Computer Science and Engineering Computer System Security CSE 5339/7339 Session 20 October 28, 2004.

Slides:



Advertisements
Similar presentations
Operating Systems Manage system resources –CPU scheduling –Process management –Memory management –Input/Output device management –Storage device management.
Advertisements

Chapter 3 Process Description and Control
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
© Chinese University, CSE Dept. Software Engineering / Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.
Chapter 6 Security Kernels.
Chap 2 System Structures.
Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.
Introduction CSCI 444/544 Operating Systems Fall 2008.
Chapter 6 User Protections in OS. csci5233 computer security & integrity (Chap. 6) 2 Outline User-level protections 1.Memory protection 2.Control of access.
ISBN Chapter 3 Describing Syntax and Semantics.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
Secure Operating Systems Lesson 0x11h: Systems Assurance.
Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Operating System Structure. Announcements Make sure you are registered for CS 415 First CS 415 project is up –Initial design documents due next Friday,
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Stephen S. Yau CSE , Fall Evaluating Systems for Functionality and Assurance.
CS533 - Concepts of Operating Systems
Describing Syntax and Semantics
CS4315A. Berrached:CMS:UHD1 Operating System Structures Chapter 3.
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
OS Organization. OS Requirements Provide resource abstractions –Process abstraction of CPU/memory use Address space Concurrency Thread abstraction of.
Operating System Organization
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 2: System Structures.
ISA 562 Internet Security Theory & Practice
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
Intro to Architecture – Page 1 of 22CSCI 4717 – Computer Architecture CSCI 4717/5717 Computer Architecture Topic: Introduction Reading: Chapter 1.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Security Architecture and Design Chapter 4 Part 3 Pages 357 to 377.
University of Toronto Department of Computer Science © Steve Easterbrook. This presentation is available free for non-commercial use with attribution.
BE-SECBS FISA 2003 November 13th 2003 page 1 DSR/SAMS/BASP IRSN BE SECBS – IRSN assessment Context application of IRSN methodology to the reference case.
Hardware process When the computer is powered up, it begins to execute fetch-execute cycle for the program that is stored in memory at the boot strap entry.
Computers Operating System Essentials. Operating Systems PROGRAM HARDWARE OPERATING SYSTEM.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3.
Ihr Logo Operating Systems Internals & Design Principles Fifth Edition William Stallings Chapter 2 (Part II) Operating System Overview.
G53SEC 1 Reference Monitors Enforcement of Access Control.
COP 4610 Introduction to Operating Systems. Chapter 1 - Introduction OS - Layer between the hardware and user programs (Figure 1.1) OS - The ultimate.
System Components ● There are three main protected modules of the System  The Hardware Abstraction Layer ● A virtual machine to configure all devices.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 19 October 26, 2004.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Hardware process When the computer is powered up, it begins to execute fetch-execute cycle for the program that is stored in memory at the boot strap entry.
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
What is a Process ? A program in execution.
Virtual Machines Mr. Monil Adhikari. Agenda Introduction Classes of Virtual Machines System Virtual Machines Process Virtual Machines.
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 21: Evaluating Systems Dr. Wayne Summers Department of Computer Science Columbus State University
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Chap5: Designing Trusted Operating Systems.  What makes an operating system “secure”? Or “trustworthy”?  How are trusted systems designed, and which.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 5: Security Architecture and Models.
1 Security Architecture and Designs  Security Architecture Description and benefits  Definition of Trusted Computing Base (TCB)  System level and Enterprise.
1.3 Operating system services An operating system provide services to programs and to the users of the program. It provides an environment for the execution.
Operating System Structures
Security Models and Designing a Trusted Operating System
Operating System Structure
CS490 Windows Internals Quiz 2 09/27/2013.
KERNEL ARCHITECTURE.
Operating Systems Security
Official levels of Computer Security
Chapter 2: System Structures
THE ORANGE BOOK Ravi Sandhu
CSE451 Virtual Memory Paging Autumn 2002
Operating Systems: A Modern Perspective, Chapter 3
Chapter 2 Operating System Overview
CSE 153 Design of Operating Systems Winter 2019
Presentation transcript:

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 20 October 28, 2004

Computer Science and Engineering Contents  Separation  Assurance  Group Work  Evaluation  Examples  Sandeep’s presentation

Computer Science and Engineering Separation:  Physical Separation  Temporal Separation  Cryptographic Separation  Logical separation (isolation)

Computer Science and Engineering Virtualization:  Illusion  The OS emulates or simulates a collection of a computer system’s resources.  Virtual Machine: Collection of real or simulated hardware facilities – processor, memory, I/O devices

Computer Science and Engineering IBM MVS/ESA  Paging System  Virtualization is used to provide logical separation that gives the user the impression of physical separation.  Each user feels that he/she has a separate machine  Each user’s virtual memory space cab be as large as the total addressable space.

