CH4 - OS Internal Protection & Security

CSC204
PRACTICAL APPROACH OF
OPERATING SYSTEM
Chapter 4: OS Internal Protection

and Security
4.0 OS INTERNAL PROTECTION
AND SECURITY
4.1 User Authentication

4.2 Basic Resource Protection
OVERVIEW
● 4.1.1 User Authentication
● 4.1.1.1 What you create (software) – Passwords,
PIN, UserID
● 4.1.1.2 What you have (hardware) - Tokens i.e.
(physical) key, smartcard, ATM card, credit card
● 4.1.1.3 What you are (user: Biometrics) –
fingerprint, retina, iris, hand, face, voice
OVERVIEW
● 4.2.1 Privileged Users
● 4.2.2 Access Control
● 4.2.3 CPU and Memory Protections
● 4.2.3.1 Buffer Overflow Protection
● 4.2.3.2 Data Execution Protection
● 4.2.3.3 Kernel Patch Guard
4.0 OS INTERNAL PROTECTION AND
SECURITY
What is Protection ?? Security ???
1) Protection:
 The mechanisms that can be used to control access
to various resources
2) Security:
 A measure of confidence that the integrity of a
system and its data will be preserved
 Includes a well-specified threat description and
policies for how to configure internal and external
protection mechanisms to deal with that threat
SECURITY
 Security must consider external environment of the
system, and protect the system resources
 Intruders (crackers) attempt to breach or attack
security
 Threat is potential security violation
 Attack can be accidental or malicious
 Easier to protect against accidental than malicious
misuse
SECURITY
 Multiprogramming involves the sharing of many
resources, including processor, memory, I/O devices,
programs, and data.
 Protection of such resources runs along the following
spectrum:
 Share all or nothing implies that an object is either totally
private or totally public.
 Share via access limitation implies that different entities enjoy
different levels of access to an object, at the gift of the owner.
 Limit use of an object implies that not only is access to the
object controlled, the use to which it may be put also varies
across entities
SECURITY
Protection goals
 Operating system consists of a collection of objects,
hardware or software
 Each object has a unique name and can be accessed
through a well-defined set of operations.
 So, the goals of protection are:
a) t0 ensure that each object is accessed correctly and
only by those processes that are allowed to do so
b) To prevent mischievous, intentionally violation of an
access restriction by a user
SECURITY
OS Protection and Security
 Computer protection and security mechanisms
provided by an operating system must address the
following requirements:
a) Confidentiality: (or privacy) the requirement that
information maintained by a computer system be
accessible only by authorized parties.
b) Integrity: the requirement that a computer system’s
resources can be modified only by authorized
parties.
SECURITY
OS Protection and Security
c) Availability: the requirement that a computer
system be accessible at required times by
authorized parties.
d) Authenticity: the requirement that a computer
system can verify the identity of a user.
SECURITY
 Authentication is the process of determining
whether someone or something is, in fact, who or
what it is declared to be.
 Example of authentication:
a) File permissions are based on user identity, which is
based on authentication
b) OS authenticates users by many methods:
something you know, something you have,
something you are
c) In private and public computer networks (including
the Internet), authentication is commonly use
through the logon passwords.
SECURITY
 Methods for authentications:-
a) What you create (software) - password,
UserID, PIN
b) What you have (hardware) - Tokens i.e.
(physical) key, smartcard, ATM card, credit
card
c) What you are (user) – Biometrics i.e.
fingerprint, retina, iris, hand, face, voice
SECURITY
a) What you create (software) - Password
 A password is a secret word or string of
characters that is used for authentication, to
prove identity or gain access to a resource
 Very common
 Originally stored in plaintext, but that’s a very
bad idea
 Today, passwords are usually stored hashed
 However — some network authentication
schemes, such as challenge/response, require
plaintext (or equivalent)
SECURITY
 Weaknesses (vulnerabilities) of password
are:
a) Password can be bruteforced (trying all
possible combinations)
b) Password can be exposed as a result of
visual (shoulder surfing), password
written down and electronic monitoring
(sniffing)
SECURITY
3.4.1 User Authentication
 Weaknesses (vulnerabilities) of password
are:
c) User selected password is easier to guessed
(use encrypted password)
d) System generated password is difficult to
remember (can be forgotten)
SECURITY
 Overcome Password Vulnerabilities
1) Password Encryption - To avoid
password guessing (eg. Unix /etc/shadow
file)
2) Single sign-on - With this property a user

