Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE 30341 Operating System Principles Security. CSE 30341 – Operating System Principles2 Security The Security Problem Program Threats System and Network.

Published byEvangeline Booth Modified over 8 years ago

Similar presentations

Presentation on theme: "CSE 30341 Operating System Principles Security. CSE 30341 – Operating System Principles2 Security The Security Problem Program Threats System and Network."— Presentation transcript:

1 CSE 30341 Operating System Principles Security

2 CSE 30341 – Operating System Principles2 Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing Security Defenses Firewalling to Protect Systems and Networks Computer-Security Classifications An Example: Windows

3 CSE 30341 – Operating System Principles3 Objectives To discuss security threats and attacks To explain the fundamentals of encryption, authentication, and hashing To examine the uses of cryptography in computing To describe the various countermeasures to security attacks

4 CSE 30341 – Operating System Principles4 The Security Problem System secure if resources used and accessed as intended under all circumstances – Unachievable Intruders (crackers) attempt to breach security Threat is potential security violation Attack is attempt to breach security Attack can be accidental or malicious Easier to protect against accidental than malicious misuse

5 CSE 30341 – Operating System Principles5 Security Violation Categories Breach of confidentiality – Unauthorized reading of data Breach of integrity – Unauthorized modification of data Breach of availability – Unauthorized destruction of data Theft of service – Unauthorized use of resources Denial of service (DOS) – Prevention of legitimate use

6 CSE 30341 – Operating System Principles6 Security Violation Methods Masquerading – Pretending to be an authorized user to escalate privileges Replay attack – As is or with message modification Man-in-the-middle attack – Intruder sits in data flow, masquerading as sender to receiver and vice versa Session hijacking – Intercept an already-established session to bypass authentication

7 CSE 30341 – Operating System Principles7 Security Measure Levels Impossible to have absolute security, but make cost to perpetrator sufficiently high to deter most intruders Security must occur at four levels to be effective: – Physical – Human – Operating System – Network

8 CSE 30341 – Operating System Principles8 Program Threats Many variations, many names Trojan Horse – Code segment that misuses its environment – Exploits mechanisms for allowing programs written by users to be executed by other users Trap Door – Specific user identifier or password that circumvents normal security procedures – Typically meant for benign purposes

9 CSE 30341 – Operating System Principles9 Program Threats (Cont.) Logic Bomb – Program that initiates a security incident under certain circumstances Stack and Buffer Overflow – Exploits a bug in a program (overflow either the stack or memory buffers) – Failure to check bounds on inputs, arguments – Write past arguments on the stack into the return address on stack – When routine returns from call, returns to hacked address Pointed to code loaded onto stack that executes malicious code – Unauthorized user or privilege escalation

10 CSE 30341 – Operating System Principles10 C Program with Buffer-overflow Condition #include #define BUFFER SIZE 256 int main(int argc, char *argv[]) { char buffer[BUFFER SIZE]; if (argc < 2) return -1; else { strcpy(buffer,argv[1]); return 0; }

11 CSE 30341 – Operating System Principles11 Layout of Typical Stack Frame

12 CSE 30341 – Operating System Principles12 Modified Shell Code #include int main(int argc, char *argv[]) { execvp(‘‘\bin\sh’’,‘‘\bin \sh’’, NULL); return 0; }

13 CSE 30341 – Operating System Principles13 Hypothetical Stack Frame Before attack After attack

14 CSE 30341 – Operating System Principles14 Program Threats (Cont.) Viruses – Code fragment embedded in legitimate program – Self-replicating, designed to infect other computers – Very specific to CPU architecture, operating system, applications – Usually borne via email or as a macro Visual Basic Macro to reformat hard drive Sub AutoOpen() Dim oFS Set oFS = CreateObject(’’Scripting.FileSystemObject’’) vs = Shell(’’c:command.com /k format c:’’,vbHide) End Sub

