Chapter 17: Confinement Problem

Slides:



Advertisements
Similar presentations
Access Control Methodologies
Advertisements

A NOTE ON THE CONFINEMENT PROBLEM Butler Lampson Xerox PARC.
5/17/2015 9:36 AM Confinement James Hook CS 591: Introduction to Computer Security.
Database Management System
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #17-1 Chapter 17: Confinement Problem What is the problem? Isolation: virtual.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
By : Nimish Agarwal.  … are those which are neither designed nor intended to transfer information at all.  … are based on "transmission by storage into.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Design of the multi-level security network switch system which restricts covert channel Conference: Communication Software and Networks (ICCSN), 2011 IEEE.
G53SEC 1 Reference Monitors Enforcement of Access Control.
Issues Relevant To Distributed Security CSC 8320 Nidhi Gahlot.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
Dan Fleck CS 469: Security Engineering
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
Military Technical Academy Bucharest, 2004 GETTING ACCESS TO THE GRID Authentication, Authorization and Delegation ADINA RIPOSAN Applied Information Technology.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Information Flow Control Language and System Level.
思科网络技术学院理事会. 1 Living in a Network Centric World Network Fundamentals – Chapter 1.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Chap1: Is there a Security Problem in Computing?.
Chapter 14: Representing Identity Dr. Wayne Summers Department of Computer Science Columbus State University
A Lattice Model of Secure Information Flow By Dorothy E. Denning Presented by Drayton Benner March 22, 2000.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Chapter 23: Vulnerability Analysis Dr. Wayne Summers Department of Computer Science Columbus State University
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.
M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 15: Access Control Mechanisms Dr. Wayne Summers Department of Computer Science Columbus State University
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
Mike Switlick. Overview What is a covert channel? Storage / Timing Requirements Bunratty attack Covert_tcp Questions.
Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
PV204 Security Technologies Multilevel security: isolation, confinement, security kernels, … Zdeněk Říha & Petr Švenda I PV204 – Confinement, isolation,
Chapter 26: Network Security Dr. Wayne Summers Department of Computer Science Columbus State University
Chapter 24: Auditing Dr. Wayne Summers Department of Computer Science Columbus State University
Database System Implementation CSE 507
REV 00 Chapter 2 Database Environment DDC DATABASE SYSTEM.
PV204 Security Technologies
Information Security, Theory and Practice.
REV 00 Chapter 2 Database Environment DDC DATABASE SYSTEM.
Database Security and Authorization
Chapter 17: Confinement Problem
Module 8: Securing Network Traffic by Using IPSec and Certificates
Understanding the OSI Reference Model
3.2 Virtualisation.
Advanced System Security
Chapter 14: Representing Identity
Security Protection Goals
Chapter 26: Network Security
Chapter 27: System Security
Ch. 11 – Cipher Techniques Dr. Wayne Summers
Chapter 19: Building Systems with Assurance
Chapter 17: Confinement Problem
Memory and Address Protection Covert Channels
Chapt. 10 – Key Management Dr. Wayne Summers
Lecture 1: Foundation of Network Security
Database Environment Transparencies
Advanced System Security
Chapter 23: Vulnerability Analysis
Chapter 28: User Security
Chapter 22: Malicious Logic
Module 8: Securing Network Traffic by Using IPSec and Certificates
Chapter 29: Program Security
Advanced System Security
Overview of Database Security
Chapter 13: Design Principles
Advanced System Security
Presentation transcript:

Chapter 17: Confinement Problem Dr. Wayne Summers Department of Computer Science Columbus State University Summers_wayne@colstate.edu http://csc.colstate.edu/summers

The Confinement Problem Confinement problem preventing a server from leaking information that the user of the service considers confidential Server must ensure that resources accessed on behalf of the client only include resources that client is authorized to access Server must ensure that it does not reveal client’s data to any other unauthorized entity Covert channel – path of communications not designed for communication Rule of transitive confinement – if confined process invokes a second process, the second process must be as confined as the caller

Isolation Virtual machine – program that simulates the hardware of a computer system Sandbox – environment in which the actions of the process are restricted according to a security policy

Covert Channels Covert storage channel uses an attribute of the shared resource Covert timing channel uses a temporal or ordering relationship among accesses to a shared resource Noiseless covert channel – covert channel that uses a resource available to only the sender and receiver Noisy covert channel – covert channel that uses a resource available to subjects in addition to the sender and receiver

Covert channels Requirements of covert storage channel Sending and receiving processes have access to the same attribute of a shared object Sending process is able to modify the attribute of the shared object Receiving process is able to references the attribute of the shared object Mechanism must exist for initiating both processes, and properly sequencing the respective accesses to the shared resource

Covert channels Requirements of covert timing channel Sending and receiving processes have access to the same attribute of a shared object Sending and receiving processes must have access to a time reference (e.g. clock, timer,…) Sending process must be able to control the timing of the detection of a change in the attribute by the receiving process Mechanism must exist for initiating both processes, and properly sequencing the respective accesses to the shared resource

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.