1 / 23

Chapter 13

Chapter 13. Processing Controls. Operating System Integrity. Operating system -- the set of programs implemented in software/hardware that permits sharing and use of resources within a computer system

kelsie-wilkinson
Download Presentation

Chapter 13

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 13 Processing Controls

  2. Operating System Integrity • Operating system -- the set of programs implemented in software/hardware that permits sharing and use of resources within a computer system • There are many cases in which serious losses have occurred through breaches of operating system controls

  3. Some Features of OP Systems • Capable of managing resources • Good managers vs. bad mangers • There is a cost associated with mis-management of op systems • Exposure to risks • Loss of integrity • What is an interrupt in op systems? Op systems demand respect by using interrupts.

  4. Nature of a Reliable Operating System 1. Must be protected from user processes 2. Must prevent one user corrupting another user’s processes 3. Must protect users from themselves 4. Must protect itself from corruption of another module or sub-process 5. Must be robust when environmental failures occur

  5. Operating System Integrity Threats • Accidental • hardware, software, and environmental failures that cause the operating system to crash or to process erroneously • Deliberate • usually aim at unauthorized removal of assets, breaches of data integrity, or disruption of operations

  6. Penetration Techniques • Browsing (checking residue) • Masquerading • Piggybacking (tapping messages) • Between-lines entry (inactive users) • Spoofing (fooling the user as if op system is interacting) • Backdoors/Trapdoors (use it as if you are already in the system) • Trojan horse (unknown to user, user runs the penetrator’s program)

  7. Other Penetration Techniques • Covert Storage Channels • one process communicates confidential information to another process by changing the values of system state variables • Covert Timing Channels • one process communicates confidential information to another process by changing the time period that a system takes to perform some function

  8. Operating System Integrity Flaws • Penetrations result when integrity flaws exist in operating systems. These flaws arise for two reasons: 1. The access control policy designed for the operating system is defective 2. Even if a secure access control policy is designed for the operating system, it might be implemented incorrectly in the operating system

  9. Integrity Flaws (no details) • Incomplete parameter validation • Inconsistent parameter validation • Implicit sharing of data • Asynchronous validation • Inadequate access control • Violable limits

  10. Reference Monitors and Kernels • A reference monitor is an abstract mechanism that checks each request by a subject to access and use an object to ensure that the request complies with a security policy. • A reference monitor is implemented via a security kernel, which is a hardware, software, firmware mechanism

  11. Reference Monitor Abstraction

  12. Validation Checks • Primarily ensure that computations performed on numeric fields are authorized, accurate, and complete • Processing associated with alphabetic or alphanumeric fields typically is minimal

  13. Rounding Validation Check Process

  14. Other Software Controls • Print Run-to-Run Control Totals • provide evidence that all input data has been processed accurately • Minimize Human Intervention • because human intervention is error-prone, minimizing it will reduce incorrect processing • Use Redundant Calculations • additional calculations can be used as “checks”

  15. Audit Trail Controls • Accounting Audit Trail • allows auditors to trace and to replicate the processing performed on a data item • Operations Audit Trail • data is often critical to effective management of shared system resources

  16. Operations Audit Trail

  17. Contentof theOperations Audit Trail • Resource Consumption Data • identifies which user consumed a resource • Security-Sensitive Events • creates audit trail entries for all changes to password or access privileges files or failed access attempts • Hardware Malfunctions • records processor or memory parity errors • User-Specified Events • allows users to write their own programs to collect operations data

  18. Interrogating the Operations Audit Trail 1. Specifying audit objectives 2. Extracting data from the operations audit trail that will allow auditors to meet these objectives 3. Sorting the data extracted into the required order 4. Formatting and presenting the results

  19. Existence Controls • Nature of Checkpoint/Restart Controls • allow programs to be reestablished at some prior, valid intermediate point in their processing and restarted form that point • cannot guard against long-term or global failures

  20. Functions of Checkpoint Facilities • Processor-based Scheme • when a transient fault occurs, this scheme rolls the processor back a small number of instruction and then restarts the processor • Memory-based Scheme • relies on having two memory banks for each address. Successful operations are copied from the first memory bank to the second

  21. Processor-based Checkpoint/Restart facility

  22. Memory-based Checkpoint/Restart facility

  23. Auditors Concerns with Checkpoint/Restart Facilities • Information written to a log must be secure • Facilities must be effective and efficient • Facilities should be well documented • Facilities should work reliably

More Related