Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unix Systems security and security evaluation criteria.

Published byDerick Powell Modified over 8 years ago

Similar presentations

Presentation on theme: "Unix Systems security and security evaluation criteria."— Presentation transcript:

1 Unix Systems security and security evaluation criteria

2 Agenda Overview of UNIX Flavors and versions of UNIX Open source vs proprietary software Security evaluation criteria Ten general security rule

3 Flavors and versions of UNIX Following are the example of The proprietary flavors of unix that have been designed to run only (or mainly) on proprietary hardware sold by the same company – AIX - developed by IBM for use on its mainframe computers – BSD/OS - a commercial version of BSD developed by Wind River for Intel processors – HP-UX - developed by Hewlett-Packard for its HP 9000 series of business servers – IRIX - developed by SGI for applications that use 3-D visualization and virtual reality – QNX - a real time operating system developed by QNX Software Systems primarily for use in embedded systems – Solaris - developed by Sun Microsystems for the SPARC platform and the most widely used proprietary flavor for web servers – Tru64 - developed by Compaq for the Alpha processor

4 Flavors and versions of UNIX Others are developed by groups of volunteers who make them available for free. Among them are: – Linux - the most popular and fastest growing of all the Unix-like operating systems – FreeBSD - the most popular of the BSD systems (all of which are direct descendants of BSD UNIX, which was developed at the University of California at Berkeley) – NetBSD - features the ability to run on more than 50 platforms, ranging from acorn26 to x68k – OpenBSD - may have already attained its goal of becoming the most secure of all computer operating systems – Darwin - the new version of BSD that serves as the core for the Mac OS X

5 Open source vs. Proprietary software Open source software – Some example are Linux distribution, PHP, Apache, gdb, XML, gcc, java, perl etc Proprietary software – Example are Microsoft windows, Exchange server, Adobe Acrobat, Photoshop, Mac os etc

6 Security evaluation criteria Computer security evaluation? – is the detailed examination and testing of the security features of an IT system or product to ensure that they work correctly and effectively and do not show any logical vulnerabilities. – It includes a claimed level of Assurance that determines how rigorous the evaluation is. Criteria – Criteria are the "standards" against which security evaluation is carried out.

7 Security evaluation criteria TCSEC(Trusted Computer System Evaluation Criteria) – The US Department of Defense published the first criteria in 1983 as the TCSEC – more popularly known as the "Orange Book". – The current issue is dated 1985. – The US Federal Criteria were drafted in the early 1990s as a possible replacement but were never formally adopted. ITSEC (Information Technology Security Evaluation Criteria) – During the 1980s, the UK, Germany, France and the Netherlands produced versions of their own national criteria. These were harmonised and published as the ITSEC.

8 Security evaluation criteria Common Criteria – The Common Criteria represents the outcome of international efforts to align and develop the existing European and North American criteria. – The Common Criteria project harmonizes ITSEC, CTCPEC (Canadian Criteria) and US Federal Criteria (TCSEC)into the Common Criteria for Information Technology Security Evaluation (CC) for use in evaluating products and systems and for stating security requirements in a standardized way.

9 Ten general security rule Rule 1: Security Through Obscurity Doesn't Work Rule 2: Full Disclosure of Bugs and Holes Benefits Security Rule 3: System Security Degrades in Direct Proportion to Use Rule 4: Do It Right Before Someone Does It Wrong For You Rule 5: The Fear of Getting Caught is the Beginning of Wisdom

10 Ten general security rule Rule 6: There's Always Someone Out There Smarter, More Knowledgeable, or Better- Equipped Than You Rule 7: There Are No Turnkey Security Solutions Rule 8: Good and Evil Blend into Gray Rule 9: Think Like the Enemy Rule 10: Trust is a Relative Concept

Download ppt "Unix Systems security and security evaluation criteria."

Similar presentations

The Web Wizards Guide to Freeware/Shareware Chapter Six Open Source Software.

