Software Types

Operating Systems
◦ Also called Systems Software
◦ Manage the computer resources
◦ Ex: Linux, Windows, MacOS

Applications Software
◦ Specific tasks
◦ Rely on OS
◦ Ex: MS Office, CAD/CAM, PhotoShop
OS Types

 IBM 370
Mainframes
 SunOS, VAX
Workstations
 Win Server 2008
Servers
Personal Computers  Windows, MacOS
 Windows CE
Mobile Devices
Real Time
 pSOS

Embedded






Embedded NT,
embedded Linux
3/11/2016
Live Chat 7
2
Operating System Functions

Access Control
◦ Who can access resources.

Identity and credential management
◦ Account management and verification.
Information flow.
 Audit and Integrity protection.

◦ Logs & permissions.
What needs Protection?
Memory.
 I/O devices: disks
 Re-useable I/O devices: printers.
 Programs and sub-processes.
 Networks.
 Data.

Security Methods of Operating Systems

Separation: basis of protection
◦ Physical: different devices for different security
levels.
◦ Temporal: processes execute at different
times.
◦ Logical: illusion that a user is operating alone.
◦ Cryptographic: conceal data and
computations.

Only half the answer
◦ must share some objects.
Protection Levels
Do not protect.
 Isolate: processes unaware of each other.
 Share all or share nothing. Owner
declares.
 Share via access limitation: OS checks.
 Share by capabilities: dynamic creation of
sharing rights for objects.
 Limit use of object: view but not print.

Protection Ring Model
UNIX Operating System Security



Root Accounts
◦ Sudo an alternative.
Permissions
◦ -rwxr--r-- /etc/passwd
◦ Owner, group, world.
SUID
◦ -rwSrwxrwx 1 root wheel 3412 Jan 1 2011
program.sh
◦ Dangerous, anyone can edit and execute as root.
UNIX Operating System Security
Iptables: Host based firewall.
 OSSEC: Host based intrusion detection.
 AIDE: log monitoring.
 Only run required services

◦ Center for Internet Security
 Instructions to lock down and secure most operating systems.

Extra secure operating systems
◦ SELinux: security enhanced Linux with security modules.
◦ OpenBSD: listed #1 in a top ten list.
Windows OS Security
Firewall: turn it on.
 Automatic updates: set a time.
 Anti-Virus: must have.
 Anti-Spyware: good to have.
 HIDS: 3rd party products.
 Event Monitoring: centralize logging.
 User Permissions: audit permissions.

Windows Security Tools
Secunia: monitor for product patches.
 AVG: free Anti-virus.
 Malwarebytes: anti-malware.
 Spybot Search and Destroy: rm spyware.
 JavaRA & PureRA: keep java up to date.
 Parental/worker controls: block web sites.
 Use at your own risk.

Memory Protection

Protect the memory space of data &
programs.
◦ Fence: confine to one side of a boundary.
◦ Fence Register: address at the end of the
Operating System.
 Restrictive, too much memory could be reserved.

Variable fence register: location can change
◦ Protects in one direction. Users compete for
Memory.
Figure 4-1 Fixed Fence.
Figure 4-2 Variable Fence Register.
Figure 4-3 Pair of Base/Bounds Registers.
Variable Register = Base Register
Figure 4-4 Two Pairs of Base/Bounds Registers.
Tagged Architecture
Base/bounds registers are all or nothing.
 Tagged Architecture

◦ Every word of memory is tagged with extra
bits to identify access rights to the word.
◦ Compatibility of code can be a problem.
Figure 4-5 Example of Tagged Architecture.
Segmentation

Divide a program into separate pieces
◦
◦
◦
◦
Code of a procedure, an array, data values.
Each piece can have its own access rights.
A segment has a name and an offset value.
Usually one OS segment address table per
executing process.
◦ Segments can exist at any location, can be
moved and can be checked for protection.
Figure 4-6 Logical and Physical Representation
of Segments.
Figure 4-7 Translation of Segment Address.
Paging a Segmentation Alternative
Divide program into equal-sized pieces.
 Memory divided into equal-sized page
frames so no fragmentation concerns.
 Operating System maintains a table of
pages to true memory address.
 Programmers do not have to worry about
page boundaries unlike segmentation.

Figure 4-8 Page Address Translation.
Combine Paging & Segmentation
Paging offers implementation efficiency.
 Segmentation offers logical protection.
 Combine them to form paged
segmentation.

◦ Program divided into logical segments
◦ Break each segment into fixed page sizes.
◦ Hardware improvement improved efficiency
for paged segmentation.
Figure 4-9 Paged Segmentation.
Directory Access
Each user controls access to their files.
 Each user has their own directory.

◦ Also has copies of files they can access.
Permissions: Read, Write, eXecute.
 Difficulty if there are many shared objects.

◦ Space consumption.

