Professional Documents
Culture Documents
Operating Systems
Security and
Operating Systems
What is Security?
Internal Roles
Protecting Whom?
Authentication
Attacks and
Defenses
Certified Systems
Logging
1 / 38
Attacks and
Defenses
Certified Systems
Logging
Its the Application
2 / 38
What is Security?
Security and
Operating Systems
Security and
Operating Systems
What is Security?
Internal Roles
Protecting Whom?
Authentication
Attacks and
Defenses
Certified Systems
Logging
Its the Application
3 / 38
Internal Roles
Security and
Operating Systems
Security and
Operating Systems
What is Security?
Internal Roles
Protecting Whom?
Authentication
Attacks and
Defenses
Certified Systems
Logging
Its the Application
4 / 38
Protecting Whom?
Security and
Operating Systems
Security and
Operating Systems
What is Security?
Internal Roles
Protecting Whom?
Authentication
Attacks and
Defenses
Certified Systems
Logging
Its the Application
5 / 38
User Authentication
Security and
Operating Systems
Authentication
User Authentication
Something You
Know: Passwords
Hashed Passwords
Challenge/Response
Authentication
THe Human
Element
Something You
Have: Tokens
Something You Are:
Biometrics
Attacks and
Defenses
Certified Systems
Logging
Its the Application
6 / 38
Authentication
User Authentication
Something You
Know: Passwords
Hashed Passwords
Challenge/Response
Authentication
THe Human
Element
Something You
Have: Tokens
Something You Are:
Biometrics
Attacks and
Defenses
Very common
Very easily guessed
Originally stored in plaintext, but thats a very
bad idea
Today, passwords are usually stored hashed
However some network authentication
schemes, such as challenge/response, require
plaintext (or equivalent)
Certified Systems
Logging
Its the Application
7 / 38
Hashed Passwords
Security and
Operating Systems
Authentication
User Authentication
Something You
Know: Passwords
Hashed Passwords
Challenge/Response
Authentication
THe Human
Element
Something You
Have: Tokens
Something You Are:
Biometrics
Attacks and
Defenses
Certified Systems
Logging
8 / 38
Challenge/Response Authentication
Security and
Operating Systems
Authentication
User Authentication
Something You
Know: Passwords
Hashed Passwords
Challenge/Response
Authentication
THe Human
Element
Something You
Have: Tokens
Something You Are:
Biometrics
Attacks and
Defenses
Certified Systems
Logging
Its the Application
9 / 38
10 / 38
Certified Systems
Logging
Its the Application
11 / 38
Authentication
User Authentication
Something You
Know: Passwords
Hashed Passwords
Challenge/Response
Authentication
THe Human
Element
Something You
Have: Tokens
Something You Are:
Biometrics
Attacks and
Defenses
Certified Systems
Logging
Its the Application
12 / 38
Attack Techniques
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
13 / 38
Trojan Horses
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
14 / 38
Sandboxes
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
Race Conditions
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
16 / 38
Login Spoofing
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
17 / 38
Trusted Path
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
18 / 38
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
19 / 38
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
Its the Application
20 / 38
Blocking Executables
Security and
Operating Systems
Authentication
Attacks and
Defenses
Attack Techniques
Trojan Horses
Sandboxes
Race Conditions
Login Spoofing
Trusted Path
Viruses and Worms
Access Controls
Wont Do It
Blocking
Executables
Certified Systems
Logging
21 / 38
Certified Systems
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
22 / 38
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
23 / 38
Classifications
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
24 / 38
Examples
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Top Secret
Confidential
Top Secret
Secret
Logging
Its the Application
25 / 38
Examples
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
26 / 38
Assurance
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
27 / 38
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
28 / 38
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
29 / 38
Authentication
Attacks and
Defenses
Certified Systems
Certified Systems
Military
Classification Model
Classifications
Examples
Examples
Assurance
The Fate of the
Orange Book
The Common
Criteria
Bad Models, No
Sales
Logging
Its the Application
30 / 38
Logging
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Logging
Logging
Shadow Hawk
How was Shadow
Hawk Detected?
What to Log?
Solaris Basic
Security Module
(BSM)
31 / 38
Shadow Hawk
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Logging
Logging
Shadow Hawk
How was Shadow
Hawk Detected?
What to Log?
Solaris Basic
Security Module
(BSM)
Its the Application
32 / 38
Authentication
Attacks and
Defenses
Certified Systems
Logging
Logging
Shadow Hawk
How was Shadow
Hawk Detected?
What to Log?
Solaris Basic
Security Module
(BSM)
Its the Application
33 / 38
What to Log?
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Logging
Logging
Shadow Hawk
How was Shadow
Hawk Detected?
What to Log?
Solaris Basic
Security Module
(BSM)
Everything?
Possibly takes too much storage, though disk
space is cheap
Serious potential privacy risk
Can you process that much data?
But must log security-sensitive events
34 / 38
Authentication
Attacks and
Defenses
Certified Systems
Logging
Logging
Shadow Hawk
How was Shadow
Hawk Detected?
What to Log?
Solaris Basic
Security Module
(BSM)
35 / 38
Authentication
Attacks and
Defenses
Certified Systems
Logging
Its the Application
Its the Application
The Challenge
We Dont Have
Them
36 / 38
The Challenge
Security and
Operating Systems
Authentication
Attacks and
Defenses
Certified Systems
Logging
Its the Application
Its the Application
The Challenge
We Dont Have
Them
37 / 38
Authentication
Attacks and
Defenses
Certified Systems
Logging
Its the Application
Its the Application
The Challenge
We Dont Have
Them
38 / 38