1 / 14

Security

Security. Chapter 19 discussed Protection internal control measures to provide controlled access to system resources including files, memory, CPU, etc… What about measures to provide controlled access for external environments such as network resources and network access?

hieu
Download Presentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security • Chapter 19 discussed Protection • internal control measures to provide controlled access to system resources including files, memory, CPU, etc… • What about measures to provide controlled access for external environments such as network resources and network access? • This is handled by security • Protection can be made to be 100% (or nearly) reliable, but security can not

  2. A System is Secure if • Its resources are utilized and accessed as intended under all circumstances • This is unfortunately not generally possible • Security violations are misuses of system resources • unauthorized use, access, modification or destruction of files • accidental • malicious • Protection must be offered at two levels: • physical - on-site protection • human - user safeguards

  3. Why Security? • Many computer systems contain very important information: • financial information • bank files, payroll programs, etc… • software in development • sensitive data • Unauthorized access could result in • sabotage, theft, or fraud

  4. Authentication • How do we ensure that only authorized users access files? • OS places read/write/execute privileges on files • Require a method of authenticating users • Passwords (knowledge) • Key or Card (physical means) • Retina pattern or finger print (physical attribute) • Passwords are the most common form • Key or Card - could be stolen or lost, requires physical presence • Physical attributes - too expensive (currently)

  5. More on Passwords • Problems: • sometimes other people can easily guess someone’s password • methods may be used to make this harder but that makes it harder on users to remember passwords • if its too difficult to remember a password, then writing it down on paper is a major security problem • a program could be used to discover a password by trying all words in a dictionary or all combinations of letters up to 10 in length, etc… • passwords can be determined through surveillance methods

  6. Ways to make passwords safer • Use system generated passwords • these may be hard to remember • Require some abnormal character in all passwords such as a digit or punctuation mark • protects against password cracking programs • Require that users change passwords every month • Use paired passwords • these protect against people easily guessing passwords

  7. Program Threats • Trojan Horse • a piggyback program that the user is unaware of • once running, may do something unexpected such as delete, copy or move files • because the program is being run by the user, the program has the rights of the user and can perform OS activities without additional authorization • Trap Door • means of breaching security by leaving yourself a mechanism to obtain unauthorized access • could be done by adding a hidden account or in a compiler that creates hidden object code

  8. System Threats • Worm • process that spawns copies of itself • can be used on a network to copy itself to other network sites • could be used to bring down a network • Virus • affects single user computers (PC’s) • propagated mostly through floppy disks • an infected computer can pass the virus onto other computers through transfer of floppy disks

  9. The Internet Worm of 1988 • Unleashed by Robert Morris, a Cornell grad student to affect Sun computers on the Internet • Self-replicating program, which if it could gain access to a unix computer, would spawn processes of itself to other reachable unix computers • Two-part process: • grappling hook (to obtain access to a computer) and • the worm itself • The grappling hook was 99 lines of C code compiled to run on each machine it accessed • Grappling hook would then upload the main worm

  10. Grap. Hook Methods of Access • rsh - remote task execution - if already logged into one sun, rsh would allow the program to log into any other sun that shared the same password file • finger - the grappling hook would overflow the run-time stack by sending the finger daemon an excessively long string (536 bytes) which would rewrite part of the stack to allow his program access • sendmail - similar method by using a debug option in sendmail to circumvent OS protection and obtain authorization • it also attempted to discover user passwords, first seeing if no password worked, and then trying 432 favorite password choices and finally by trying the standard Unix on-line dictionary entries

  11. Internet Worm Conclusion • The worm was released on November 2, 1988 and affected thousands of computers causing many sites to shut down for at least a few hours or for as much as a day • Estimated damages in the millions of $ • By the evening of Nov 3, Unix administrators had placed solutions (halting programs) on the Internet to end the Worm • Morris’s sentence • 3 years probation, 400 hours community service, $10,000 fine, legal fees probably over $100,000!

  12. Safe Computing • Protection against Viruses: • Don’t download software from unknown sources • Don’t share floppy disks • Check hard disk at bootup every time • Check every floppy disk as its inserted • Use antiviral programs to find and remove viruses • Checksum • add up all bits in a program and save it • if the program ever changes in size, it is probably because of a virus installed in it

  13. Threat Monitoring • Security is difficult to impose because of the human connection. Have the OS look for • instances of unauthorized access • incorrect password attempts • short or easy-to-guess passwords • unauthorized set-uid programs • unauthorized programs in system directories • long-running programs • improper directory and file protections • changes in system programs • using checksum

  14. Network Protection • In spite of the previous safeguards, networks are generally unprotected and therefore eavesdroppers can intercept files • Use encryption • Encode file • Store or transmit file • Decode file at the other end • Requires a code that is known at both ends

More Related