Upload
dorian-valadez
View
222
Download
0
Embed Size (px)
DESCRIPTION
The Security ProblemProgram ThreatsSystem and Network ThreatsCryptography as a Security ToolUser AuthenticationImplementing Security DefensesFirewalling to Protect Systems and NetworksComputer-Security ClassificationsAn Example: Windows XP
Citation preview
7/21/2019 Section15 Security
1/29
15: Security 1
Jerry Breecher
OPERATING SYSTEMS
SECURITY
7/21/2019 Section15 Security
2/29
15: Security 2
SECURITYIn This Ch!ter:
The Security Problem
Program Threats
System and Network Threats
Cryptography as a Security ToolUser Authentication
Implementing Security Deenses
!irewalling to Protect Systems and Networks
Computer"Security Classiications
An #$ample% &indows 'P
7/21/2019 Section15 Security
3/29
15: Security "
SECURITYSECURITY ISSUES:
E#tern$protection o a system( A classiied site goes to e$traordinary lengths to keep thingsphysically tight( Among the issues to be considered%
Unuth%ri&e' ccess )echanism assuring only authori*ed indi+iduals see classiiedmaterials(
M$ici%us modiication or destruction
Acci'ent$ introduction o inconsistency(
Authenticti%n ,ow do we know the user is who she says she is( Can ha+epasswords on domains(
Pr%tecti%n %( !ss)%r's is diicult( Issues include% It-s +ery easy to guess passwords since people use simple and easily remembered
words(
Need e$ists to change passwords continually(
.imiting number o tries beore locking up(
7/21/2019 Section15 Security
4/29
15: Security *
SECURITY Security IssuesTr%+n ,%rse: A piece o code that misuses its en+ironment( The program seems
innocent enough/ howe+er when e$ecuted/ une$pected beha+ioroccurs(
Tr! -%%rs: Inserting a method o breaching security in a system( !or instance/
some secret set o inputs to a program might pro+ide special pri+ileges(
Thret .%nit%rin/: .ook or unusual acti+ity( 0nce access is gained/ how do you identiy
someone acting in an unusual ashion1
Au'it 0%/% 2ecord time/ user/ and type o access on all ob3ects( Trace problemsback to source(
%r.s Use spawning mechanism4 standalone programs(
Internet %r.: In the Internet worm/ 2obert )orse e$ploited UNI' networking eatures
5remote access6 as well as bugs in inger and sendmail programs(
7rappling hook program uploaded main worm program(
iruses !ragment o code embedded in a legitimate program( )ainly eectspersonal PC systems( These are oten downloaded +ia e"mail or as
acti+e components in web pages(
3ire)$$ A mechanism that allows only certain traic between trusted and un"
trusted systems( 0ten applied to a way to keep unwanted internet
traic away rom a system(
7/21/2019 Section15 Security
5/29
15: Security 5
SECURITY
ATTAC4 MET,O-S:
Attacks on a distributed system include%
Passi+e wiretapping( 5 unauthori*ed interception8reading o messages 6
Acti+e wiretapping%
M%'i(icti%n Changing a portion o the message(
S!uri%us.ess/es Introducing bogus messages with +alid addresses andconsistency criteria(
Sitei.!ers%nti%n Claiming to be some other logical node(
Re!$y o pre+ious transmission " repeating pre+ious +alid messages(5or e$ample/ authori*ation o cash withdrawal(6
Ty!ic$ Security Attcs
7/21/2019 Section15 Security
6/29
15: Security 6
SECURITY
ATTAC4 MET,O-S:
Ty!ic$ Security Attcs
7/21/2019 Section15 Security
7/29
15: Security 7
SECURITY
ATTAC4 MET,O-S:
Tro3an ,orse
Code segment that misuses its en+ironment
#$ploits mechanisms or allowing programs written by users to be
e$ecuted by other users
S!y)re8 !%!9u! r%)ser )in'%)s8 c%;ert chnne$s
Trap Door
Speciic user identiier or password that circum+ents normal security
procedures
Could be included in a compiler
.ogic 9omb
Program that initiates a security incident under certain circumstances
