1 / 14

Host and Application Security

Host and Application Security. Lesson 3: What is Information?. Two questions that merit discussion. What do we mean when we talk about information? What do we _really_ mean when we talk about something being a computer?. First, what is information?.

menora
Download Presentation

Host and Application Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Host and Application Security Lesson 3: What is Information?

  2. Two questions that merit discussion • What do we mean when we talk about information? • What do we _really_ mean when we talk about something being a computer?

  3. First, what is information? • Claude Shannon helped us out with this in his excellent paper “The Mathematical Theory of Communication” • Weaver: • Level A: How accurately can the symbols of communication be transmitted? (The technical problem) • Level B: How precisely do the transmitted symbols convey the desired meaning? (The semantic problem) • Level C: How effectively does the received meaning affect the conduct in the desired way? (The effectiveness problem)

  4. However… • Most of the theoretical and practical work from this deals with the Level A problem: essentially, bits flowing on a wire • This is important from a security perspective, but it’s not the whole story

  5. More xkcd

  6. Level A: Transmitting Symbols • Imagine we have a simple noiseless system that transmits only English words as defined in a particular dictionary • This higher-level meaning reduces the actual channel capacity

  7. How this fits with Security • Implications are interesting; we can keep our “secret” but still leak information • Examples? • Whenever we think about application security and host security we need to think hard about what information is…

  8. Now… what is a computer? • At the abstract level, we’re talking about Turing Machines • Note that this is anything but the universal model of computation

  9. The Turing Machine • More precisely, a Turing machine consists of: • A tape which is divided into cells, one next to the other. Each cell contains a symbol from some finite alphabet. The alphabet contains a special blank symbol (here written as 'B') and one or more other symbols. The tape is assumed to be arbitrarily extendable to the left and to the right, i.e., the Turing machine is always supplied with as much tape as it needs for its computation. Cells that have not been written to before are assumed to be filled with the blank symbol. In some models the tape has a left end marked with a special symbol; the tape extends or is indefinitely extensible to the right. • A head that can read and write symbols on the tape and move the tape left and right one (and only one) cell at a time. In some models the head moves and the tape is stationary. • A finite table (occasionally called an action table or transition function) of instructions (usually quintuples [5-tuples] : qiaj→qi1aj1dk, but sometimes 4-tuples) that, given the state(qi) the machine is currently in and the symbol(aj) it is reading on the tape (symbol currently under the head) tells the machine to do the following in sequence (for the 5-tuple models): • Either erase or write a symbol (instead of aj, write aj1), and then • Move the head (which is described by dk and can have values: 'L' for one step left or 'R' for one step right or 'N' for staying in the same place), and then • Assume the same or a new state as prescribed (go to state qi1). • In the 4-tuple models, erase or write a symbol (aj1) and move the head left or right (dk) are specified as separate instructions. Specifically, the table tells the machine to (ia) erase or write a symbol or (ib) move the head left or right, and then (ii) assume the same or a new state as prescribed, but not both actions (ia) and (ib) in the same instruction. In some models, if there is no entry in the table for the current combination of symbol and state then the machine will halt; other models require all entries to be filled. • A state register that stores the state of the Turing machine, one of finitely many. There is one special start state with which the state register is initialized. • Source: Wikipedia • Also, let’s look at: http://www.youtube.com/watch?v=E3keLeMwfHY

  10. Observation • When we think about computing like this, some of the “magic” disappears • How does this help us think about security?

  11. Now, let’s have some fun…

  12. With that out of the way… • What does this tell us about host protection?

  13. Intel Privilege Levels Source: Intel® 64 and IA-32 Architectures Software Developer’s Manual

  14. Questions?

More Related