Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Chap 4

advertisement 
Chap4: Protection in GeneralPurpose Operating Systems
 Protection
features provided by generalpurpose operating systems: protecting
memory, files, and the execution
environment
 Controlled access to objects
 User authentication
SE571 Security in Computing
Dr. Ogara
2
 Functions
• access control
• identity and credential management
• information flow
• audit and integrity protection
 Each
of these activities has security
implications
SE571 Security in Computing
Dr. Ogara
3
 Protection
can be built into the hardware
mechanisms that control efficient use of
memory
SE571 Security in Computing
Dr. Ogara
4
 Types
of memory protection
• Fences
• Relocation
• Base/bound registers
• Tagged architecture
• Segmentation
• Paging
• Combined paging with segmentation
SE571 Security in Computing
Dr. Ogara
5
 Fence
• Used to confine users to one side of a boundary
• Simplest form of memory protection was
introduced in single-user operating systems
• Provide a lower bound (a starting address) but
not an upper one
• Fences may be fixed or variable
SE571 Security in Computing
Dr. Ogara
6
• Problem
 very restrictive because a predefined amount of
space was always reserved for the operating system,
whether it was needed or not. If less than the
predefined space was required, the excess space was
wasted. Conversely, if the operating system needed
more space, it could not grow beyond the fence
boundary.
SE571 Security in Computing
Dr. Ogara
7
 Fixed
Fence
• Used to confine users to one side of a boundary
• simplest form of memory protection was
introduced in single-user operating systems
SE571 Security in Computing
Dr. Ogara
8
 Variable
Fence
• Uses fence register containing the address of the
end of the operating system.
• location of the fence can be changed
• A fence register protects only in one direction. In
other words, an operating system can be
protected from a single user, but the fence
cannot protect one user from another user
SE571 Security in Computing
Dr. Ogara
9
Figure 4-1 Fixed Fence.
SE571 Security in Computing
Dr. Ogara
10
Figure 4-2 Variable Fence Register.
SE571 Security in Computing
Dr. Ogara
11
 Relocation
• process of taking a program written as if it
began at address 0 and changing all addresses
to reflect the actual address at which the
program is located in memory
SE571 Security in Computing
Dr. Ogara
12
 Base/Bounds
Registers /Second
Registers
• Upper address limit, in the same way that a base
or fence register is a lower address limit
• Provides an upper bound that can be useful in
knowing how much space is allotted and in
checking for overflows into “forbidden” areas
• Protects outside users from errors in any other
user’s program
SE571 Security in Computing
Dr. Ogara
13
Figure 4-3 Pair of Base/Bounds Registers.
SE571 Security in Computing
Dr. Ogara
14
 Tagged
Architecture
• every word of machine memory has one or more
extra bits to identify the access rights to that
word
SE571 Security in Computing
Dr. Ogara
15
Figure 4-5 Example of Tagged Architecture.
SE571 Security in Computing
Dr. Ogara
16
 Segmentation
• Involves the simple notion of dividing a program
into separate pieces. Each piece has a logical
unity, exhibiting a relationship among all of its
code or data values
• Allows a program to be divided into many
pieces having different access rights
• Each segment has a unique name
SE571 Security in Computing
Dr. Ogara
17
 Segmentation
• Security benefits
 Segmentation offers these security benefits:
 Each address reference is checked for protection.
 Many different classes of data items can be assigned
different levels of protection.
 Two or more users can share access to a segment,
with potentially different access rights.
 A user cannot generate an address or access to an
unpermitted segment.
SE571 Security in Computing
Dr. Ogara
18
 Paging
• program is divided into equal-sized pieces
called pages, and memory is divided into equalsized units called page frames
• all pages in the paging approach are of the same
fixed size, so fragmentation is not a problem
• Each page can fit in any available page in
memory, and thus there is no problem of
addressing beyond the end of a page
SE571 Security in Computing
Dr. Ogara
19
 Combined
Paging with Segmentation
• Combines two approaches
• Paging offers implementation efficiency, while
segmentation offers logical protection
characteristics
SE571 Security in Computing
Dr. Ogara
20
 Objects
which need protection
• memory
• a file or data set on an auxiliary storage device
• an executing program in memory
• a directory of files
• a hardware device
• a data structure, such as a stack
SE571 Security in Computing
Dr. Ogara
21
 Objects
which need protection
• a table of the operating system
• instructions, especially privileged instructions
• passwords and the user authentication
mechanism
• the protection mechanism itself
SE571 Security in Computing
Dr. Ogara
22
 Directory
• Works like file directory
• Listing of objects accessible by a single subject
• Each user has a file directory, which lists all the
files to which that user has access.
