1 / 27

File System Security

File System Security. Robert “Bobby” Roy And Chris “Sparky” Arnold. Overview. What we are going to cover Brief History File Systems General Security Practices Specific Practices for File Systems. What is File System Security?.

jalena
Download Presentation

File System Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold

  2. Overview • What we are going to cover • Brief History • File Systems • General Security Practices • Specific Practices for File Systems

  3. What is File System Security? File system security: the policies and procedures for ensuring the protection of one’s files and file systems.

  4. History of File System Security • Roots • Sensitive information was originally kept in file cabinets and other such physical barriers. • Effective at keeping files from those who were not allowed to access them.

  5. History of File System Security • Relevance • Transition from analog to digital file systems. • Ideas put forth in the analog age of file systems are still relevant in digital security. • Barriers • Locks (Passwords) • Authorities (Administrators)

  6. History of File System Security • Networking • File system security became more important to digital systems as they became networked together. • Access to systems and also the files within the systems.

  7. Types of File Systems • Disk • Database • Network • Transactional/Special

  8. Types of File Systems • Disk • A system for organizing and storing files on a physical drive. • Hard Drive, Removable Storage, etc. • Does not have to be directly connected to the computer. • Many Different types • Windows: NTFS, FAT32 (Primitive) • Linux: ext, ext2, ext3, ext3cow, ext4

  9. Types of File Systems • Database • Newer concept of managing files. • Instead of hierarchy or structure, files are sorted by characteristics, type, or other such metadata. An example of a characteristic is Eye Color 

  10. Types of File Systems • Network • Protocol for remote access on a server • Common types: NFS, SMB, AFP, 9P • Similar (Structurally): FTP, WebDAV

  11. Types of File Systems • Transactional/Special • Transactional • Logs events, transactions, or changes • Groups related changes • Used often in banking software • Special • Not Disk or Network • Includes systems where files are arranged dynamically by software • Used for temporary storage

  12. General Security Practices • Entity Authentication • Properties of an entity (what it has, is, etc.) • Usernames & Passwords • Password defenses • Checkers, generators, aging, limiting logins • Protecting password file • Cryptography • Encryption algorithms • Securing data transactions

  13. Access Control • Access control refers to how subjects may manipulate objects • Halts users from accessing restricted files • It determines what privileges (if any) a user has over a particular object • Observe • Alter

  14. Access Control: Windows NT • Types of permissions: • Read • Write • Execute • Changing of ownership • Changing permissions • Delete

  15. Access Control: UNIX • Types: • Read • Write • Execute • For files and directories, respectively: • View contents, view contents • Append, rename/create • Run, search within With 777 you have permission to access this bread.

  16. Security Models • Types of security models: • Bell-LaPadula (BLP) • Clark-Wilson • Biba • Harrison-Ruzzo-Ullman (HRU)

  17. Types of File System Security • In: • Disk File Systems • Database File Systems • Network File Systems

  18. Disk File System Security • Tactics: • Encryption • Access Control • Passwords • Permissions By denying access by some users to certain files, you can protect the files data and integrity.

  19. Disk File System Security • Workarounds: • Encryption: • Stealing secret keys • Breaking secret keys • Access Control: • Interception of password • Social engineering • Brute force attacks on passwords

  20. Disk File System Security • Prevention: • Encryption: • More powerful ciphers • Regular changing of encryption scheme • Access Control: • Password defenses • checkers • generators • aging • limiting logins • Employ awareness of social engineering vulnerabilities

  21. Database File System Security: Apache • Permissions • Restrict access to upper level files • SSI (Server Side Includes) • These extra features can create weakness within a database • Protect system settings within config files

  22. Database File System Security: Oracle • Virtual Private Database • customizable, policy-based access control down to the row level • Data Encryption • Protects data, even in media theft • Enterprise User Security • Centralized security management • Secure Application Roles • Powerful way of setting access control • Enterprise Manager Grid Control • Tools for setting configurations

  23. Database File System Security: MySQL • Take the time to audit SQL logins for null or weak passwords • Frequently check group and role memberships • Physically secure the SQL Server • Enable logging of all user login events • Disable SQL Mail capability unless absolutely necessary • Remove the Guest user from databases to keep unauthorized users out • Secure the “sa” account with a strong password • Choose only the network libraries you absolutely require

  24. Network File System Security • Entity authentication • Firewall • Intrusion Prevention System (IPS) • Honeypots • Decoy server containing fake, desirable information which is easily accessible used to lure away attackers and record their activity

  25. Summary We covered the history of file system security, basic theory, types of file systems, security for those systems, and potential threats. ? Well science shows that general policies, such as access control, password protection, permissions, encryption, and roles can significantly improve security on any kind of file system.

  26. QUESTIONS?!1?!1?!?!?!!!!ONE

  27. Chris uses Windows XP Media Center Edition 2005 sp2 Bobby uses the Ubuntu release Edgy

More Related