6/2/2015B.Ramamurthy1 Security B.Ramamurthy
6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with the introduction of the computer Today automated tools are used
6/2/2015B.Ramamurthy3 Network Security Protect data during transmission Includes telephone transmission and local area networks
6/2/2015B.Ramamurthy4 Computer and Network Security Requirements Secrecy information in a computer system be accessible for reading by authorized parties only Integrity assets can be modified by authorized parties only Availability assets be available to authorized parties
6/2/2015B.Ramamurthy5 Types of Threats Interruption an asset of the system is destroyed of becomes unavailable or unusable destruction of hardware cutting of a communication line disabling the file management system
6/2/2015B.Ramamurthy6 Types of Threats Interception an unauthorized party gains access to an asset wiretapping to capture data in a network illicit copying of files or programs
6/2/2015B.Ramamurthy7 Types of Threats Modification an unauthorized party not only gains access but tampers with an asset changing values in a data file altering a program so that it performs differently modifying the content of messages being transmitted in a network
6/2/2015B.Ramamurthy8 Types of Threats Fabrication an unauthorized party inserts counterfeit objects into the system insertion of spurious messages in a network addition of records to a file
6/2/2015B.Ramamurthy9 Computer System Assets Hardware threats include accidental and deliberate damage Software threats include deletion, alteration, damage backups of the most recent versions can maintain high availability
6/2/2015B.Ramamurthy10 Computer System Assets Data involves files threats include unauthorized reading of data statistical analysis can lead to determination of individual information which threatens privacy
6/2/2015B.Ramamurthy11 Computer System Assets Communication Lines and Networks threats include eavesdropping and monitoring a telephone conversion, an electronic mail message, and a transferred file are subject to these threats encryption masks the contents of what is transferred so even if obtained by someone, they would be unable to extract information
6/2/2015B.Ramamurthy12 Computer System Assets Communication Lines and Networks masquerade takes place when one entity pretends to be a different entity message stream modification means that some portion of a legitimate message is altered, delayed, or reordered denial of service prevents or inhibits the normal use or management of communications facilities disable network or overload it with messages
6/2/2015B.Ramamurthy13 Protection No protection sensitive procedures are run at separate times Isolation each process operates separately from other processes with no sharing or communication
6/2/2015B.Ramamurthy14 Protection Share all or share nothing owner of an object declares it public or private Share via access limitation operating system checks the permissibility of each access by a specific user to a specific object operating system acts as the guard
6/2/2015B.Ramamurthy15 Protection Share via dynamic capabilities dynamic creation of sharing rights for objects Limit use of an object limit no only access to an object but also the use to which that object may be put Example: a user may be able to derive statistical summaries but not to determine specific data values
6/2/2015B.Ramamurthy16 Protection of Memory Security Ensure correct function of various processes that are active
6/2/2015B.Ramamurthy17 User-Oriented Access Control Log on requires both a user identifier (ID) and a password system only allows users to log on if the ID is known to the system and password associated with the ID is correct users can reveal their password to others either intentionally or accidentally hackers are skillful at guessing passwords ID/password file can be obtained
6/2/2015B.Ramamurthy18 Data-Oriented Access Control Associated with each user, there can be a user profile that specifies permissible operations and file accesses Operating system enforces these rules For each object, an access control list gives users and their permitted access rights
6/2/2015B.Ramamurthy19 Access Matrix A general model of access control as exercised by a file or database management system is that of an access matrix. Basic elements of the model are: Subject: An entity capable of accessing objects. The concept of subject equates that of a process. Object: Anything to which access is controlled. Ex: files, programs, segments of memory. Access right: The way in which an object is accesses by the subject. Examples: read, write, and execute.
6/2/2015B.Ramamurthy20 Access Matrix (contd.) userA userB userC File 1 File 2File 3 File 4 Acct1 Acct2 Printer1 Own R, W Own R, W Own R, W Own R, W R R WR Inquiry Credit Inquiry Credit Inquiry Debit Inquiry Debit P
6/2/2015B.Ramamurthy21 Access Matrix Details Row index corresponds to subjects and column index the objects. Entries in the cell represent the access privileges/rights. In practice, access matrix is quite sparse and is implemented as either access control lists (ACLs) or capability tickets.
6/2/2015B.Ramamurthy22 ACLs Access matrix can be decomposed by columns, yielding access control lists. For each object access control list lists the users and their permitted access rights. The access control list may also have a default or public entry to covers subjects that are not explicitly listed in the list. Elements of the list may include individual as well group of users.
6/2/2015B.Ramamurthy23 Windows NT(W2K) Security Access Control Scheme name/password access token associated with each process object indicating privileges associated with a user security descriptor access control list used to compare with access control list for object
6/2/2015B.Ramamurthy24 Access Token (per user/subject) Security ID (SID) Group SIDs Privileges Default Owner Default ACL
6/2/2015B.Ramamurthy25 Security Descriptor (per Object) Flags Owner System Access Control List (SACL) Discretionary Access Control List (DACL)
6/2/2015B.Ramamurthy26 Access Control List ACL Header ACE Header Access Mask SID ACE Header Access Mask SID......
6/2/2015B.Ramamurthy27 Access Mask Generic All Generic Execute Generic Write Generic Read Access System Security Maximum allowed Delete Read Control Write DAC Write Owner Synchronize Generic Access Types Standard Access Types Specific Access Types
6/2/2015B.Ramamurthy28 Access Control Using ACLs When a process attempts to access an object, the object manager in W2K executive reads the SID and group SIDs from the access token and scans down the object’s DACL.W2K If a match is found in SID, then the corresponding ACE Access Mask provides the access rights available to the process.