DOC PREVIEW
Pitt CS 1550 - Security

This preview shows page 1-2-3-4-29-30-31-32-33-60-61-62-63 out of 63 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 63 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Chapter 9: SecuritySecuritySecurity environment: threatsWhat kinds of intruders are there?Accidents cause problems, too…ProtectionProtection domainsProtection matrixDomains as objects in the protection matrixRepresenting the protection matrixAccess control listsAccess control lists in the real worldCapabilitiesCryptographically protected capabilityProtecting the access matrix: summaryReference monitorFormal models of secure systemsBell-La Padula multilevel security modelBiba multilevel integrity modelCovert channelsCovert channel using file lockingSteganographyCryptographyCryptography basicsSecret-key encryptionModern encryption algorithmsUnbreakable codesPublic-key cryptographyThe RSA algorithm for public key encryptionOne-way functionsDigital signaturesPretty Good Privacy (PGP)User authenticationAuthentication using passwordsDealing with passwordsSalting the passwordsSample breakin (from LBL)Authentication using a physical objectAuthentication using biometricsCountermeasuresAttacks on computer systemsTrojan horsesLogin spoofingLogic bombsTrap doorsBuffer overflowGeneric security attacksSecurity flaws: TENEX password problemDesign principles for securitySecurity in a networked worldVirus damage scenariosHow viruses workHow viruses find executable filesWhere viruses live in the programViruses infecting the operating systemHow do viruses spread?Hiding a virus in a fileUsing encryption to hide a virusPolymorphic virusesHow can viruses be foiled?Worms vs. virusesMobile codeSecurity in JavaChapter 9: SecurityChapter 9: Security2CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)SecurityThe security environment Protection mechanisms Basics of cryptography User authentication Attacks from inside the system Attacks from outside the system Trusted systemsChapter 9: Security3CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Security environment: threatsOperating systems have goalsConfidentialityIntegrityAvailabilitySomeone attempts to subvert the goalsFunCommercial gainGoal ThreatData confidentiality Exposure of dataData integrity Tampering with dataSystem availability Denial of serviceChapter 9: Security4CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)What kinds of intruders are there?Casual prying by nontechnical usersCuriositySnooping by insidersOften motivated by curiosity or moneyDetermined attempt to make moneyMay not even be an insiderCommercial or military espionageThis is very big business!Chapter 9: Security5CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Accidents cause problems, too…Acts of GodFiresEarthquakesWars (is this really an “act of God”?)Hardware or software errorCPU malfunctionDisk crashProgram bugs (hundreds of bugs found in the most recent Linux kernel)Human errorsData entryWrong tape mountedrm * .oChapter 9: Security6CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)ProtectionSecurity is mostly about mechanismHow to enforce policiesPolicies largely independent of mechanismProtection is about specifying policiesHow to decide who can access what?Specifications must beCorrectEfficientEasy to use (or nobody will use them!)Chapter 9: Security7CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Protection domainsThree protection domainsEach lists objects with permitted operationsDomains can share objects & permissionsObjects can have different permissions in different domainsThere need be no overlap between object permissions in different domainsHow can this arrangement be specified more formally?File1 [R]File2 [RW]File3 [R]File4 [RWX]File5 [RW]File3 [W]Screen1 [W]Mouse [R]Printer [W]Domain 1 Domain 2 Domain 3Chapter 9: Security8CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Protection matrixEach domain has a row in the matrixEach object has a column in the matrixEntry for <object,column> has the permissionsWho’s allowed to modify the protection matrix?What changes can they make?How is this implemented efficiently?Domain File1 File2 File3 File4 File5 Printer1 Mouse1Read ReadWrite2Read ReadWriteExecuteReadWriteWrite3Write Write ReadChapter 9: Security9CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Domains as objects in the protection matrixSpecify permitted operations on domains in the matrixDomains may (or may not) be able to modify themselvesDomains can modify other domainsSome domain transfers permitted, others notDoing this allows flexibility in specifying domain permissionsRetains ability to restrict modification of domain policiesDomain File1 File2 File3 File4 File5 Printer1 Mouse Dom1 Dom2 Dom31 Read ReadWriteModify2 Read ReadWriteExecuteReadWriteWrite Modify3 Write Write Read EnterChapter 9: Security10CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Representing the protection matrixNeed to find an efficient representation of the protection matrix (also called the access matrix)Most entries in the matrix are empty!Compress the matrix by:Associating permissions with each object: access control listAssociating permissions with each domain: capabilitiesHow is this done, and what are the tradeoffs?Chapter 9: Security11CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Access control listsEach object has a list attached to itList hasProtection domainUser nameGroup of usersOtherAccess rightsReadWriteExecute (?)Others?No entry for domain => no rights for that domainOperating system checks permissions when access is neededFile1elm: <R,W>znm: <R>root: <R,W,X>File2elm: <R,X>uber: <R,W>root: <R,W>all: <R>Chapter 9: Security12CS 1550, cs.pitt.edu (originaly modified by Ethan L. Miller and Scott A. Brandt)Access control lists in the real worldUnix file systemAccess list for each file has exactly three domains on itUser (owner)GroupOthersRights include read, write, execute: interpreted differently for directories and filesAFSAccess lists only apply to directories: files inherit rights from the directory they’re inAccess list may have many entries on it with possible rights:read, write, lock (for


View Full Document

Pitt CS 1550 - Security

Download Security
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Security 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?