Revocation of access can be time consuming.
◦ Given the number of copies.
Figure 4-10 Directory Access.
Alternative Access Paths

Directory problems with pseudonyms.
◦ Owners have files with same name.
◦ Want to grant access to these files to another
user.
◦ Multiple permissions may exist to same object
for a single user.
◦ The directory approach is considered too
simple for most object protection situations.
Figure 4-11 Alternative Access Paths.
Access Control Lists
One list maintained for each object.
 List shows all subjects with access.
 One access control list per object.
 Each subject has a directory.
 ACLs use wild cards “*”.

Figure 4-12 Access Control List.
Domains and Name Space
A capability is an unforgettable token allowing
certain rights to an object.
 Each capability identifies a single object in a
domain.
 A domain is a collection of objects which a
process has access too.
 A user may have access to a domain which
includes programs, files, data, I/O devices.

Figure 4-13 Process Execution Domain.
Domain Object Passing





A collection of capabilities defines a domain.
Calling a sub-procedure can pass objects.
Capabilities are a straight forward way to track
of access rights during execution.
capabilities backed up by control matrix or an
access control list.
Capabilities must be stored in memory
inaccessible to users.
Figure 4-14 Passing Objects to a Subject.
AAA Authentication Authorization and
Accountability





Identity is often left out. Should be IAAA
Identity is a claim. “I am So&So”
Authentication is proving an identity claim.
◦ Password, 2-factor, credentials.
Authorization defines what you can do
Accountability hold users accountable for their
actions.
◦ Logging, auditing.
Triple A Model
Authentication
Authorization
Accounting
Source: Jayaswal, K. (2006). Administering data centers: Servers,
storage, and voice over IP. Indianapolis, IN: Wiley Publishing, Inc.
3/11/2016
Live Chat 10
37
AAA

Authentication
◦ Who you are

Authorization
◦ What you are permitted to do

Accounting
◦ What you actually did
Source: Jayaswal, K. (2006). Administering data centers: Servers, storage, and
voice over IP. Indianapolis, IN: Wiley Publishing, Inc.
3/11/2016
Live Chat 10
38
Authentication

Authentication is the process used to
identify who you are based on:
◦ User name/password combination
◦ Certificates
◦ Biometrics
 Fingerprints
 Retina scan
 Other?
Source: Jayaswal, K. (2006). Administering data centers: Servers, storage, and
voice over IP. Indianapolis, IN: Wiley Publishing, Inc.
3/11/2016
Live Chat 10
39
Authentication

Password-based authentication
◦ User name/password

Token-based authentication
◦ One-time password generated by encrypting a time
stamp with secret key (SecurID)

Digital Certificate-based authentication
◦ Electronic or digital certificate
◦ Contains public key, user information, issuer’s
information, and valid period
Source: Jayaswal, K. (2006). Administering data centers: Servers, storage, and
voice over IP. Indianapolis, IN: Wiley Publishing, Inc.
3/11/2016
Live Chat 10
40
Authorization Process
As users attempt to gain access to
network resources, credentials are
presented
 Request sent to an AAA server
 Server authenticates user and determines
authorization
 Accounting keeps track of resource usage

Source: Jayaswal, K. (2006). Administering data centers: Servers, storage, and
voice over IP. Indianapolis, IN: Wiley Publishing, Inc.
3/11/2016
Live Chat 10
41
Authentication Mechanisms

Something the user knows
◦ Password, pass phrase, PIN, a secret.

Something the user has:
◦ Badge, keys, identification, token.

Something the user is
◦ Biometrics

2-Factor: require two of the above.
Figure 4-15 Users’ Password Choices.
Password Attacks






Password cracking: John-the-ripper
Brute force attacks: take time, effective.
Rainbow Table: a database of password hash values.
Hybrid attack: append or pre-pend characters before
hashing.
◦ Attack against complex passwords.
Dictionary attacks: use word lists.
Salt: a random value used when creating password
hashes.
Biometrics
Enrollment: registering with the system.
 Throughput: how long to authenticate. 6-10
 Accuracy
◦ False Rejection Rate(FRR)
 Authorized subject rejected
◦ False Accept Rate
 Unauthorized person accepted as valid
◦ Crossover Error Rate: accuracy
 Where FRR =FAR

Biometric Devices







Retina Scan: laser scan of capillaries.
Iris Scan: passive, high accuracy, each iris is unique, no
body fluids exchanged.
Hand Geometry: specific points on hand.
Keyboard dynamics: measure pressure and rhythm.
Dynamic Signature: how a person signs their name.
Voice Print: tone of voice. Vulnerable to a replay
attack.
Facial scan: high cost. Used at Super Bowl to identify
criminals.
Discussion Questions

Biometric Objections.
◦ What are some reasons people are reluctant
to use biometrics?
◦ How can you counter these objections?