Download presentation
Presentation is loading. Please wait.
1
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux
2
2 Goals of Protection Let’s say we have a valuable resource like an O.S. collection of objects, hardware & software Objects have unique names Accessed through well-defined set of operations Goals of protection: Ensure each object accessed correctly & only by authorized processes according to some policy. policy: statement of what states (and operations) are allowed (i.e., secure/authorized), and what are not allowed (i.e., nonsecure/unauthorized) for a specific system.
3
3 Protecting general objects Objects Memory File/directory Hardware device Data structure (e.g., stack, table) Instructions (e.g., privileged instructions) Passwords Protection mechanism itself
4
4 Protection Domains Access-right = Rights-set = subset of all valid operations that can be performed on the object (i.e., the policy!) Domain = set of access-rights
5
5 Access Matrix Column: defines who can perform what operation on the object Row: Operations allowed on what objects, per-domain
6
6 Implementation of Access Matrix Access list for objects Maintain list per object Capability (object) list for domains Maintain list of objects + operations per domain Object name = capability Check in capability list for access Pros and cons of access list & capability list Determine the set of access rights for each domain? Revocation of capabilities?
7
7 Example: File protection in UNIX Access control bits (UNIX) Three categories of user (owner, group, world) Three types of access privileges (read, write, execute) One bit per operation (111101000 = rwxr-x----) Domain is implemented as the “user-id” OS can do domain switching to execute some task accomplished via file system Each file has associated domain bit (setuid bit) When file executed and setuid=on, user-id set to owner of the file being executed When execution completes, user-id is reset “ps” is a setuid program, as is “lpr”.
8
8 Security The Security Problem Program Threats System & Network Threats Counter-measures to Threats Threat Monitoring Cryptography
9
9 Security problem Confidentiality: ensuring objects are available/understandable only to authorized peers E.g., no unauthorized read access Integrity: ensuring objects have not been maliciously or accidentally modified. No introduction of inconsistency. Availability: ensuring objects are available without delay and operate correctly (to authorized peers) No malicious destruction of resources (i.e., objects)
10
10 Threats Program Threats: program cause security breaches Trojan Horse, Login Spoofing, Trap/Back Door, Stack/Buffer Overflow, Virus System & Network Threats: Abuse services and network connection to cause security breaches Worms, Port Scanning, (Distributed) Denial of Service
11
11 Trojan Horse Code (segment) that misuses its environment. Objective of Trojan Get executed by someone Once executed copy/mail/modify some critical files Example: In /tmp put a program named ls Administrator goes to /tmp, types ls... If the path “.” is in front of his search path... Bingo!
12
12 Login Spoofing Write a fake login program Fake program shows the usual login prompt.... Unsuspecting user comes in and tries to log in Types loginID Types password The Spoof login store the pair away and terminates Normal logins come back up User simply thinks he mistyped his password... In the meantime, the attacker found a valid pair!
13
13 Trap Doors Modification at the source level Programmer introduces a loophole to bypass the login process. Loophole ignores password for a specific login Who can use it? (programmer, attacker) How to prevent it... Code review Sometimes in compiler (very difficult)
14
14 Buffer Overflow Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else.... Return Address Main's Local Variables Stack Foo()'s local var Fixed Sized-Array
15
15 Buffer Overflow Return Address Main's Local Variables Stack Foo()'s local var Long string that overflows... It wipes out the return address Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else....
16
16 Buffer Overflow Return Address Main's Local Variables Stack Foo()'s local var Long string that overflows... It wipes out the return address If string is well aligned with place of return address, it can be a meaninfull address Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else....
17
17 Buffer Overflow Return Address Main's Local Variables Stack Foo()'s local var Long string that overflows... It wipes out the return address If string is well aligned with place of return address... It can be a meaninfull address Malicious Code! Bug in a program Program overstep some array bounds Overwrites return address When subroutine returns, it effectively jumps someplace else....
18
18 Virus Self-reproducing Attach to host machine Dormant for a while Activate at some point and Destroy Steal Spreading via Program copying, Email, Web-pages, …
19
19 Worms Slightly different from virus Self-reproduces; take up resources Do not need a host-program Use vulnerabilities to spread across the net Break system through infestation; worst outbreak can take worldwide networks down. Worms propagate themselves; Virus require action by the user to perpetuate themselves Example: Morris Worms, CodeRed
20
20 Other System & Network Threats Port scanning Automated attempt to connect to a range of ports on one or a range of IP addresses Denial of Service Overload the targeted computer preventing it from doing any useful work Distributed denial-of-service (DDOS) come from multiple sites at once
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.