IT3004 - Operating Systems and Computer Security 05 - General Purpose Operating Systems
IT3004 - Operating Systems and Computer Security 05 - General Purpose Operating Systems
Computer Security
General Purpose Operating Systems
Operating System
Multi user
Multi tasking
Access control
◦ Controlling shared access
◦ Interface to allow that access
Protected Objects
Memory
Files on auxiliary storage
I/O devices
Programs and sub procedures
Networks
Data
◦ Supported by hardware
Separation
Keeping one user's objects separate from
other users
◦ physical separation: Different processes use
different physical objects-separate printers for
different levels of security
◦ temporal separation: processes having different
security requirements are executed at different
times
◦ logical separation: users operate under the illusion
that no other processes exist
◦ cryptographic separation: processes cover their data
and computations
Sharing
Do not protect
Isolate
Drawback
◦ Space always reserved
Variable Fence Register
Operating system can be protected
Impossible to change the starting address
Relocation
Application began at address 0
Relocate all address reflect in actual memory
Fence register
Base & Bounds Registers
Base register (Variable fence)
◦ starting address
Bounds register
◦ upper address limit
context switch
◦ OS perform
◦ Change in execution
◦ Change register contents
base and bounds
Drawbacks
◦ Shared subprogram from a common library
Tagged Architecture
Word memory has extra bits
Identify the access rights
Set by privileged instructions
◦ (operating system)
Segmentation
Dividing a program into separate pieces
Fixed size segments
Code or data within a segment is addressed
Security benefits
◦ Each address reference is checked for protection.
◦ Different classes of data items can be assigned different levels of
protection.
◦ Users can share access to a segment, with different access rights.
◦ A user cannot generate an address or access to an unpermitted
segment
Segmentation
Dynamic data structures
Program can generate a reference to a invalid
◦ Objects
◦ Subjects
◦ Unique owner - possesses "control" access rights
Directory
User wise
Maintained by OS
Rights
◦ Read
◦ Write
◦ Execute
◦ Owner
Directory
Disadvantages
◦ Deferent directory for each user
◦ Large data structures
◦ Entry for unwanted objects
◦ Time consuming operations
◦ Two entries under the same name for different files
Directory
A:F (or B:F)
Rename by third user
Access Control List
One list for each object
One directory for each subject
Access Control Matrix
<subject, object, rights>
Capability
keep track of the access rights of subjects to
objects during execution
Ticket giving permissions
Access to an object
Un-forgeable
access
Collection of capabilities
Procedure Calls
Calling sub procedure
Deferent domain
Passing rights
◦ R,RW
OS create New capabilities
Procedure based Access Control
Procedure that controls access to objects
Accesses to an object be made through a
trusted interface
Users or general operating system routines
cant access
No simple, fast access
Role Based Access Control
Deferent users
◦ Administrators
◦ Users or guests
Associate privileges
◦ Users
◦ Groups
◦ Drawbacks
Lack of trust
Too coarse- not possible to configure selected users
Rise of sharing
Complexity
File listings
File Protection Mechanisms
Group Protection
◦ User groups
◦ Common requirements
Common project
Department
class
◦ Drawbacks
Group affiliation - single user in two groups.
Multiple personalities- redundant , inconvenient
Limited sharing
File Protection Mechanisms
Individual Permissions
◦ Persistent permissions
Number of access lists
Revocation is not easy
◦ Temporary Acquired Permission
Temporarily acquires access permission
Only for execution of the program
Per-Object & Per-User Protection
User Authentication
Something the user knows
◦ Passwords, PIN numbers
Something the user has
◦ Driver's license
Something the user is –biometrics
◦ Fingerprint
◦ Voice pattern
◦ Retina and iris
Passwords
Problems
◦ Loss
forgotten password
◦ Use
Password for each access
Time consuming
◦ Disclosure
Unauthorized individual
◦ Revocation.
Change password
Additional Authentication
Multifactor authentication
◦ Department
◦ Branch
◦ Workstation
◦ Time period
Attacks on Passwords
Try all possible passwords
◦ Exhaustive or brute force attack
Try frequently used passwords
◦ Qwe,asd
Try passwords likely for the user
◦ Meaningful to user
Search for the system list of passwords
Ask the users
Good Practice
Good passwords
Choose long passwords
Avoid meaningful words
Unlikely password
Change the password regularly
Don't write it down
Don't tell anyone else
Loose-Lipped Systems
◦ Break key
◦ Ctrl+Alt+Del