Computer Science and Engineering Virtual machine Real System Resources Real OS VirtualMachine User 1 VirtualMachine User 2 VirtualMachine User 3

Computer Science and Engineering Layered OS Hardware Security functions Synchronization, allocation Scheduling, sharing, MM File system, device allocation Utility functions Compilers, database User processes OS kernel Security kernel OS

Computer Science and Engineering Modules operating in Different Layers Least trusted code Most trusted code User interface User ID lookup Data comparison Data update User Authentication module

Computer Science and Engineering Provably Secure Operating System (PSOS)  16 level Layered structure (see table – page 272)  Each layer uses the services of the layers below it, and provides certain level of functionality to the layers above it.  Peel off each layer and still have a logically complete system with less functionality

Computer Science and Engineering Conventionally vs. Hierarchically Designed Systems LevelFunctionsRisk AllNon-criticalDisaster possible AllLess criticalDisaster possible AllMost criticalDisaster possible levelFunctionsRisk 2Non-critical 1Less critical 0Most critical

Computer Science and Engineering Assurance  Testing – based on the actual product being evaluated, not on abstraction  Verification – each of the system’s functions works correctly  Validation – the developer is building the right product (according to the specification)

Computer Science and Engineering Testing  Can demonstrate the existence of a problem, but passing tests does not imply the absence of problems  Hard to achieve adequate test coverage within reasonable time – inputs & internal states  Observable effects versus internal structure  real-time systems – hard to keep track of all states  Penetrating Testing – tiger team analysis, ethical hacking Team of experts in the design of OS tries to crack the system

Computer Science and Engineering Formal verification  The most rigorous method  Rules of mathematical logic to demonstrate that a system has certain security property  Proving a Theorem  Time consuming – complex process  Simple example

Computer Science and Engineering Entry min  A[1] i  1 i  i + 1 i > n min < A[i] min  A[i] Exit yes no yes no Example: find minimum

Computer Science and Engineering Example – Finding the minimum value Assertions P:n > 0Q:n > 0 and 1  i  n and min  A[1] R:n > 0 and S:n > 0 and 1  i  n andi = n + 1 and for all j 1  j  i -1 for all j 1  j  i -1 min  A[j]

Computer Science and Engineering Exercise 1  Four sources of weaknesses in OS security:  I/O  Ambiguity in access policy  Incomplete mediation  Generality Group work

Computer Science and Engineering Validation  Requirements checking – system does things it should do (in security, system does not do things it is not supposed to do)  Design and code reviews – traceability from each requirement to design and code components  System testing – data expected from reading the requirement document can be confirmed in the actual running of the systems

Computer Science and Engineering Evaluation  Review: requirements, design, implementation, assurance  US “Orange Book” Evaluation – Trusted Computer System Evaluation Criteria (TCSEC)  European ITSEC Evaluation – Information Technology Security Evaluation Criteria  US Combined Federal Criteria – 1992 joiintly buy NIST and NSA

Computer Science and Engineering TCSEC (Examine the table in page 284)  The levels of trust are described as four divisions: A, B, C, D, where A has the most comprehensive degree of security.  Within a class, numbers are used. The higher numbers indicate tighter security requirements.  4 clusters of ratings:  D – no requirements  C1/C2/B1 – commercial OS  B2 – proof of security of the underlying model  B3/A1 – proven descriptive and formal design of the trusted OS

Computer Science and Engineering Implementation Examples  UNIX – environment of trustworthy collaborators  PR/SM – protection against inadvertent or malicious attempts by a process in one domain to interfere with one in a different domain  VAX Security Kernel – by DEC, targeted A1 level of the TCSEC

Computer Science and Engineering Exercise 2 Group work

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.