Section15 Security

7/21/2019 Section15 Security

1/29

15: Security 1

Jerry Breecher

OPERATING SYSTEMS

SECURITY


2/29

15: Security 2

SECURITYIn This Ch!ter:

The Security Problem

Program Threats

System and Network Threats

Cryptography as a Security ToolUser Authentication

Implementing Security Deenses

!irewalling to Protect Systems and Networks

Computer"Security Classiications

An #$ample% &indows 'P


3/29

15: Security "

SECURITYSECURITY ISSUES:

E#tern$protection o a system( A classiied site goes to e$traordinary lengths to keep thingsphysically tight( Among the issues to be considered%

Unuth%ri&e' ccess )echanism assuring only authori*ed indi+iduals see classiiedmaterials(

M$ici%us modiication or destruction

Acci'ent$ introduction o inconsistency(

Authenticti%n ,ow do we know the user is who she says she is( Can ha+epasswords on domains(

Pr%tecti%n %( !ss)%r's is diicult( Issues include% It-s +ery easy to guess passwords since people use simple and easily remembered

words(

Need e$ists to change passwords continually(

.imiting number o tries beore locking up(


4/29

15: Security *

SECURITY Security IssuesTr%+n ,%rse: A piece o code that misuses its en+ironment( The program seems

innocent enough/ howe+er when e$ecuted/ une$pected beha+ioroccurs(

Tr! -%%rs: Inserting a method o breaching security in a system( !or instance/

some secret set o inputs to a program might pro+ide special pri+ileges(

Thret .%nit%rin/: .ook or unusual acti+ity( 0nce access is gained/ how do you identiy

someone acting in an unusual ashion1

Au'it 0%/% 2ecord time/ user/ and type o access on all ob3ects( Trace problemsback to source(

%r.s Use spawning mechanism4 standalone programs(

Internet %r.: In the Internet worm/ 2obert )orse e$ploited UNI' networking eatures

5remote access6 as well as bugs in inger and sendmail programs(

7rappling hook program uploaded main worm program(

iruses !ragment o code embedded in a legitimate program( )ainly eectspersonal PC systems( These are oten downloaded +ia e"mail or as

acti+e components in web pages(

3ire)$$ A mechanism that allows only certain traic between trusted and un"

trusted systems( 0ten applied to a way to keep unwanted internet

traic away rom a system(


5/29

15: Security 5

SECURITY

ATTAC4 MET,O-S:

Attacks on a distributed system include%

Passi+e wiretapping( 5 unauthori*ed interception8reading o messages 6

Acti+e wiretapping%

M%'i(icti%n Changing a portion o the message(

S!uri%us.ess/es Introducing bogus messages with +alid addresses andconsistency criteria(

Sitei.!ers%nti%n Claiming to be some other logical node(

Re!$y o pre+ious transmission " repeating pre+ious +alid messages(5or e$ample/ authori*ation o cash withdrawal(6

Ty!ic$ Security Attcs


6/29

15: Security 6

SECURITY

ATTAC4 MET,O-S:



7/29

15: Security 7

SECURITY

ATTAC4 MET,O-S:

Tro3an ,orse

Code segment that misuses its en+ironment

#$ploits mechanisms or allowing programs written by users to be

e$ecuted by other users

S!y)re8 !%!9u! r%)ser )in'%)s8 c%;ert chnne$s

Trap Door

Speciic user identiier or password that circum+ents normal security

procedures

Could be included in a compiler

.ogic 9omb

Program that initiates a security incident under certain circumstances

Stack and 9uer 0+erlow

#$ploits a bug in a program 5o+erlow either the stack or memory buers6



8/29

15: Security >

P.C CPU with three I80

modules attached
http://en.wikipedia.org/wiki/Stuxnethttp://en.wikipedia.org/wiki/Stuxnet


13/29

15: Security 1"

SECURITY Authenticti%n

Password stealing

; #asiest way is through social meansake deposit slips

easily guessable passwords

calling people on the phone and asking or passwords 5or Credit Card numbers/ or that

matter6

; Technological approaches also

simple one% lea+e program running on a terminal that akes the login

se@uence( Capture user name and password to a ile and then e$it

with a ake error message/ returning control to the real login process

; Uni$ password iles used to be openly a+ailable 5encrypted password6( .ends itsel to brute"

orce cracking( Unortunately some programs re@uire access to the password ile to run 5e(g(/mail6also unortunately Uni$ only uses irst eight characters o password

SecurID ; uses a preprogrammed string o characters


14/29

15: Security 1*

SECURITY Authenticti%n

Password stealing

; #asiest way is through social meansake deposit slips

easily guessable passwords

calling people on the phone and asking or passwords 5or Credit Card numbers/ or that

matter6

; Technological approaches also

simple one% lea+e program running on a terminal that akes the login

se@uence( Capture user name and password to a ile and then e$it

with a ake error message/ returning control to the real login process

; Uni$ password iles used to be openly a+ailable 5encrypted password6( .ends itsel to brute"

orce cracking( Unortunately some programs re@uire access to the password ile to run 5e(g(/mail6also unortunately Uni$ only uses irst eight characters o password

SecurID ; uses a preprogrammed string o characters


15/29

15: Security 15

SECURITY NSA E#!$%itti%n

#dward Snowden made public documents that re+eal 7o+ernment agencies%

consider it essential to be able to +iew encrypted data

ha+e adopted a battery o methods in their assault on this biggest threats

Those methods includecontrol o+er setting o international encryption standards/

the use o supercomputers to break encryption with brute orce/

Collaboration with technology companies and internet ser+ice pro+iders themsel+es