15 CSE 30341 – Operating System Principles15 Program Threats (Cont.) Virus dropper inserts virus onto the system Many categories of viruses, literally many thousands of viruses – File / parasitic – Boot / memory – Macro – Source code – Polymorphic to avoid having a virus signature – Encrypted – Stealth – Tunneling – Multipartite – Armored

16 CSE 30341 – Operating System Principles16 A Boot-sector Computer Virus

17 CSE 30341 – Operating System Principles17 The Threat Continues Attacks still common, still occurring Attacks moved over time from science experiments to tools of organized crime – Targeting specific companies – Creating botnets to use as tool for spam and DDOS delivery – Keystroke logger to grab passwords, credit card numbers Why is Windows the target for most attacks? – Most common – Everyone is an administrator – Monoculture considered harmful

18 CSE 30341 – Operating System Principles18 System and Network Threats (Cont.) Worms – use spawn mechanism; standalone program Internet worm – Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs – Exploited trust-relationship mechanism used by rsh to access friendly systems without use of password – Grappling hook program uploaded main worm program 99 lines of C code – Hooked system then uploaded main code, tried to attack connected systems – Also tried to break into other users accounts on local system via password guessing – If target system already infected, abort, except for every 7 th time

19 CSE 30341 – Operating System Principles19 System and Network Threats (Cont.) Port scanning – Automated attempt to connect to a range of ports on one or a range of IP addresses – Detection of answering service protocol – Detection of OS and version running on system – nmap scans all ports in a given IP range for a response – nessus has a database of protocols and bugs (and exploits) to apply against a system – Frequently launched from zombie systems To decrease traceability

20 CSE 30341 – Operating System Principles20 System and Network Threats (Cont.) Denial of Service – Overload the targeted computer preventing it from doing any useful work – Distributed denial-of-service (DDOS) come from multiple sites at once – Consider the start of the TCP/IP-connection handshake (SYN) How many started-connections can the OS handle? – Consider traffic to a web site How can you tell the difference between being a target and being really popular? – Accidental – CS students writing bad fork() code – Purposeful – extortion, punishment

21 CSE 30341 – Operating System Principles21 Friends and Enemies Bob, Alice want to communicate “securely” Trudy, the “intruder” may intercept, delete, add messages Figure 7.1 goes here

22 CSE 30341 – Operating System Principles22 Friends and Enemies

23 CSE 30341 – Operating System Principles23 Overview Cryptography functions – Secret key (e.g., DES) – Public key (e.g., RSA) – Message digest (e.g., MD5) Security services – Privacy: preventing unauthorized release of information – Authentication: verifying identity of the remote participant – Integrity: making sure message has not been altered

24 CSE 30341 – Operating System Principles24 Secret Key (DES)

25 CSE 30341 – Operating System Principles25 Symmetric Key Substitution cipher: substituting one thing for another – monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.:

26 CSE 30341 – Operating System Principles26 64-bit key (56-bits + 8-bit parity) 16 rounds Each Round + F L i─ 1 R i─ 1 R i K i L i Data Encryption Standard

27 CSE 30341 – Operating System Principles27 Repeat for larger messages Data Encryption Standard

28 CSE 30341 – Operating System Principles28 Public Key (RSA) Encryption & Decryption c = m e mod n m = c d mod n

29 CSE 30341 – Operating System Principles29 RSA (cont) Choose two large prime numbers p and q (each 256 bits) Multiply p and q together to get n Choose the encryption key e, such that e and (p - 1) x (q - 1) are relatively prime. Two numbers are relatively prime if they have no common factor greater than one Compute decryption key d such that d*e = 1 mod ((p - 1) x (q - 1)) Construct public key as (e, n) Construct private key as (d, n) Discard (do not disclose) original primes p and q

30 CSE 30341 – Operating System Principles30 RSA Example Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). letter m m e c = m mod n e l 12 1524832 17 c m = c mod n d 17 481968572106750915091411825223072000 12 c d letter l encrypt: decrypt:

31 CSE 30341 – Operating System Principles31 Message Digest Cryptographic checksum – just as a regular checksum protects the receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message. One-way function – given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum. Relevance – if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given.

