs  Configure automatic updating or install Windows updates manually  Install an ActiveX control  Install or remove hardware device drivers  Share folders  Set permissions  Access all files, including those in another user’s folder  Take ownership of files  Copy or move files into the %ProgramFiles% or %SystemRoot% folders  Restore backed-up system files  Grant rights to other user accounts and to themselves  Configure Parental Controls  Configure Windows Firewall

46 Tasks Available to Standard Users  Change the password and picture for their own user account  Use programs that have been installed on the computer  Install approved ActiveX controls  Configure a secure Wi-Fi connection  View permissions  Create, change, and delete files in their document folders and in shared document folders  Restore their own backed-up files  View the system clock and calendar, and change the time zone  Configure power options  Log on in Safe Mode

47 Summary Operating Systems by design Helps or hinders security Users and processes have access to resources on a given system According to their identities and group affiliations Want the concept of Least Privilege to be in effect Use the least privilege level to get the job done Helps with restricting access by potential bad guys

48 The End Next Time: More Desktop Next: Vista Lab, meet in CEB 342 according to the day you signed up

Download ppt "CSCD 303 Essential Computer Security Spring 2013 Lecture 6 - Desktop Security."

Similar presentations

Operating System Structures

Operating System Structures
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Operating-System Structures

Operating-System Structures
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Understand Database Security Concepts

Understand Database Security Concepts
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
CSCD 303 Essential Computer Security Fall 2010 Lecture 4 - Desktop Security Reading:

CSCD 303 Essential Computer Security Fall 2010 Lecture 4 - Desktop Security Reading:
Operating Systems. What is an Operating System? A layer of software between users/applications and the hardware. The first program loaded onto a computer.

Operating Systems. What is an Operating System? A layer of software between users/applications and the hardware. The first program loaded onto a computer.
Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.

A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
Operating System Organization

Operating System Organization
Operating Systems.

Operating Systems.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Similar presentations

Ads by Google