Presentation is loading. Please wait.

Presentation is loading. Please wait.

File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold.

Published byGeorge Bryant Modified over 8 years ago

Similar presentations

Presentation on theme: "File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold."— Presentation transcript:

1 File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold

2 Overview What we are going to cover Brief History File Systems General Security Practices Specific Practices for File Systems

3 What is File System Security? File system security: the policies and procedures for ensuring the protection of one’s files and file systems.

4 History of File System Security Roots Sensitive information was originally kept in file cabinets and other such physical barriers. Effective at keeping files from those who were not allowed to access them.

5 History of File System Security Relevance Transition from analog to digital file systems. Ideas put forth in the analog age of file systems are still relevant in digital security. Barriers Locks (Passwords) Authorities (Administrators)

6 History of File System Security Networking File system security became more important to digital systems as they became networked together. Access to systems and also the files within the systems.

7 Types of File Systems Disk Database Network Transactional/Special

8 Types of File Systems Disk A system for organizing and storing files on a physical drive. Hard Drive, Removable Storage, etc. Does not have to be directly connected to the computer. Many Different types Windows: NTFS, FAT32 (Primitive) Linux: ext, ext2, ext3, ext3cow, ext4

9 Types of File Systems Database Newer concept of managing files. Instead of hierarchy or structure, files are sorted by characteristics, type, or other such metadata. An example of a characteristic is Eye Color 

10 Types of File Systems Network Protocol for remote access on a server Common types: NFS, SMB, AFP, 9P Similar (Structurally): FTP, WebDAV

11 Types of File Systems Transactional/Special Transactional Logs events, transactions, or changes Groups related changes Used often in banking software Special Not Disk or Network Includes systems where files are arranged dynamically by software Used for temporary storage

12 General Security Practices Entity Authentication Properties of an entity (what it has, is, etc.) Usernames & Passwords Password defenses Checkers, generators, aging, limiting logins Protecting password file Cryptography Encryption algorithms Securing data transactions

13 Access Control Access control refers to how subjects may manipulate objects Halts users from accessing restricted files It determines what privileges (if any) a user has over a particular object Observe Alter

14 Access Control: Windows NT Types of permissions: Read Write Execute Changing of ownership Changing permissions Delete

15 Access Control: UNIX Types: Read Write Execute For files and directories, respectively: View contents, view contents Append, rename/create Run, search within With 777 you have permission to access this bread.

16 Security Models Types of security models: Bell-LaPadula (BLP) Clark-Wilson Biba Harrison-Ruzzo-Ullman (HRU)

17 Types of File System Security In: Disk File Systems Database File Systems Network File Systems

18 Disk File System Security Tactics: Encryption Access Control Passwords Permissions By denying access by some users to certain files, you can protect the files data and integrity.

19 Disk File System Security Workarounds: Encryption: Stealing secret keys Breaking secret keys Access Control: Interception of password Social engineering Brute force attacks on passwords

20 Disk File System Security Prevention: Encryption: More powerful ciphers Regular changing of encryption scheme Access Control: Password defenses checkers generators aging limiting logins Employ awareness of social engineering vulnerabilities

21 Database File System Security: Apache Permissions Restrict access to upper level files SSI (Server Side Includes) These extra features can create weakness within a database Protect system settings within config files

22 Database File System Security: Oracle Virtual Private Database customizable, policy-based access control down to the row level Data Encryption Protects data, even in media theft Enterprise User Security Centralized security management Secure Application Roles Powerful way of setting access control Enterprise Manager Grid Control Tools for setting configurations

23 Database File System Security: MySQL Take the time to audit SQL logins for null or weak passwords Frequently check group and role memberships Physically secure the SQL Server Enable logging of all user login events Disable SQL Mail capability unless absolutely necessary Remove the Guest user from databases to keep unauthorized users out Secure the “sa” account with a strong password Choose only the network libraries you absolutely require

24 Network File System Security Entity authentication Firewall Intrusion Prevention System (IPS) Honeypots Decoy server containing fake, desirable information which is easily accessible used to lure away attackers and record their activity

25 Summary We covered the history of file system security, basic theory, types of file systems, security for those systems, and potential threats. ? Well science shows that general policies, such as access control, password protection, permissions, encryption, and roles can significantly improve security on any kind of file system.

26 QUESTIONS?!1?!1 ?!?!?!!!!ONE

27 Chris uses Windows XP Media Center Edition 2005 sp2 Bobby uses the Ubuntu release Edgy

Download ppt "File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Understand Database Security Concepts

Understand Database Security Concepts
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Access Control Methodologies

Access Control Methodologies
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.

File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

Similar presentations

Ads by Google