logs in once and gains access to all
systems without being prompted to log
in again at each of them.
SECURITY
 Overcome Password Vulnerabilities
3) Keep password in a token - users need
not to remember their passwords and
therefore can select more secure
passwords, or have more secure
passwords assigned
4) One-time password - a password that is

valid for only one login session or
transaction
SECURITY
b) What you have (hardware) – Token
 A security device given to authorized users
who keep them in their possession.
 To log in to the network, the security "card"
or "token" may be read directly like a credit
card, or it may display a changing number
that is typed in as a password.
 Tokens may also plug directly into the
computer via a USB port
SECURITY
 Security tokens are used to prove one's
identity electronically (as in the case of a
customer trying to access their bank
account).
 The token is used in addition to or in place
of a password to prove that the customer is
who they claim to one login session or
transaction
SECURITY
 Token types are:
1) Disconnected token
2) Connected token
3) Contactless token
SECURITY
1) Disconnected token
 Neither a physical nor logical connection to
the client computer.
 Typically use a built-in screen to display the
generated authentication data, which the
user enters manually themselves via a
keyboard or keypad.
 Disconnected tokens are the most common
type of security token used (usually in
combination with a password) in two-factor
authentication for online identification
SECURITY
2) Connected token
 Must be physically connected to the client
computer.
 Automatically transmit the authentication
info to the client computer once a physical
connection is made
 Appropriate input device must be installed
to use this token
 Common types of this tokens are smart
cards and USB tokens, which require a
smart card reader and a USB port
SECURITY
2) Connected token
 Must be physically connected to the client
computer.
 Automatically transmit the authentication
info to the client computer once a physical
connection is made
 Appropriate input device must be installed
to use this token
 Common types of this tokens are smart
cards and USB tokens, which require a
smart card reader and a USB port
SECURITY
3) Contactless token
 Form a logical connection to the client
computer but do not require a physical
connection.
 More convenient than both connected
and disconnected tokens.
 A popular choice for keyless entry
systems and electronic payment
solutions which uses RFID to transmit
authentication info from a keychain
SECURITY
c) What you are (user) – Biometrics
 Method for uniquely recognizing humans
based upon one or more intrinsic physical
or behavioral traits
 For example, fingerprint readers:
 Read finger ridge patterns and convert them into
sequence of numbers.
 Then they store a set of sequence to adjust the
location of the finger on the pad.
 A software use to scan a finger on the pad and
compare its features with these stored sequences
to determine if they match.
SECURITY
c) What you are (user) – Biometrics
 Biometric characteristics can be divided in 2
classes:
1) Physiological are related to the shape of the body.
Examples include, but are not limited to
fingerprint, face recognition, DNA, Palm print,
hand geometry, iris recognition
2) Behavioral are related to the behavior of a person.
Examples include, but are not limited to typing
rhythm, gait, and voice.
 Combination of multiple methods (multi-