Stack and 9uer 0+erlow
#$ploits a bug in a program 5o+erlow either the stack or memory buers6
Ty!ic$ Security Attcs
7/21/2019 Section15 Security
8/29
15: Security >
P.C CPU with three I80
modules attached
http://en.wikipedia.org/wiki/Stuxnethttp://en.wikipedia.org/wiki/Stuxnet7/21/2019 Section15 Security
13/29
15: Security 1"
SECURITY Authenticti%n
Password stealing
; #asiest way is through social meansake deposit slips
easily guessable passwords
calling people on the phone and asking or passwords 5or Credit Card numbers/ or that
matter6
; Technological approaches also
simple one% lea+e program running on a terminal that akes the login
se@uence( Capture user name and password to a ile and then e$it
with a ake error message/ returning control to the real login process
; Uni$ password iles used to be openly a+ailable 5encrypted password6( .ends itsel to brute"
orce cracking( Unortunately some programs re@uire access to the password ile to run 5e(g(/mail6also unortunately Uni$ only uses irst eight characters o password
SecurID ; uses a preprogrammed string o characters
7/21/2019 Section15 Security
14/29
15: Security 1*
SECURITY Authenticti%n
Password stealing
; #asiest way is through social meansake deposit slips
easily guessable passwords
calling people on the phone and asking or passwords 5or Credit Card numbers/ or that
matter6
; Technological approaches also
simple one% lea+e program running on a terminal that akes the login
se@uence( Capture user name and password to a ile and then e$it
with a ake error message/ returning control to the real login process
; Uni$ password iles used to be openly a+ailable 5encrypted password6( .ends itsel to brute"
orce cracking( Unortunately some programs re@uire access to the password ile to run 5e(g(/mail6also unortunately Uni$ only uses irst eight characters o password
SecurID ; uses a preprogrammed string o characters
7/21/2019 Section15 Security
15/29
15: Security 15
SECURITY NSA E#!$%itti%n
#dward Snowden made public documents that re+eal 7o+ernment agencies%
consider it essential to be able to +iew encrypted data
ha+e adopted a battery o methods in their assault on this biggest threats
Those methods includecontrol o+er setting o international encryption standards/
the use o supercomputers to break encryption with brute orce/
Collaboration with technology companies and internet ser+ice pro+iders themsel+es
E)an in the middleF attacks on the communication channels themsel+es(
7/21/2019 Section15 Security
16/29
15: Security 16
SECURITY
-E3INITIONS:
Encry!ti%n%
C ? E@ M8 4e
# G #ncyphering Algorithm) G )essage " plain te$t
He G #ncryption key
C G Cyphered te$t
-ecry!ti%n%
M ? -@ C8 4'
D G Decyphering Algorithm
Hd G Decryption key
Cry!t%/r!hy
7/21/2019 Section15 Security
17/29
15: Security 17
SECURITY-E3INITIONS:
Cry!t%syste.s re either C%n;enti%n$ %r Pu$ic 4ey Con+entional is symmetric4 He G Hd / so the key must be kept secret( Algorithms
are simple to describe/ but comple$ in the number o operations(
Public key is asymmetric4 He G Hd / so He can be made public( Hd is secret andcan-t easily be deri+ed rom He (
Securityagainst attack is either% Unc%n'iti%n$$y secure " He can-t be determined regardless o a+ailable
computational power(
C%.!utti%n$$y secure: " calculation o Hd is economically uneasible 5 it wouldo+erwhelm all a+ailable computing acilities(6
The only known unconditionally secure system in common use
In+ol+es a random key that has the same length as the plain te$t to be encrypted(
The key is used once and then discarded( The key is e$clusi+ely 02-d with themessage to produce the cypher(
7i+en the key and the cypher/ the recei+er uses the same method to reproduce themessage(