The Web Wizards Guide to Freeware/Shareware Chapter Six Open Source Software.
Ubiquitous Computing Technology Research Institute Sungkyunkwan University Using Ethereal - Packet Capturing & Analysis Tool 2006. 4. 12 Sungkyunkwan University.

Ubiquitous Computing Technology Research Institute Sungkyunkwan University Using Ethereal - Packet Capturing & Analysis Tool Sungkyunkwan University.
Chapter 16: Standardization and Security Criteria: Security Evaluation of Computer Products Guide to Computer Network Security.

Chapter 16: Standardization and Security Criteria: Security Evaluation of Computer Products Guide to Computer Network Security.
IT Security Evaluation By Sandeep Joshi

IT Security Evaluation By Sandeep Joshi
COMPUTER SYSTEMS OPERATING SYSTEMS AND SOFTWARE NEXT.

COMPUTER SYSTEMS OPERATING SYSTEMS AND SOFTWARE NEXT.
Chapter 5 Operating Systems. 5 The Operating System When working with multimedia, the operating system is perhaps the most important, the most complex,

Chapter 5 Operating Systems. 5 The Operating System When working with multimedia, the operating system is perhaps the most important, the most complex,
1 Information Security Standards Gary Gaskell © 2001.

1 Information Security Standards Gary Gaskell © 2001.
Lecture 6a - Overview of operating systems CSCI102 - Introduction to Information Technology B ITCS905 - Fundamentals of Information Technology.

Lecture 6a - Overview of operating systems CSCI102 - Introduction to Information Technology B ITCS905 - Fundamentals of Information Technology.
Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.

Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.
Unix Systems Administration 1Y. K. Chang UNIX History 4 1965: Bell Lab joined with GEC and Project MAC of MIT to develop Multics: multi-user and data-sharing.

Unix Systems Administration 1Y. K. Chang UNIX History : Bell Lab joined with GEC and Project MAC of MIT to develop Multics: multi-user and data-sharing.
Operating Systems Or why is Bill Gates so rich? Computers Mr. Specter Steel Valley High School Or why is Bill Gates so rich? Computers Mr. Specter Steel.

Operating Systems Or why is Bill Gates so rich? Computers Mr. Specter Steel Valley High School Or why is Bill Gates so rich? Computers Mr. Specter Steel.
Introducing Linux 1 st AUT GNU/Linux Festival Computer Engineering & IT Department Bahador Bakhshi.

Introducing Linux 1 st AUT GNU/Linux Festival Computer Engineering & IT Department Bahador Bakhshi.
Operating Systems Every computer has two fundamental components: hardware and software The term hardware refers to the physical components inside a computer.

Operating Systems Every computer has two fundamental components: hardware and software The term hardware refers to the physical components inside a computer.
Chapter 4 - Software – Part 2 Dr. V.T. Raja Oregon State University.

Chapter 4 - Software – Part 2 Dr. V.T. Raja Oregon State University.
Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.

Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.
Free and open-source software (also known simply as Free software or Open source software) is software created by loose networks of people (both companies.

Free and open-source software (also known simply as Free software or Open source software) is software created by loose networks of people (both companies.
Brief History of C and Unix Systems Programming Concepts.

Brief History of C and Unix Systems Programming Concepts.
AN INTRODUCTION TO LINUX OPERATING SYSTEM Zihui Han.

AN INTRODUCTION TO LINUX OPERATING SYSTEM Zihui Han.
OPEN OFFICE PREPARED BY: Mantilla, Leia Anjelica A. Pitogo, Adones B. Verdida, Reymond J.

OPEN OFFICE PREPARED BY: Mantilla, Leia Anjelica A. Pitogo, Adones B. Verdida, Reymond J.
Unix Presentation. What is an Operating System An operating system (OS) is a program that allows you to interact with the computer -- all of the software.

Unix Presentation. What is an Operating System An operating system (OS) is a program that allows you to interact with the computer -- all of the software.

Similar presentations

Ads by Google