and Security 4.0 OS INTERNAL PROTECTION AND SECURITY
4.1 User Authentication
4.2 Basic Resource Protection OVERVIEW 4.1 User Authentication ● 4.1.1 User Authentication ● 4.1.1.1 What you create (software) – Passwords, PIN, UserID ● 4.1.1.2 What you have (hardware) - Tokens i.e. (physical) key, smartcard, ATM card, credit card ● 4.1.1.3 What you are (user: Biometrics) – fingerprint, retina, iris, hand, face, voice OVERVIEW 4.2 Basic Resource Protection ● 4.2.1 Privileged Users ● 4.2.2 Access Control ● 4.2.3 CPU and Memory Protections ● 4.2.3.1 Buffer Overflow Protection ● 4.2.3.2 Data Execution Protection ● 4.2.3.3 Kernel Patch Guard 4.0 OS INTERNAL PROTECTION AND SECURITY What is Protection ?? Security ??? 1) Protection: The mechanisms that can be used to control access to various resources 2) Security: A measure of confidence that the integrity of a system and its data will be preserved Includes a well-specified threat description and policies for how to configure internal and external protection mechanisms to deal with that threat 4.0 OS INTERNAL PROTECTION AND SECURITY What is Protection ?? Security ??? Security must consider external environment of the system, and protect the system resources Intruders (crackers) attempt to breach or attack security Threat is potential security violation Attack can be accidental or malicious Easier to protect against accidental than malicious misuse 4.0 OS INTERNAL PROTECTION AND SECURITY What is Protection ?? Security ??? Multiprogramming involves the sharing of many resources, including processor, memory, I/O devices, programs, and data. Protection of such resources runs along the following spectrum: Share all or nothing implies that an object is either totally private or totally public. Share via access limitation implies that different entities enjoy different levels of access to an object, at the gift of the owner. Limit use of an object implies that not only is access to the object controlled, the use to which it may be put also varies across entities 4.0 OS INTERNAL PROTECTION AND SECURITY Protection goals Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed through a well-defined set of operations. So, the goals of protection are: a) t0 ensure that each object is accessed correctly and only by those processes that are allowed to do so b) To prevent mischievous, intentionally violation of an access restriction by a user 4.0 OS INTERNAL PROTECTION AND SECURITY OS Protection and Security Computer protection and security mechanisms provided by an operating system must address the following requirements: a) Confidentiality: (or privacy) the requirement that information maintained by a computer system be accessible only by authorized parties. b) Integrity: the requirement that a computer system’s resources can be modified only by authorized parties. 4.0 OS INTERNAL PROTECTION AND SECURITY OS Protection and Security c) Availability: the requirement that a computer system be accessible at required times by authorized parties. d) Authenticity: the requirement that a computer system can verify the identity of a user. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. Example of authentication: a) File permissions are based on user identity, which is based on authentication b) OS authenticates users by many methods: something you know, something you have, something you are c) In private and public computer networks (including the Internet), authentication is commonly use through the logon passwords. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication Methods for authentications:- a) What you create (software) - password, UserID, PIN b) What you have (hardware) - Tokens i.e. (physical) key, smartcard, ATM card, credit card c) What you are (user) – Biometrics i.e. fingerprint, retina, iris, hand, face, voice 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication a) What you create (software) - Password A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource Very common Originally stored in plaintext, but that’s a very bad idea Today, passwords are usually stored hashed However — some network authentication schemes, such as challenge/response, require plaintext (or equivalent) 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication a) What you create (software) - Password Weaknesses (vulnerabilities) of password are: a) Password can be bruteforced (trying all possible combinations) b) Password can be exposed as a result of visual (shoulder surfing), password written down and electronic monitoring (sniffing) 3.4 OS INTERNAL PROTECTION AND SECURITY 3.4.1 User Authentication a) What you create (software) - Password Weaknesses (vulnerabilities) of password are: c) User selected password is easier to guessed (use encrypted password) d) System generated password is difficult to remember (can be forgotten) 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication a) What you create (software) - Password Overcome Password Vulnerabilities 1) Password Encryption - To avoid password guessing (eg. Unix /etc/shadow file)
2) Single sign-on - With this property a user
logs in once and gains access to all systems without being prompted to log in again at each of them. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication a) What you create (software) - Password Overcome Password Vulnerabilities 3) Keep password in a token - users need not to remember their passwords and therefore can select more secure passwords, or have more secure passwords assigned
4) One-time password - a password that is
valid for only one login session or transaction 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token A security device given to authorized users who keep them in their possession. To log in to the network, the security "card" or "token" may be read directly like a credit card, or it may display a changing number that is typed in as a password. Tokens may also plug directly into the computer via a USB port 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token Security tokens are used to prove one's identity electronically (as in the case of a customer trying to access their bank account). The token is used in addition to or in place of a password to prove that the customer is who they claim to one login session or transaction 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token Token types are: 1) Disconnected token 2) Connected token 3) Contactless token 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token Token types are: 1) Disconnected token Neither a physical nor logical connection to the client computer. Typically use a built-in screen to display the generated authentication data, which the user enters manually themselves via a keyboard or keypad. Disconnected tokens are the most common type of security token used (usually in combination with a password) in two-factor authentication for online identification 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token Token types are: 2) Connected token Must be physically