• Every file has a unique owner who possesses
“control” access rights
• Rights to files: read, write, and execute
SE571 Security in Computing
Dr. Ogara
23
Figure 4-10 Directory Access.
SE571 Security in Computing
Dr. Ogara
24
 Access
Control List
• A table identifying subjects that can access a
single object
• Each object and the list shows all subjects who
should have access to the object and what their
access is
• Each object has one access control list
• Directory is created for each object
SE571 Security in Computing
Dr. Ogara
25
Figure 4-12 Access Control List.
SE571 Security in Computing
Dr. Ogara
26
 Access
Control Matrix
• A table in which each row represents a subject,
each column represents an object, and each
entry is the set of access rights for that subject to
that object
• Most subjects do not have access rights to most
objects
• Implementation is rarely used
SE571 Security in Computing
Dr. Ogara
27
 Capability
• Is an unforgeable token that gives the possessor
certain rights to an object
• Is a ticket that gives permission to a subject to
have a certain type of access to an object
• For the capability to offer solid protection, the
ticket must be unforgeable
SE571 Security in Computing
Dr. Ogara
28
 Kerberos
• Kerberos implements both authentication and
access authorization by means of capabilities,
called tickets, secured with symmetric
cryptography
• Requires two systems, called the authentication
server (AS) and the ticket-granting server (TGS),
which are both part of the key distribution center
(KDC)
SE571 Security in Computing
Dr. Ogara
29
 Kerberos
• A user presents an authenticating credential (a
password) to the authentication server and
receives a ticket (encrypted) showing that the
user has passed authentication
• Uses shared encryption keys
• Implements single sign-on
 user signs on once and after that user’s actions are
authorized without the user signing on again.
SE571 Security in Computing
Dr. Ogara
30
 Procedure-Oriented
Access Control
• Procedure that controls access to objects
• Procedure forms a capsule around the object,
permitting only certain specified accesses
• Implements the principle of information hiding
because implementing an object are known only
to the object’s control procedure
SE571 Security in Computing
Dr. Ogara
31
 Role-Based
Access Control
• Allows us to associate privileges with groups, for
example, administrators vs. regular users (lower
privilege)
SE571 Security in Computing
Dr. Ogara
32
 Forms
of Protection
• All-none protection
 User can read, modify, or delete a file belonging to
any other user/OS files
SE571 Security in Computing
Dr. Ogara
33
 Forms
of Protection
• Group protection
 Identify group of users, for example, Windows




Administrators
Power users
Users
Guests
 A user is recognized by two identifiers (usually
numbers): a user ID and a group ID
SE571 Security in Computing
Dr. Ogara
34
 Individual
Permissions
• Persistent permissions
• Temporary acquired permissions
• Per-object and per-user protection
SE571 Security in Computing
Dr. Ogara
35
 Authentications
in organizations and
systems
• Documents
• Voice recognition
• Fingerprint
• Retina matching
SE571 Security in Computing
Dr. Ogara
36
 Authentications
uses any of three qualities
to confirm a user’s identity
• Something the user knows - Passwords, PIN numbers,
passphrases, a secret handshake, and mother’s
maiden name are examples of what a user may know.
• Something the user has- Identity badges, physical
keys, a driver’s license, or a uniform are common
examples of things people have that make them
recognizable.
• Something the user is(biometrics) - are based on a
physical characteristic of the user, such as a
fingerprint, the pattern of a person’s voice, or a face
(picture).
SE571 Security in Computing
Dr. Ogara
37
Related documents
Chapter 4-1
Chapter 4-1
Suppose you wanted to construct a fence around a
Suppose you wanted to construct a fence around a
CS 4803 Computer and Network Security
CS 4803 Computer and Network Security
Protected Objects and Methods of Protection with narration
Protected Objects and Methods of Protection with narration
A farmer has a rectangular piece of property that
A farmer has a rectangular piece of property that
Learning activity section 4.5 part I
Learning activity section 4.5 part I
Build a Better Dog Pen
Build a Better Dog Pen
Oil spill essay - UNIS Hanoi Blogs
Oil spill essay - UNIS Hanoi Blogs
Stats – Modified Boxplots Worksheet
Stats – Modified Boxplots Worksheet
Download
advertisement