Cry!t%/r!hy
7/21/2019 Section15 Security
18/29
15: Security 1 Q He Q .5n6 is computed rom.5n6 and Hd such that He O Hd G ? 5mod .5n66(
SECURITY Pu$ic 4ey Cry!t%syste.s
0et ! ? "8 ? 11
n ? " D 11 ? ""
0@n ? @ ! 9 1 @ 9 1 ? 2>
Ch%%se 4' F 11 n' !ri.e t% 2>
Ch%%se 4' ? 1"
> 4e 2>
4e ? 17 @since 17 D 1" ? 221 ? 1 @ .%' 2>
7/21/2019 Section15 Security
23/29
15: Security 2"
AN EAMP0E:
Se!rte the te#t t% e enc%'e' int% chuns )ith ;$ues > 9 @ n 9 1
SECURITY Pu$ic 4ey Cry!t%syste.s
In %ur e#.!$e8 )eH$$ use s!ce ? >8 A ? 18 B ? 28 C ? "8 - ? *8 E ? 5 F
Then B A - s!F B E E 99F 21 >* >> 25 >5
21 17 @ .%' "" ? 21 21 1" @ .%' "" ? 21
>* 17 @ .%' "" ? 16 16 1" @ .%' "" ? >*
>> 17 @ .%' "" ? >> >> 1" @ .%' "" ? >>
25 17 @ .%' "" ? "1 "1 1" @ .%' "" ? 25
>5 17 @ .%' "" ? 1* 1* 1" @ .%' "" ? >5
This )h%$e %!erti%n )%rs ecuse8 th%u/h n n' 4e re n%)n8 ! n' re n%t
!u$ic Thus 4' is hr' t% /uess
KN%te: recent$y 1>> 'i/it nu.er )s success(u$$y (ct%re' int% t)% !ri.e nu.ersL
7/21/2019 Section15 Security
24/29
15: Security 2*
AUT,ENTICATION AN- -IGITA0 SIGNATURES:
Sen'er Authenticti%n:In a public key system/ how does the recei+er know who sent a message 5since the recei+er-sencryption key is public61
Suppose Asends message Mto B%
A D#C2RPTS M using AHs 4'@A ( A attaches its identiication to the message(
c A #NC2RPTS the entire message using BHs encryption/ 4e@B
C ? E @ @ A8 -@ M8 4'@A 8 4e@B
' Bdecrypts using its pri+ate key 4'@Ato produce the pair A8 -@ M8 4'@A
e6 Since the proclaimed sender is A/ Bknows to use the public encryption key 4e@A(
C!tureRe!$y
In this case/ a third party could capture 8 replay a message(
The solution is to use a rapidly changing +alue such as time or a se@uence number as part othe message(
SECURITY Pu$ic 4ey Cry!t%syste.s
7/21/2019 Section15 Security
25/29
15: Security 25
)an"in"the"middle Attack
on AsymmetricCryptography
SECURITY Pu$ic 4ey Cry!t%syste.s
Sender
2ecei+er
,ere are the attack steps or this scenario%
?(Sender wishes to send a message to
2ecei+er(
=(S asks 2 or its encryption key(
B(&hen 2 returns key/ that key is
intercepted by the attacker who substitutes
her key(
(Sender encrypts message using this
bogus key and returns it(
J(Since the attacker is the owner o this
bogus key/ the attacker can read themessage(
7/21/2019 Section15 Security
26/29
15: Security 26
Insertion o cryptography at one layer o the IS0 network model 5the transport layer6
SS. ; Secure Socket .ayer 5also called T.S6
Cryptographic protocol that limits two computers to only e$change messages witheach other
:ery complicated/ with many +ariations
Used between web ser+ers and browsers or secure communication 5credit cardnumbers6
The ser+er is +eriied with a certi(icte assuring client is talking to correct ser+er
Asymmetric cryptography used to establish a secure sessi%n ey5symmetricencryption6 or bulk o communication during session
Communication between each computer uses symmetric key cryptography
SECURITY E#.!$e 9 SS0
7/21/2019 Section15 Security
27/29
15: Security 27
Security is based on user accounts
#ach user has uni@ue security ID .ogin to ID creates security ccess t%en
Includes security ID or user/ or users groups/ and special
pri+ileges
#+ery process gets copy o token
System checks token to determine i access allowed or denied
Uses a sub3ect model to ensure access security( A sub3ect tracks and
manages permissions or each program that a user runs
#ach ob3ect in &indows 'P has a security attribute deined by a security
descriptor
!or e$ample/ a ile has a security descriptor that indicates the
access permissions or all users
SECURITY E#.!$e in'%)s 7
7/21/2019 Section15 Security
28/29
15: Security 2