32 CSE 30341 – Operating System Principles32 Authentication Protocols Three-way handshake ClientServer ClientId, E (, CHK) E( y +, CHK) E(SK, SHK) Y

33 CSE 30341 – Operating System Principles33 Trusted third party (Kerberos)

34 CSE 30341 – Operating System Principles34 Public key authentication AB E ( x, Public B ) x

35 CSE 30341 – Operating System Principles35 Message Integrity Protocols Digital signature using RSA – special case of a message integrity where the code can only have been generated by one participant – compute signature with private key and verify with public key Keyed MD5 – sender: m + MD5(m + k) + E(E(k,rcv_public), snd_private) – receiver recovers random key using the sender ’ s public key applies MD5 to the concatenation of this random key message MD5 with RSA signature – sender: m + E(MD5(m), private) – receiver decrypts signature with sender ’ s public key compares result with MD5 checksum sent with message

36 CSE 30341 – Operating System Principles36 Public Key Distribution Certificate – special type of digitally signed document: “ I certify that the public key in this document belongs to the entity named in this document, signed X. ” – the name of the entity being certified – the public key of the entity – the name of the certification authority – a digital signature Certification Authority (CA) – administrative entity that issues certificates – useful only to someone that already holds the CA ’ s public key.

37 CSE 30341 – Operating System Principles37 Key Distribution (cont) Chain of Trust – if X certifies that a certain public key belongs to Y, and Y certifies that another public key belongs to Z, then there exists a chain of certificates from X to Z – someone that wants to verify Z ’ s public key has to know X ’ s public key and follow the chain Certificate Revocation List

38 CSE 30341 – Operating System Principles38 Certificate Serial number (unique to issuer) info about certificate owner, including algorithm and key value itself (not shown)  info about certificate issuer  valid dates  digital signature by issuer

39 CSE 30341 – Operating System Principles39 User Authentication Crucial to identify user correctly, as protection systems depend on user ID User identity most often established through passwords, can be considered a special case of either keys or capabilities Passwords must be kept secret – Frequent change of passwords – History to avoid repeats – Use of “non-guessable” passwords – Log all invalid access attempts (but not the passwords themselves)

40 CSE 30341 – Operating System Principles40 Secure Shell (SSH) Remote login service (replaces telnet and rlogin). Provides authentication, integrity, and confidentiality. SSH version 2: SSH-TRANS, SSH-AUTH, SSH-CONN.

41 CSE 30341 – Operating System Principles41 Transport Layer Security (TLS) Secure Socket Layer (SSL). Secure HTTP (HTTPS). Handshake protocol and record protocol.

42 CSE 30341 – Operating System Principles42 Firewalls Filter-Based Solution – example ( 192.12.13.14, 1234, 128.7.6.5, 80 ) (*,*, 128.7.6.5, 80 ) – default: forward or not forward? – how dynamic?

43 CSE 30341 – Operating System Principles43 Proxy-Based Firewalls Problem: complex policy Example: web server Solution: proxy Design: transparent vs. classical Limitations: attacks from within

Download ppt "CSE 30341 Operating System Principles Security. CSE 30341 – Operating System Principles2 Security The Security Problem Program Threats System and Network."

Similar presentations

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)

Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt.

Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Lecture 21 Chapter 14: Protection Chapter 15: Security

Lecture 21 Chapter 14: Protection Chapter 15: Security
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Chapter 15: Security. 15.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Jan 10, 2005 Chapter 15: Security The Security.

Chapter 15: Security Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Jan 10, 2005 Chapter 15: Security The Security.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.
University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.

University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.

Similar presentations

Ads by Google