connected to the client computer. Automatically transmit the authentication info to the client computer once a physical connection is made Appropriate input device must be installed to use this token Common types of this tokens are smart cards and USB tokens, which require a smart card reader and a USB port 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token Token types are: 2) Connected token Must be physically connected to the client computer. Automatically transmit the authentication info to the client computer once a physical connection is made Appropriate input device must be installed to use this token Common types of this tokens are smart cards and USB tokens, which require a smart card reader and a USB port 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication b) What you have (hardware) – Token Token types are: 3) Contactless token Form a logical connection to the client computer but do not require a physical connection. More convenient than both connected and disconnected tokens. A popular choice for keyless entry systems and electronic payment solutions which uses RFID to transmit authentication info from a keychain 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication c) What you are (user) – Biometrics Method for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits For example, fingerprint readers: Read finger ridge patterns and convert them into sequence of numbers. Then they store a set of sequence to adjust the location of the finger on the pad. A software use to scan a finger on the pad and compare its features with these stored sequences to determine if they match. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.1 User Authentication c) What you are (user) – Biometrics Biometric characteristics can be divided in 2 classes: 1) Physiological are related to the shape of the body. Examples include, but are not limited to fingerprint, face recognition, DNA, Palm print, hand geometry, iris recognition 2) Behavioral are related to the behavior of a person. Examples include, but are not limited to typing rhythm, gait, and voice.
Combination of multiple methods (multi-
factor authentication). 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection a) Privileged Users A user who has been allocated powers within the computer system, which are significantly greater than those available to the majority of users. Such persons will include, for example, the system administrator(s) and Network administrator(s) who are responsible for keeping the system available and may need powers to create new user profiles as well as add to or amend the powers and access rights of existing users. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection a) Privileged Users Privilege and programs also can be assigned to roles. In this way, a user can take a role that enables a privilege. Users are assigned roles or can take roles based on passwords This principle is adding from least privilege call role-based access control (RBAC) 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection b) Access Control An internal (to OS) protection mechanism. One form of access control is seen in CPU instructions that may only be executed in supervisor mode, which usually amounts to within the kernel. The division of virtual memory into kernel and user parts is also a form of access control. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection b) Access Control Access control plays an important role at the administrative level too. The well-aged Access Matrix model is basis for several access control mechanisms. In this model: Objects: resources (for example, hardware devices, data files, etc.) that need access control (that is, must be accessed in a protected fashion) Subjects: active entities (for example, user processes) that access objects Rights: operations (such as enable, disable, read, write, execute, etc.) on objects are represented by access rights 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 1) Buffer overflow protection 2) Data execution Protection 3) Kernel Patch Protection 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 1) Buffer overflow protection A buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 1) Buffer overflow protection Buffer overflow protection is used to detect the most common buffer overflows by checking that the stack has not been altered when a function returns. If it has been altered, the program exits with a segmentation fault. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 1) Buffer overflow protection Some of Buffer of the buffer overflow protection are: Use of safe libraries - Avoid using standard library functions which are not bounds checked, such as gets, scanf and strcpy. Use Canaries - Canaries or canary words are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, the first data to be corrupted will be the canary, and a failed verification of the canary data is therefore an alert of an overflow, which can then be handled, for example, by invalidating the corrupted data 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 2) Data Execution Protection (DEP) A security feature included in modern operation systems. It is available in Linux, Mac OS X and the newer Microsoft Windows OS Intended to prevent an application or service from executing code from a non-executable memory region. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 2) Data Execution Protection (DEP) This helps prevent certain exploits that store code via a buffer overflow. For example, DEP runs in two modes: hardware-enforced DEP for CPUs that can mark memory pages as non-executable, and software-enforced DEP with a limited prevention for CPUs that do not have hardware support. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 2) Data Execution Protection (DEP) DEP modes includes: Opt-In - Process must explicitly decide to enabled DEP Opt-Out - Every process is protected unless explicitly decides to disable DEP Always On - All process are always protected and can’t be disabled Always Off - Disable DEP for everything 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 3) Kernel Patch Protection Kernel Patch Protection (KPP), informally known as PatchGuard, is a feature of x64 editions of Microsoft Windows that prevents patching the kernel. It was first introduced in 2005 with the x64 editions of Windows XP and Windows Server 2003 Service Pack 1. 4.0 OS INTERNAL PROTECTION AND SECURITY 4.2 Basic Resource Protection c) CPU and Memory Protections 3) Kernel Patch Protection "Patching the kernel" refers to unsupported modification of the central component or kernel of the Windows operating system. Such modification has never been supported by Microsoft because it can greatly reduce system security and reliability. However, though Microsoft does not recommend it, it is technically possible to patch the kernel on x86 editions of Windows. But with the x64 editions of Windows, Microsoft chose to implement technical barriers to kernel patching.