Chapter 4 Protection in General Purpose Operating Systems - PowerPoint PPT Presentation

1 / 24

About This Presentation

Title:

Chapter 4 Protection in General Purpose Operating Systems

Description:

Chapter 4 Protection in General Purpose Operating Systems – PowerPoint PPT presentation

Number of Views:216

Avg rating:3.0/5.0

Slides: 25

Provided by: csu15

Category:

more less

Transcript and Presenter's Notes

Title: Chapter 4 Protection in General Purpose Operating Systems

1
Chapter 4 Protection in General Purpose
Operating Systems

Protection features provided by general-purpose
operating systemsprotecting memory, files, and
the execution environment
Controlled access to objects
User authentication

2
Protected Objects and Methods of Protections

1rst OS were simple utilities executives
Multiprogramming OS required monitors which
oversaw each programs execution
Protected objects
Memory
Sharable I/O devices (disks)
Serially reusable devices (printers)
Shareable programs subprocedures
Networks
Shareable Data

3
Security Methods of Operating Systems

Physical Separation (different processes use
different objects)
Temporal Separation (processes executed at
different times)
Logical Separation (process appears to be alone)
Cryptographic Separation (processes conceal data
and computations)

4
Security Methods of Operating Systems

Want to be able to share resources without
compromising security
Do not protect
Isolate different processes
Share all or nothing
Share via access limitation (granularity)
Share by capabilities
Limit use of an object

5
Memory Address Protection

Fence confines user to one side of boundary
Use predefined memory addresses
Can protect OS, but not one user from another
Relocation changes all addresses of program
using offset
Base/Bounds Registers
Uses variable fence register (base register) to
provide lower bound
Uses bounds register for upper address

6
Memory Address Protection

Tagged Architecture
Every word of machine memory has extra bits to
indicate access rights (expensive)
Segmentation (program divided into pieces)
Each segment has name offset
Each address reference is checked for protection
Different classes of data can be assigned
different levels of protection
Users can share access to segments
User cannot access an unpermitted segment
Paging (program uses equal sized pages memory
divided into equal sized page frames)

7
Control of Access to General Objects

Memory
File/data set
Program in memory
Directory of files
Hardware device
Data structure (stack)
Operating system table
Instructions (privileged)
Passwords / user authentication mechanism
Protection mechanism

8
Goals in protecting objects

Check every access
Enforce least privilege
Verify acceptable usage

9
Directory mechanism

Each user (subject) has a file directory, which
lists all files accessible by user
List can become too large if many shared objects
Cannot revoke rights of everyone to an object
File names for different owners may be different

10
Access Control List

One list for each object with list showing all
subjects their access rights
Can use wildcards to limit size of ACL
Access Control Matrix
Rows for subjects
Columns for objects
Sparse matrix of triples ltsubjects, objects,
rightsgt

11
Capability

Unforgeable token that gives possessor rights to
an object
Predecessor of Kerberos
Can propagate capabilities to other subjects
Capabilities must be stored in inaccessible memory

12
Procedure-Oriented Access Control

Procedure that controls access to objects
including what subjects can do to objects

13
File Protection Mechanisms

All-None Protection
Lack of trust
All or nothing
Timesharing issues
Complexity
File listings

14
File Protection Mechanisms

Group Protection
User cannot belong to two groups
Forces one person to be multiple users
Forces user to be put into all groups
Files can only be shared within groups

15
File Protection Mechanisms

Single Permissions
Password/Token for each file
Can be lost
Inconvenient
Must be protected (if changed, must notify all
users)
Temporary Acquired Permission
UNIXs set userid (suid)

16
User Authentication

Something the user knows (password, PIN,
passphrase, mothers maiden name)
Something the user has (ID, key, drivers
license, uniform)
Something the user is (biometrics)

17
Use of Passwords

Mutually agreed-upon code words, assumed known
only to user and system
First line of defense
Loose-Lipped Systems
WELCOME TO XYZ COMPUTING
ENTER USER ID summers
INVALID USER NAME
ENTER USER ID

18
Attack on Passwords

Ask the user
Search for the system list of passwords
Find a valid user ID
Create a list of possible passwords (encrypt if
needed)
Rank the passwords from high to low probability
Try each password
If attempt fails, try again (don't exceed
password lockout)

19
Attack on Passwords

Exhaustive Attack (brute-force)
18,278 passwords of 3 letters or less
1 password / millisecond would take 18 seconds (8
minutes for 4 letters, 3.5 hours for 5 letters)
Probable passwords (dictionary attack)
80,000 word dictionary would take 80 seconds
Expanded dictionary

20
Attack on Passwords

UK Study (http//www.cnn.com/2002/TECH/ptech/03/13
/dangerous.passwords/?related)
50 passwords were family names
Celebrities/soccer stars 9 each
Pets 8
10 reflect a fantasy
Only 10 use cryptic combinations

21
Attack on Passwords

Look on desk
Try no password
Try user ID
Try users name
Common words (password, private, secret)
Short dictionary
Complete English word list
Common non-English dictionaries
Dictionary with capitalization and substitutions
(0 for o and 1 for i)
Brute force (lowercase alphabet)
Brute force (full character set)

22
Attack on Passwords

Plaintext System Password List (MS Windows)
Encrypted Password List 1-way (/etc/passwd)
Shadow Password List (/etc/shadow)
Salt 12-bit number formed from system time and
process id concatenated to password

23
Password Selection Criteria