Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Published byOscar Roberts Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external."— Presentation transcript:

1 Chapter 15 Security Bernard Chen Spring 2007

2 Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external problem

3 Security In many applications, ensuring the security of the computer system is worth considerable effort Large commercial systems containing payroll or other financial data are inviting targets to thieves Security must consider external environment of the system, and protect the system resources

4 The Security Problem Intruders (crackers) attempt to breach security Threat is potential security violation Attack is attempt to breach security Attack can be accidental or malicious Easier to protect against accidental than malicious misuse

5 Security Violations Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service

6 Security Violations Breach of confidentiality This type of violation involves unauthorized reading of data (or theft of information). Capturing secret data from a system, such as credit-card information, identity theft. Breach of integrity This violation involves unauthorized modification of data. Such as modification of the source code of an important commercial application

7 Security Violations Breach of availability This violation involved unauthorized destruction of data. Website defacement is a common example of this type Theft of service This violation involves unauthorized use of resource Denial of service (DOS) This violation involves preventing legitimate use of the system.

8 Security Violation Methods Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking

9 Security Violation Methods Masquerading: one participant in a communication pretends to be someone else. By masquerading, attackers breach authentication, the correctness of identification Replay Attack: consist of the malicious or fraudulent repeat of a valid data transmission.

10 Security Violation Methods Message modification Man-in-the-middle attack Session hijacking

11

12 Security Measure Levels Security must occur at four levels to be effective: Physical Human (Avoid phishing: a legitimate-looking email or a web page misleads a user into entering confidential information dumpster diving: attempting to gather information in order to gain unauthorized access to the computer) Operating System Network

13 Program Threats

14 C Program with Buffer C Program with Buffer-overflow Condition

15 In stead of using “strcpy(buffer, argv[1]);” Use “strncpy(buffer,argv[1],sizeof(buffer)-1)”

16 Hypothetical Stack Frame

17 Viruses Code fragment embedded in legitimate program Very specific to CPU architecture, operating system, applications Usually borne via email or as a macro

18 Types of Viruses Many categories of viruses, literally many thousands of viruses File Boot Macro Source code Polymorphic Encrypted Stealth Tunneling Multipartite Armored

19 A Boot-sector Computer Virus

20 Worms A worm is a process that uses the SPAWN mechanism to ravage system performance The worm spawns copies of itself, using up system resources and perhaps locking out all other processes The worm was made up of two programs, a grappling hook program and the main program

21 Worm

22 Cryptography as a Security Tool It is the broadest security tool available Source and destination of messages cannot be trusted without cryptography The method is based on secrets (keys)

23

24 Encryption

25

26 Symmetric Encryption Same key used to encrypt and decrypt E(k) can be derived from D(k), and vice versa

27 Symmetric Encryption DES is most commonly used symmetric block- encryption algorithm (created by US Govt) Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES), twofish up and coming RC4 is most common symmetric stream cipher, but known to have vulnerabilities

28 Asymmetric Encryption Public-key encryption based on each user having two keys: public key – published key used to encrypt data private key – key known only to individual user used to decrypt data

29

30

31

Download ppt "Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external."

Similar presentations

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
Module 6.0: Security and Protection

Module 6.0: Security and Protection
Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)

Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt.

Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Lecture 21 Chapter 14: Protection Chapter 15: Security

Lecture 21 Chapter 14: Protection Chapter 15: Security
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Chapter 15: Security. 15.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Jan 10, 2005 Chapter 15: Security The Security.

Chapter 15: Security Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Jan 10, 2005 Chapter 15: Security The Security.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
Security.

Security.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

Similar presentations

Ads by Google