Chapter 9 Security 9.1 - 9.3 Environment Basics of Cryptography Protection Mechanisms Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall,

Slides:



Advertisements
Similar presentations
Chapter 9 Security 9.1 The security environment
Advertisements

Tanenbaum & Woodhull, Operating Systems: Design and Implementation, (c) 2006 Prentice-Hall, Inc. All rights reserved OPERATING SYSTEMS DESIGN.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
By Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson, Linda Lau, Jerri Williams Chapter 9 Fine-Tuning the Database 1 Copyright.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Principles of Information Security, 2nd edition1 Cryptography.
1 Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Chapter 10 Privacy and Security McGraw-Hill
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
1 Pertemuan 23 Sistem Keamanan Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5.
1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
11.1 Copyright © 2005 Pearson Education Canada Inc. Management Information Systems, Second Canadian Edition Chapter 11: Information Systems Security, Quality,
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
Operating Systems Protection & Security.
Silberschatz and Galvin  Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.
Security Protection Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
Made by: Sambit Pulak XI-IB. Reliability refers to the operation of hardware, the design of software, the accuracy of data or the correspondence of data.
Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats.
Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental.
Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.
1 Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
J. Paloschavez, M. Troxler, J. Boggs, J. Lagas Chapters 9 & 10 IA705 Spring Chapters 9 & 10, Modern Operating Systems by A. S. Tanenbaum Group E.
Security. cs431-cotter2 Figure 9-1. Security goals and threats. Threats Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights.
Types of Electronic Infection
Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research.
13/03/07 CENG334 Introduction to Operating Systems Erol Sahin Dept of Computer Eng. Middle East Technical University Ankara, TURKEY URL:
Chapter 5 Network Security
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
Security Chapter 9 Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Outline Objective: –Access Control Mechanisms. The Security Environment Threats Security goals and threats.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
CSIT324 OS &WEB INTERFACE SECURITY Introduction. C OURSE O UTLINE Concepts Security environment: Threats, intruders, accidental data loss. Cryptography.
Chap1: Is there a Security Problem in Computing?.
Outline for Today’s Lecture Administrative: –Happy Thanksgiving –Sign up for demos. Objective: –Peer-to-peer file systems Mechanisms employed Issues Some.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 9 Security 9.1 The security environment
Security Protecting information data confidentiality
MODERN OPERATING SYSTEMS Third Edition ANDREW S
Chapter 9 Security 9.1 The security environment
Chapters 14,15 Security.
Resource Management Chapter 19 9/20/2018 Crowley OS Chap. 19.
Chapter 9 Security 9.1 The security environment
12: Security The Security Problem Authentication Program Threats
برنامج أمن أنظمة الحاسب
Data integrity and security
Security.
Chapters 14,15 Security.
Operating System Concepts
Operating System Concepts
Presentation transcript:

Chapter 9 Security Environment Basics of Cryptography Protection Mechanisms Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-1. Security goals and threats. Threats Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Intruders Common categories: Casual prying by nontechnical users. Snooping by insiders. Determined attempts to make money. Commercial or military espionage. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Accidental Data Loss Common causes of accidental data loss: Acts of God: fires, floods, earthquakes, wars, riots, or rats gnawing backup tapes. Hardware or software errors: CPU malfunctions, unreadable disks or tapes, telecommunication errors, program bugs. Human errors: incorrect data entry, wrong tape or CD- ROM mounted, wrong program run, lost disk or tape, or some other mistake. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-2. Relationship between the plaintext and the ciphertext. Basics Of Cryptography Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Secret-Key Cryptography Monoalphabetic substitution: Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ Ciphertext: QWERTYUIOPASDFGHJKLZXCVBNM Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Public-Key Cryptography Encryption makes use of an "easy" operation, such as how much is × ? Decryption without the key requires you to perform a hard operation, such as what is the square root of ? Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-3. (a) Computing a signature block. (b) What the receiver gets. Digital Signatures Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-4. Three protection domains. Protection Domains (1) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-5. A protection matrix. Protection Domains (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-6. A protection matrix with domains as objects. Protection Domains (3) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-7. Use of access control lists to manage file access. Access Control Lists (1) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-8. Two access control lists. Access Control Lists (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure 9-9. When capabilities are used, each process has a capability list. Capabilities (1) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure A cryptographically protected capability. Capabilities (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Capabilities (3) Examples of generic rights: Copy capability: create a new capability for the same object. Copy object: create a duplicate object with a new capability. Remove capability: delete an entry from the C-list; object unaffected. Destroy object: permanently remove an object and a capability. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Trusted Systems Consider reports of viruses, worms, etc. Two naive (but logical) questions: –Is it possible to build a secure computer system? –If so, why is it not done? Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure A reference monitor. Trusted Computing Base Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) An authorized state. (b) An unauthorized state. Formal Models of Secure Systems Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

The Bell-La Padula Model (1) Rules for the Bell-La Padula model : The simple security property: A process running at security level k can read only objects at its level or lower. The * property: A process running at security level k can write only objects at its level or higher. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure The Bell-La Padula multilevel security model. The Bell-La Padula Model (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

The Biba Model Rules for the Biba model: The simple integrity principle: A process running at security level k can write only objects at its level or lower (no write up). The integrity * property: A process running at security level k can read only objects at its level or higher (no read down). Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) The client, server, and collaborator processes. (b) The encapsulated server can still leak to the collaborator via covert channels. Covert Channels (1) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure A covert channel using file locking. Covert Channels (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) Three zebras and a tree. (b) Three zebras, a tree, and the complete text of five plays by William Shakespeare. Covert Channels (3) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.