1 / 19

Operating system Security

Operating system Security. By Murtaza K. Madraswala. Protection. Control access by limiting file types accessed by different users Only authorized processes can operate on memory segments, CPU and other resources. Security.

steve
Download Presentation

Operating system Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Operating system Security By Murtaza K. Madraswala

  2. Protection Control access by limiting file types accessed by different users Only authorized processes can operate on memory segments, CPU and other resources

  3. Security • Protect information integrity by ensuring authentication of system users • Prevent unauthorized access • Prevent malicious destruction of data • Prevent accidental introduction of inconsistency

  4. Security vs. Protection Security takes into consideration the protection system which is strictly internal, as well as the external environment in which the system operates Security violations can be malicious or accidental

  5. Security (Contd.) Malicious violations • Unauthorized reading of data • Unauthorized writing of data • Unauthorized destruction of data • Preventing legitimate system use (Denial of service)

  6. Security (Contd.) Four levels of security measures • Physical – Physical protection of the computer system • Human – Screening of users given access to the computer system • Network • Operating System – OS must be capable of protecting itself from accidental or intentional security breaches

  7. Operating System Security User authentication Based on • User possession (of key or card) • User knowledge (user identifier + password) • User attribute (fingerprint, retina pattern, signature)

  8. Passwords • Password vulnerabilities • Encrypted passwords • One-Time passwords Biometrics

  9. Program Threats A program written by one user and used by another may cause unexpected behavior Trojan horse – This problem is created by the operating system which allows the programs written by one user to be executed by another This is a code segment that can misuse it environment

  10. Program Threats (contd.) Trap door Stack and buffer overflow

  11. System threats Most operating systems allow processes to spawn other processes. This creates situations in which operating system resources and files are misused

  12. System threats (Contd.) Worms Worms are programs that reduce system performance by spawning copies of themselves repeatedly, locking out system use by all other processes. In a network worms may reproduce across systems and bring down the entire network

  13. System threats (Contd.) Viruses A virus is a fragment of code embedded in a legitimate program. It is capable of modifying/destroying files, causing program malfunctions and system crashes.

  14. System threats (Contd.) Denial of Service The focus of this attack is to disable the legitimate use of a system/facility rather than gaining information or stealing resources

  15. Intrusion detection Strives to detect attempted or successful intrusions into a computer system, and initiate a proper response. Two approaches: • Signature-based detection – Here system input or traffic is examined for specific behavior patterns • Anomaly detection – This approach attempts to detect anomalous behavior within the computer system.

  16. Intrusion detection (Contd.) • Signature-based detection attempts to characterize dangerous behavior and detects when such behavior occurs • Anomaly detection attempts to characterize normal behaviors and detects when something abnormal occurs

  17. Intrusion detection (Contd.) Auditing and logging In audit-trail processing, security relevant events are logged to an audit trail and matched against attack signatures (signature-based detection) or analyzed for anomalous behavior (anomaly detection)

  18. Intrusion detection (Contd.) System-Call Monitoring Process system calls are monitored to detect instances when a process deviates from the expected system-call behavior Attacks that attempt to take over a process by exploiting the buffer-overflow vulnerability, and execute the attacker’s code rather than the original code can be detected using this technique

  19. References • Silberschatz, Galvin & Gagne, Operating System Concepts (6 ed.), John Wiley and Sons • R. Summers, Secure Computing – Threats and Safeguards, McGraw-Hill • M. Milenkovic, Operating Systems – Concepts and Designs, McGraw-Hill • W. Stallings, Operating Systems – Internals and Design Principles, Prentice Hall

More Related