E)an in the middleF attacks on the communication channels themsel+es(


16/29

15: Security 16

SECURITY

-E3INITIONS:

Encry!ti%n%

C ? E@ M8 4e

# G #ncyphering Algorithm) G )essage " plain te$t

He G #ncryption key

C G Cyphered te$t

-ecry!ti%n%

M ? -@ C8 4'

D G Decyphering Algorithm

Hd G Decryption key

Cry!t%/r!hy


17/29

15: Security 17

SECURITY-E3INITIONS:

Cry!t%syste.s re either C%n;enti%n$ %r Pu$ic 4ey Con+entional is symmetric4 He G Hd / so the key must be kept secret( Algorithms

are simple to describe/ but comple$ in the number o operations(

Public key is asymmetric4 He G Hd / so He can be made public( Hd is secret andcan-t easily be deri+ed rom He (

Securityagainst attack is either% Unc%n'iti%n$$y secure " He can-t be determined regardless o a+ailable

computational power(

C%.!utti%n$$y secure: " calculation o Hd is economically uneasible 5 it wouldo+erwhelm all a+ailable computing acilities(6

The only known unconditionally secure system in common use

In+ol+es a random key that has the same length as the plain te$t to be encrypted(

The key is used once and then discarded( The key is e$clusi+ely 02-d with themessage to produce the cypher(

7i+en the key and the cypher/ the recei+er uses the same method to reproduce themessage(

Cry!t%/r!hy


18/29

15: Security 1 Q He Q .5n6 is computed rom.5n6 and Hd such that He O Hd G ? 5mod .5n66(

SECURITY Pu$ic 4ey Cry!t%syste.s

0et ! ? "8 ? 11

n ? " D 11 ? ""

0@n ? @ ! 9 1 @ 9 1 ? 2>

Ch%%se 4' F 11 n' !ri.e t% 2>

Ch%%se 4' ? 1"

> 4e 2>

4e ? 17 @since 17 D 1" ? 221 ? 1 @ .%' 2>


23/29

15: Security 2"

AN EAMP0E:

Se!rte the te#t t% e enc%'e' int% chuns )ith ;$ues > 9 @ n 9 1


In %ur e#.!$e8 )eH$$ use s!ce ? >8 A ? 18 B ? 28 C ? "8 - ? *8 E ? 5 F

Then B A - s!F B E E 99F 21 >* >> 25 >5

21 17 @ .%' "" ? 21 21 1" @ .%' "" ? 21

>* 17 @ .%' "" ? 16 16 1" @ .%' "" ? >*

>> 17 @ .%' "" ? >> >> 1" @ .%' "" ? >>

25 17 @ .%' "" ? "1 "1 1" @ .%' "" ? 25

>5 17 @ .%' "" ? 1* 1* 1" @ .%' "" ? >5

This )h%$e %!erti%n )%rs ecuse8 th%u/h n n' 4e re n%)n8 ! n' re n%t

!u$ic Thus 4' is hr' t% /uess

KN%te: recent$y 1>> 'i/it nu.er )s success(u$$y (ct%re' int% t)% !ri.e nu.ersL


24/29

15: Security 2*

AUT,ENTICATION AN- -IGITA0 SIGNATURES:

Sen'er Authenticti%n:In a public key system/ how does the recei+er know who sent a message 5since the recei+er-sencryption key is public61

Suppose Asends message Mto B%

A D#C2RPTS M using AHs 4'@A ( A attaches its identiication to the message(

c A #NC2RPTS the entire message using BHs encryption/ 4e@B

C ? E @ @ A8 -@ M8 4'@A 8 4e@B

' Bdecrypts using its pri+ate key 4'@Ato produce the pair A8 -@ M8 4'@A

e6 Since the proclaimed sender is A/ Bknows to use the public encryption key 4e@A(

C!tureRe!$y

In this case/ a third party could capture 8 replay a message(

The solution is to use a rapidly changing +alue such as time or a se@uence number as part othe message(



25/29

15: Security 25

)an"in"the"middle Attack

on AsymmetricCryptography


Sender

2ecei+er

,ere are the attack steps or this scenario%

?(Sender wishes to send a message to

2ecei+er(

=(S asks 2 or its encryption key(

B(&hen 2 returns key/ that key is

intercepted by the attacker who substitutes

her key(

(Sender encrypts message using this

bogus key and returns it(

J(Since the attacker is the owner o this

bogus key/ the attacker can read themessage(


26/29

15: Security 26

Insertion o cryptography at one layer o the IS0 network model 5the transport layer6

SS. ; Secure Socket .ayer 5also called T.S6

Cryptographic protocol that limits two computers to only e$change messages witheach other

:ery complicated/ with many +ariations

Used between web ser+ers and browsers or secure communication 5credit cardnumbers6

The ser+er is +eriied with a certi(icte assuring client is talking to correct ser+er

Asymmetric cryptography used to establish a secure sessi%n ey5symmetricencryption6 or bulk o communication during session

Communication between each computer uses symmetric key cryptography

SECURITY E#.!$e 9 SS0


27/29

15: Security 27

Security is based on user accounts

#ach user has uni@ue security ID .ogin to ID creates security ccess t%en

Includes security ID or user/ or users groups/ and special

pri+ileges

#+ery process gets copy o token

System checks token to determine i access allowed or denied

Uses a sub3ect model to ensure access security( A sub3ect tracks and

manages permissions or each program that a user runs

#ach ob3ect in &indows 'P has a security attribute deined by a security

descriptor

!or e$ample/ a ile has a security descriptor that indicates the

access permissions or all users

SECURITY E#.!$e in'%)s 7


28/29

15: Security 2

Documents

Section15 Security