CS241 System ProgrammingSecurityContentAdministrativeTotal Approach to SecurityInternal Threats/SecurityInternal ThreatsIntrudersAttacks from Inside of the SystemInside AttacksVirusInternet WormUser AuthenticationPasswordsHow Crackers Break-in?Protect Your PasswordsSummary (General Design Principles of Security)CS241 System ProgrammingSecurity Klara NahrstedtLecture 263/29/20063/30/2006CS 241 - System Programming, Klara Nahrstedt2Content z Security Environmentz Generic Security Attacksz User Identification and Biometricsz Design Principles3/30/2006CS 241 - System Programming, Klara Nahrstedt3Administrative z MP3 is posted, due April 3, 2006z Quiz 7 is March 31, 2006z Material covered in Quiz 7– R&R Chapter 4 and Chapter 5– Tanenbaum 5.33/30/2006CS 241 - System Programming, Klara Nahrstedt4Total Approach to Security z External Security z User Interface Security -- Establishing user identification and access rights. z Internal Security -- Controls built into the hardware and software to ensure: – Reliable and uncorrupted operation of the system. – Integrity of programs and data3/30/2006CS 241 - System Programming, Klara Nahrstedt5Internal Threats/Security z Data Confidentiality– have secret data remain secret. z Data Integrity– unauthorized used should not be able modify any data without the owner's permission. z System Availability– nobody can disturb the system to make it unusable (e.g., make sure that denial of service does not occur). z Privacy– the system protects individuals from misuse of information z The security system needs to protect against – intruders (adversaries)– accidental data loss3/30/2006CS 241 - System Programming, Klara Nahrstedt6Internal Threatsz Security goals and threats3/30/2006CS 241 - System Programming, Klara Nahrstedt7Intrudersz Common Categories– Casual prying by non-technical users– Snooping by insiders– Determined attempt to make money– Commercial or military espionage3/30/2006CS 241 - System Programming, Klara Nahrstedt8Attacks from Inside of the System z Trojan Horse– seemingly innocent program contains code to perform an unexpected and undesirable function. z Examples– Modifying, deleting or encrypting the user file; copying them into a place where cracker can retrieve them later, or even sending them to the cracker via email of FTP. z One approach to do this is to place the program as a free, exciting new game, MP3 viewer, or something that attracts attention. z The Trojan horse approach does not require the user to break into the computer.3/30/2006CS 241 - System Programming, Klara Nahrstedt9Inside Attacks z Login Spoofing– attacker writes a false login program that displays on the screen login prompt. This program asks for name, password, user types in login name and password. The false information is written to a file and the phony login program sends a signal to kill the shell. This action logs the attacker out and triggers the real login program. The user assumes that he/she wrote the wrong password and repeats the steps. z Logic Bombs– build in bad behavior (e.g., erase a disk) into operating system if certain action is not taken. For example, as long the programmer feeds in a password every day, the behavior is not visible. When a programmer is fired, the password is not given and the bad behavior is triggered. z Trap Doors– code is inserted into the system by the system programmer to bypass some normal check. For example, a login program could be written which allows a user to login independent of what password he/she types. The trap-door bypasses the whole authentication process.z Viruses and Worms3/30/2006CS 241 - System Programming, Klara Nahrstedt10Virus z Virus is – Malware– piece of code that can reproduce itself by attaching a copy of itself to another programz Virus – Can cause Denial of Service (DOS) attack – Can cause Distributed Denial of Service (DDOS) attack– Can cause permanently damaged hardware3/30/2006CS 241 - System Programming, Klara Nahrstedt11Internet Wormz Free-standing program designed to travel between systems for some particular purpose. z Consisted of two programs– bootstrap to upload worm– the worm itselfz Worm first hid its existencez Next replicated itself on new machines3/30/2006CS 241 - System Programming, Klara Nahrstedt12User Authentication z User Attributes: Something about the person -- e.g., fingerprints, voice-prints, photographs, signatures. z User Possession: Something possessed by the person -- e.g., badges, id cards, keys. z User Knowledge: Something known by the person -- e.g., passwords, lock combinations, mother-in-law's maiden name.3/30/2006CS 241 - System Programming, Klara Nahrstedt13Passwords z People tend to choose easy-to-remember passwords, which are also easy to guess. z Short passwords can be guessed by repeated trials of all possibilities. z Passwords that are too long prompt people to write them down, which risks compromise by loss or theft of the note. z The best passwords are of length 6-10 chars. z Avoid words that are in a dictionary. z Passwords made up of nonsense syllables are almost as secure as those made up of randomly chosen characters, but are easier to remember.3/30/2006CS 241 - System Programming, Klara Nahrstedt14How Crackers Break-in?z Password guessing– crackers compile potential common words as passwords, and use them to login. z War dialers– dial telephone numbers and detect if security is in place (some PC systems don't have passwords). z Weak root passwordz Script kiddies– scripts found on the Internet, use brute force attacks to exploit bugs in specific programs.3/30/2006CS 241 - System Programming, Klara Nahrstedt15Protect Your Passwordsz One-way encrypt the password file– UNIX designers are so confident of their one-way encryption scheme that the UNIX password file is ``read permitted'' to all users.z Encourage uses to change passwords oftenz Limit the number of attempts to enter a password. z The standard way to crack UNIX encryption – copy the password file to another machine– try encrypting the dictionary, permutations of common words, wife names, telephone numbers and comparing it against the password file contents. z ``Salt'' technique (by Morris and Thompson):– associate an n-bit random number, called the salt, with each password. The random number is changed whenever the password is changed.3/30/2006CS 241 - System Programming, Klara Nahrstedt16Summary (General Design Principles of
View Full Document