Beruflich Dokumente
Kultur Dokumente
Objectives
You will be able to describe: y The role of the operating system with regard to system security y The effects of system security practices on overall system performance y The levels of system security that can be implemented and the threats posed by evolving technologies y The differences between computer viruses and worms, and how they spread y The difficulties of teaching ethics to user groups and the role of education in system security
Understanding Operating Systems, Fourth Edition
system to attack y The more complex and powerful the operating system, the more likely it is to have vulnerabilities to attack
y System administrators must be on guard to arm their
System Survivability
y Capability of a system to fulfill its mission, in a timely
manner, in the presence of attacks, failures, or accidents y Key properties of survivable systems:
y Resistance to attacks y Recognition of attacks and resulting damage y Recovery of essential services after an attack y Adaptation and evolution of system defense mechanisms to
Levels of Protection
System administrator must evaluate the risk of intrusion for each computer configuration, which in turn depends on the level of connectivity given to the system
Table 11.2: A simplified comparison of security protection required for three typical computer configurations
6 Understanding Operating Systems, Fourth Edition
computing systems y Many system managers use a layered backup schedule y Backups, with one set stored off-site, are crucial to disaster recovery y Written policies and procedures and regular user training are essential elements of system management
Security Breaches
y A gap in system security can be malicious or not y Intrusions can be classified as:
y Due to uneducated users and unauthorized access to system
or natural disasters
systems credibility
Understanding Operating Systems, Fourth Edition
Unintentional Intrusions
y Any breach of security or modification of data that was not
10
Figure 11.1: (a) Original data value in a field large enough to hold it. If the field is too small, (b) FORTRAN replaces the data with asterisks, (c) COBOL truncates the higher order digits and stores only the digits that remain
11 Understanding Operating Systems, Fourth Edition
Intentional Attacks
y Types of Intentional attacks: y Intentional unauthorized access y e.g., denial of service attacks, browsing, wire tapping,
repeated trials, trap doors, and trash collection y Viruses and worms y Trojan Horses y Bombs y Blended threats
12
storage directories or files for information they should not have the privilege to read
13
users transmission
y Passive wire tapping: Refers to just listening to the
y Active wire tapping: Data being sent is modified y Methods include between lines transmission and piggyback entry
14
passwords y Trap doors: An unspecified and undocumented entry point to the system
y Installed by a system diagnostician or programmer for future
15
Table 11.3: Average time required to guess passwords up to ten alphabetic characters (A-Z) using brute force
16 Understanding Operating Systems, Fourth Edition
under the Federal Computer Fraud and Abuse Act of 1986 y Those convicted have been sentenced to significant fines and jail terms, as well as confiscation of their computer equipment y In the U.S., attempts to intrude into your system should be reported to the FBI
17
Viruses
y Small programs written to alter the way a computer operates, y y y y
without permission of the user Must meet two criteria: It must be self-executing and selfreplicating Usually written to attack a certain operating system Spread via a wide variety of applications Macro virus works by attaching itself to a template (such as NORMAL.DOT), which in turn is attached to word processing documents
Understanding Operating Systems, Fourth Edition
18
Viruses (continued)
19
Figure 11.2: A file infector virus attacks a clean file (a) by attaching a small program to it (b)
Viruses (continued)
20
Viruses (continued)
one system to the next without requiring the aid of an infected program file
y Results in slower processing time of real work y Especially destructive on networks
22
time, such as a day of the year y Blended Threat: Combines into one program the characteristics of other attacks
y e.g., including a virus, worm, Trojan Horse, spyware, and other
23
System Protection
y No single guaranteed method of protection y System vulnerabilities include:
y File downloads, e-mail exchange y Vulnerable firewalls y Improperly configured Internet connections, etc.
