Information Security - 2. Objectives of this course A solution to these issues A collective effort of Architecture, OS, Compiler and Application Developers.

Slides:



Advertisements
Similar presentations
Operating Systems Manage system resources –CPU scheduling –Process management –Memory management –Input/Output device management –Storage device management.
Advertisements

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Memory Management Paging &Segmentation CS311, CS350 & CS550.
Secure Operating Systems Lesson 9: Multics. Where are we?  We now know all the background… so it’s time to figure out why Dr. Ford likes Multics so very.
1 September 1,  Motivation  Background  TrustDump Architecture  Implementation Details  Evaluation  Summary 2.
Paging Hardware With TLB
Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.
Chapter 6 Limited Direct Execution
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
Day 11 Processes. Operating Systems Control Tables.
Thirty Years Later: Lessons from the Multics Security Evaluation Paul A. Karger & Roger R. Schell Presented by: Sulaiman Alkhezi.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.
OS Spring’03 Introduction Operating Systems Spring 2003.
Chapter 4 Access Control Manage Principals operations in system.
Operating System Support for Virtual Machines Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan.
Jiang Wang, Joint work with Angelos Stavrou and Anup Ghosh CSIS, George Mason University HyperCheck: a Hardware Assisted Integrity Monitor.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Senior Design May AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android.
Building Trusted Path on Untrusted Device Drivers for Mobile Devices
Security in the industry H/W & S/W What is AMD’s ”enhanced virus protection” all about? What’s coming next? Presented by: Micha Moffie.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 20 October 28, 2004.
Systems Security & Audit Operating Systems security.
CS533 Concepts of Operating Systems Jonathan Walpole.
Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.
Operating System Support for Virtual Machines Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Introduction to the Java Virtual Machine 井民全. JVM (Java Virtual Machine) the environment in which the java programs execute The specification define an.
TrustOTP: Smartphone as One-Time Password Token
An approach to on the fly activation and deactivation of virtualization-based security systems Denis Efremov Pavel Iakovenko
Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,
Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.
R Enabling Trusted Software Integrity Darko Kirovski Microsoft Research Milenko Drinić Miodrag Potkonjak Computer Science Department University of California,
Computers Operating System Essentials. Operating Systems PROGRAM HARDWARE OPERATING SYSTEM.
 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.
Midterm Meeting Pete Bohman, Adam Kunk, Erik Shaw.
Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.
Multics CysecLab Graduate School of Information Security KAIST.
Operating Systems Security
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 19 October 26, 2004.
Security Vulnerabilities in A Virtual Environment
SubVirt: Implementing malware with virtual machines Authors: Samuel T. King, Peter M. Chen University of Michigan Yi-Min Wang, Chad Verbowski, Helen J.
Chapter 3.7 Segmentation. Memory allocation as a concept ● This presentation is about memory management specifically about memory segmentation and paging.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.
User Mode Linux (UML): An overview and experiences. Matthew Grove SLUG Tech Talk Red Hat Europe 12 th January 2007.
Information Security - 2
1 Security Architecture and Designs  Security Architecture Description and benefits  Definition of Trusted Computing Base (TCB)  System level and Enterprise.
Chapter 6 Limited Direct Execution Chien-Chung Shen CIS/UD
Introduction to Operating Systems Concepts
Virtualization.
Introduction to Kernel
Memory Management Paging (continued) Segmentation
Process Management Process Concept Why only the global variables?
Providing Security for Embedded Devices Through Virtualization
Operating System Structure
System Programming and administration
Chapter 4 – Introduction to Operating System Concepts
CS490 Windows Internals Quiz 2 09/27/2013.
VMPCS-OGC Virtual Machine Protection and Checking System using Out-of-Guest Control ferify.
OS Virtualization.
Chapter 1: Intro (excerpt)
COP 5611: Operating Systems
Memory Management Paging (continued) Segmentation
Operating System Support for Virtual Machines
Information Security - 2
The Design & Implementation of Hyperupcalls
Memory Management Paging (continued) Segmentation
Trusted execution environment and software security
Presentation transcript:

Information Security - 2

Objectives of this course A solution to these issues A collective effort of Architecture, OS, Compiler and Application Developers Discuss Architecture structure, roles and responsibilities Rest in subsequent courses – We have four more in the Information Security series.

Architecture and Security Body and Blood Imagine – We existed for four decades with just Body and no blood – Suddenly we want to fill up with blood and make ourselves IMMUNE – We need several decades RETROFIT SECURITY ROOT of TRUST is Architecture

Security from Hardware’s Viewpoint Definition – Leakage of Information – Unauthorized gain in privilege The Reason – Lack of Isolation among programs in execution (Process) Isolation – Memory and shared resources

The structure of this course Memory Isolation – X86 and ARM – Segmentation in x86 – Paging in x86 – ARM Trustzone Code privilege – Interrupt Service in x86 – Task/Privilege switching in x86 – High Assurance Boot and Secure signing in ARM

Practical Aspects Security is no more theory – it is full of practice In this course – Develop a Mini Kernel for x86 environment in assembly that help explore the security features provided by x86 hardware. – Live demonstration of certain hardware security features in ARM

References Samuel T. King et al., SubVirt: Implementing malware with virtual machines Smashing the Stack for Fun and Profit, aleph1 circa 1996 Paul A. Karger and Roger R. Shell, Thirty Years Later: Lessons from the Multics Security Evaluation.

End of Session-6 Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.