Outline Basic concepts in computer security

Slides:



Advertisements
Similar presentations
Operating System Security
Advertisements

Lecture 13 Page 1 CS 111 Online File Systems: Introduction CS 111 On-Line MS Program Operating Systems Peter Reiher.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Lecture 1 Page 1 CS 236, Spring 2008 What Are Our Security Goals? Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Lecture 17 Page 1 CS 111 Spring 2015 Operating System Security CS 111 Operating Systems Peter Reiher.
Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.
Lecture 13 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Cryptography and Network Security (CS435) Part One (Introduction)
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Lecture 13 Page 1 CS 236 Online Principles for Secure Software Following these doesn’t guarantee security But they touch on the most commonly seen security.
Lecture 18 Page 1 CS 111 Online OS Use of Access Control Operating systems often use both ACLs and capabilities – Sometimes for the same resource E.g.,
Lecture 7 Page 1 CS 236 Online Authentication CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 1 Page 1 CS 236 Online What Are Our Security Goals? CIA Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)
Lecture 14 Page 1 CS 111 Summer 2013 Security in Operating Systems: Basics CS 111 Operating Systems Peter Reiher.
Lecture 12 Page 1 CS 111 Summer 2014 Security in Operating Systems: Basics CS 111 Operating Systems Peter Reiher.
Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 2 Page 1 CS 136, Spring 2016 Security Principles, Policies, and Tools CS 136 Computer Security Peter Reiher March 31, 2016.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Lecture 2 Page 1 CS 236 Online Security Policies Security policies describe how a secure system should behave Policy says what should happen, not how you.
Lecture 14 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
CS457 Introduction to Information Security Systems
Outline Security design principles Security policies Basic concepts
Information Security, Theory and Practice.
DNS Security Advanced Network Security Peter Reiher August, 2014
Outline Properties of keys Key management Key servers Certificates.
Unit 4 IT Security.
Chapter 1: Introduction
CS 3630 Database Design and Implementation
Protecting Interprocess Communications
Outline Designing secure protocols Key exchange protocols
Firewall Configuration and Administration
Outline Introduction Characteristics of intrusion detection systems
Information Security.
Password Management Limit login attempts Encrypt your passwords
Outline Basics of network security Definitions Sample attacks
Outline What does the OS protect? Authentication for operating systems
Putting It All Together
Putting It All Together
Outline Security design principles Security policies Basic concepts
Outline Introduction Characteristics of intrusion detection systems
Outline What does the OS protect? Authentication for operating systems
The TESLA Broadcast Authentication Protocol CS 218 Fall 2017
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
The Top 10 Reasons Why Federated Can’t Succeed
Certificates An increasingly popular form of authentication
Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Outline Using cryptography in networks IPSec SSL and TLS.
Topic 5: Communication and the Internet
Security.
What Are Our Security Goals?
Mohammad Alauthman Computer Security Mohammad Alauthman
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Outline Introduction Basic authentication mechanisms.
Outline Introduction Basic authentication mechanisms.
Chapter 4: Security Policies
Outline Basics of network security Definitions Sample attacks
Cryptography and Network Security
A Model For Network Security
Outline The concept of perimeter defense and networks Firewalls.
Presentation transcript:

Security for Operating Systems CS 111 On-Line MS Program Operating Systems Peter Reiher

Outline Basic concepts in computer security Design principles for security Important security tools for operating systems Access control Cryptography and operating systems Authentication and operating systems Protecting operating system resources

Security: Basic Concepts What do we mean by security? What is trust? Why is security a problem? In particular, a problem with a different nature than, say, performance Or even reliability

What Is Security? Security is a policy E.g., “no unauthorized user may access this file” Protection is a mechanism E.g., “the system checks user identity against access permissions” Protection mechanisms implement security policies We need to understand our goals to properly set our policies And threats to achieving our goals These factors drive which mechanisms we must use

Security Goals Confidentiality If it’s supposed to be secret, be careful who hears it Integrity Don’t let someone change something they shouldn’t Availability Don’t let someone stop others from using services Exclusivity Don’t let someone use something he shouldn’t Note that we didn’t mention “computers” here This classification of security goals is very general

Trust An extremely important security concept You do certain things for those you trust You don’t do them for those you don’t Seems simple, but . . .

What Do We Trust? Other users? Other computers? Our own computer? Programs? Pieces of data? Network messages? In each case, how can we determine trust?

Problems With Trust How do you express trust? How, specifically, does trust play into operating systems? Who trusts what? Will changing or situational trust be an issue? How does the answer change if we consider distributed systems? Is it different for different types of distributed systems? How do you express trust? Why do you trust something? How can you be sure who you’re dealing with? Since identity and trust usually linked What if trust is situational? What if trust changes?

Why Is Security Different? OK, so we care about security Isn’t this just another design dimension Like performance, usability, reliability, cost, etc. Yes and no Yes, it’s a separable dimension of design No, it’s not just like the others

What Makes Security Unique? Security is different than most other problems in CS The “universe” we’re working in is much more hostile Human opponents seek to outwit us Fundamentally, we want to share secrets in a controlled way A classically hard problem in human relations

What Makes Security Hard? You have to get everything right Any mistake is an opportunity for your opponent When was the last time you saw a computer system that did everything right? Since the OS underlies everything, security errors there compromise everything

Security Is Actually Even Harder As operating system designers, how much of this human stuff do we need to care about? When do we get to say “it’s not our problem?” The computer itself isn’t the only point of vulnerability If the computer security is good enough, the foe will attack: The users The programmers The system administrators Or something you never thought of

A Further Problem With Security Security costs Computing resources People’s time and attention Security must work 100% effectively With 0% overhead Critically important that fundamental, common OS operations aren’t slowed by security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.