y Need for continuous attention to security issues y System protection is multifaceted and protection methods
include:
y Use of antivirus software, firewalls, restrictive access and
encryption
25 Understanding Operating Systems, Fourth Edition
Antivirus Software
y Software to combat viruses can be preventive, diagnostic, or
both
y Preventive programs may calculate a checksum for each
production program y Diagnostic software compares file sizes, looks for replicating instructions or unusual file activity
y Can sometimes remove the infection and leave the remainder
intact y Unable to repair worms, Trojan horses, or blended threats as they are malicious code in entirety
26 Understanding Operating Systems, Fourth Edition
Figure 11.4: (a) Uninfected file; (b) file infected with a virus; (c) a Trojan horse or worm consists entirely of malicious code
28 Understanding Operating Systems, Fourth Edition
Firewalls
y A set of hardware and/or software designed to protect a
system by disguising its IP address from unauthorized users y Sits between the Internet and network y Blocks curious inquiries and potentially dangerous intrusions from outside the system y Mechanisms used by the firewall to perform various tasks include:
y Packet filtering y Proxy servers
29
Firewalls (continued)
Figure 11.5: Firewall sitting between campus networks and Internet, filtering requests for access
30 Understanding Operating Systems, Fourth Edition
Firewalls (continued)
y Typical tasks of the firewall are to:
y Log activities that access the internet y Maintain access control based on senders or receivers IP
addresses y Maintain access control based on services that are requested y Hide internal network from unauthorized users y Verify that virus protection is installed and enforced y Perform authentication based on the source of a request from the Internet
31
Firewalls (continued)
y Packet filtering:
y Firewall reviews header information for incoming and outgoing
Internet packets to verify authenticity of source address, destination address, and protocol
y Proxy server:
y Hides important network information from outsiders by making
network server invisible y Determines if request for access to the network is valid y Proxy servers are invisible to users but are critical to the success of the firewall
32
Authentication
y Authentication: A verification that an individual trying to
development of Kerberos y Designed to provide strong authentication for client/server applications y Uses strong cryptography y Requires systematic revocation of access rights from clients who no longer deserve to have access
33 Understanding Operating Systems, Fourth Edition
Authentication (continued)
Figure 11.6: Using Kerberos, when client A attempts to access server B, user is authenticated (a) and receives a ticket for the session (b). Once the ticket is issued, client and server can communicate at will (c). Without the ticket, access is not granted
34 Understanding Operating Systems, Fourth Edition
Encryption
y Most extreme protection method for sensitive data where data
transmitted, decrypted, and processed y Sender inserts public key with the message y Message receiver required to have private key to decode the message
y Disadvantages:
y Increases systems overhead y System becomes totally dependent on encryption process itself
35
network
y Peruse data packets as they pass by, examine each one for
friendly sites
Understanding Operating Systems, Fourth Edition
36
Password Management
y Most basic techniques used to protect hardware and software
investments include:
y Good passwords y Careful user training
y Password Construction:
y Good password is unusual, memorable, and changed often y Password files normally stored in encrypted form y Password length has a direct effect on the ability of password to
37
38
Table 11.6: Number of combinations of passwords depending on their length and available character set
39 Understanding Operating Systems, Fourth Edition
nonalphanumeric characters y Create a misspelled word or join bits of phrases into a word thats easy to remember y Follow a certain pattern on the keyboard y Create acronyms from memorable sentences y Use upper and lowercase characters if allowed y Never use a word thats included in any dictionary
40
passwords
y Requirements: y A copy of the encrypted password file y Algorithm used to encrypt the passwords y Prevention: y Some operating systems salt user passwords with extra random bits to make them less vulnerable to dictionary attacks
41
Password Alternatives
y Use of a smart card
y A credit card-sized calculator that requires both something you
have and something you know y Displays a constantly changing multidigit number synchronized with an identical number generator in the system y User must type in the number that appears at that moment on the smart card y For added protection, user then enters a secret code y User is admitted to the system only if both number and code are validated
42
voice prints
y Positively identifies the person being scanned y Critical factor is reducing the margin of error y Presently, biometric authentication is expensive
43
Social Engineering
y A technique whereby system intruders gain access to
family members, pets, vacation destinations, favorite hobbies, car model, etc.
44
contacts unwary users asking them to reconfirm their personal and/or financial information
y Example: 2003 incident involving eBay customers
y Default passwords:
y y y y
Pose unique vulnerabilities because they are widely known Routinely shipped with hardware or software Routinely passed from one hacker to the next Should be changed immediately
45
Ethics
y Ethical behavior: Be good. Do good.
y IEEE and ACM issued a standard of ethics in 1992 y Apparent lack of ethics in computing is a significant departure
46
Ethics (continued)
y Consequences of ethical lapses: (continued)
y Cracking (malicious hacking) causes systems owner and users to
question the validity of systems data y Unethical use of technology is clearly the wrong thing to do
y Specific activities to teach ethics can include:
y Publish policies that clearly state which actions will and will not be
condoned y Teach a regular seminar on the subject including real-life case histories y Conduct open discussions of ethical questions
47 Understanding Operating Systems, Fourth Edition
Summary
y Cant overemphasize the importance of keeping the system y y y y
secure System is only as good as the integrity of the data thats stored on it A single breach of security whether catastrophic or not, whether accidental or not damages the systems integrity Damaged integrity threatens the viability of the best-designed system, its managers, its designers, and its users Vigilant security precautions are essential
48