Computer System Security and Management Reference Monitors. Three fundamental concepts in computer security: Reference Monitors : An access control concept that refers to an abstract machine that mediates all accesses to objects by subjects.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Computer System Security and Management Reference Monitors • Three fundamental concepts in computer security: • Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses to objects by subjects. • Security Kernel: The hardware, firmware, and software elements of a trusted computing base that implement the Reference Monitor concept. • Trusted Computing Base (TCB): The totality of protection mechanisms within a computer system – including hardware, firmware – the combination of which is responsible for enforcing a security policy. Applications Services Operating system OS kernel Hardware Different layers in a computer system
Computer System Security and Management Reference Monitors • Placing the Reference Monitor • The reference monitor can be placed: • In hardware: Access control to mechanisms in microprocessors. • In the operating system: Access control in Linux. • In the services layer: Access control in databases. • In the application: In the application code. • Operating system integrity • The goal of an attacker is to disable the security control by modifying the operating system. • When securing an operating system two requirements have to be addressed: • Users should be able to use the operating system. • Users should not be able to misuse the operating system. • In Linux there is 2 modes: • user mode: protected mode. • supervisor mode: root mode. • To execute a command in supervisor mode sudo can be used in Linux.
Computer System Security and Management Reference Monitors Hardware security features Hardware is the lowest layer in an IT architecture: Applications Services Operating system OS kernel Protection in the Security Kernel Hardware • It may be possible to evaluate security to a higher level of assurance • Putting security mechanisms into the core of the system increase the performance. No overheads caused by security checks. • Access control decisions are removed from applications.
Computer System Security and Management Reference Monitors A brief overview of Computer Architecture I/O Input devices: Keyboards Output devices: Monitor CPU Memory Bus RAM (Random Access Memory): stores data temporarily. ROM (Read Only Memory): Store data permanently. EPROM (Erasable & Programmable Read Only Memory): The data can be erased or kept permanently. WROM (Write Once memory): Freeze the data once for all. Keep the OS or cryptographic keys on ROM or EPROM. RAM: volatile memory. ROM, EPROM, WROM: non-volatile memory. • CPU components: • Registers: • General purpose registers. • Dedicated register. • Program counter: Points to memory location that contains the next instruction to be executed. • Stack pointe: Points to the top of the system stack. • Status register: Allows the CPU to keep essential state information. • Arithmetic Logic Unit (ALU): Executes instructions given in a machine level language or sets bits in the status register. • To switch between different programs, the CPU perform a context switch and saves the state of the current process.
Computer System Security and Management Reference Monitors • Processes and Threads • A process is a program in execution. • A process is an important unit of control for the OS and for the security. • A process consists of: • Executable code. • Data. • The execution context. • Processes communicate with each other through primitives provided by the OS, IPC. • Less secure because of the context switch between processes. • Expensive operation in the OS • Treads are execute within a process. • Share the process address space. • More secure. • Less expensive operation in the OS.
Computer System Security and Management Reference Monitors • Interrupts (traps, exceptions) • Interrupts are created by processes when: • There is error in the program. • User sends a request. • Hardware failure. • A trap is a special input to the CPU which includes an ad Interrupt vector table contains addresses Memory TRAP #n Interrupt vector n 1 0 Interrupt table has to be protected. Viruses can change an entry in the table so that it points to attack code. Redirecting pointer is a very efficient attack method. Interrupt handler Process of an interrupt