factor authentication).
SECURITY
a) Privileged Users
 A user who has been allocated powers within
the computer system, which are significantly
greater than those available to the majority of
users.
 Such persons will include, for example, the
system administrator(s) and Network
administrator(s) who are responsible for
keeping the system available and may need
powers to create new user profiles as well as
add to or amend the powers and access rights
of existing users.
SECURITY
a) Privileged Users
 Privilege and programs also can be
assigned to roles. In this way, a user can
take a role that enables a privilege.
 Users are assigned roles or can take roles
based on passwords
 This principle is adding from least privilege
call role-based access control (RBAC)
SECURITY
b) Access Control
 An internal (to OS) protection mechanism.
 One form of access control is seen in CPU
instructions that may only be executed in
supervisor mode, which usually amounts to
within the kernel.
 The division of virtual memory into kernel
and user parts is also a form of access
control.
SECURITY
b) Access Control
 Access control plays an important role at the
administrative level too.
 The well-aged Access Matrix model is basis for
several access control mechanisms. In this model:
 Objects: resources (for example, hardware devices,
data files, etc.) that need access control (that is, must
be accessed in a protected fashion)
 Subjects: active entities (for example, user processes)
that access objects
 Rights: operations (such as enable, disable, read, write,
execute, etc.) on objects are represented by access
rights
SECURITY
c) CPU and Memory Protections
1) Buffer overflow protection
2) Data execution Protection
3) Kernel Patch Protection
SECURITY
 A buffer overflow, or buffer overrun, is an
anomaly where a program, while writing
data to a buffer, overruns the buffer's
boundary and overwrites adjacent memory.
 Buffer overflows can be triggered by inputs
that are designed to execute code, or alter
the way the program operates.
 This may result in erratic program behavior,
including memory access errors, incorrect
results, a crash, or a breach of system
SECURITY
 Buffer overflow protection is used to detect
the most common buffer overflows by
checking that the stack has not been altered
when a function returns.
 If it has been altered, the program exits with
a segmentation fault.
SECURITY
 Some of Buffer of the buffer overflow protection are:
 Use of safe libraries - Avoid using standard library
functions which are not bounds checked, such as
gets, scanf and strcpy.
 Use Canaries - Canaries or canary words are
known values that are placed between a buffer
and control data on the stack to monitor buffer
overflows.
 When the buffer overflows, the first data to be
corrupted will be the canary, and a failed
verification of the canary data is therefore an
alert of an overflow, which can then be handled,
for example, by invalidating the corrupted data
SECURITY
2) Data Execution Protection (DEP)
 A security feature included in modern
operation systems.
 It is available in Linux, Mac OS X and the
newer Microsoft Windows OS
 Intended to prevent an application or service
from executing code from a non-executable
memory region.
SECURITY
 This helps prevent certain exploits that store
code via a buffer overflow.
 For example, DEP runs in two modes:
hardware-enforced DEP for CPUs that can mark
memory pages as non-executable, and
software-enforced DEP with a limited
prevention for CPUs that do not have hardware
support.
SECURITY
 DEP modes includes:
 Opt-In - Process must explicitly decide to
enabled DEP
 Opt-Out - Every process is protected
unless explicitly decides to disable DEP
 Always On - All process are always
protected and can’t be disabled
 Always Off - Disable DEP for everything
SECURITY
 Kernel Patch Protection (KPP), informally
known as PatchGuard, is a feature of x64
editions of Microsoft Windows that prevents
patching the kernel.
 It was first introduced in 2005 with the x64
editions of Windows XP and Windows Server
2003 Service Pack 1.
SECURITY
 "Patching the kernel" refers to unsupported
modification of the central component or kernel
of the Windows operating system. Such
modification has never been supported by
Microsoft because it can greatly reduce system
security and reliability.
 However, though Microsoft does not
recommend it, it is technically possible to patch
the kernel on x86 editions of Windows. But with
the x64 editions of Windows, Microsoft chose to
implement technical barriers to kernel patching.

CH4 - OS Internal Protection & Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CH4 - OS Internal Protection & Security

Uploaded by

Copyright:

Available Formats

CSC204

Chapter 4: OS Internal Protection

4.1 User Authentication

2) Single sign-on - With this property a user

4) One-time password - a password that is

 Combination of multiple methods (multi-

You might also like

CH4 - OS Internal Protection &amp; Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CH4 - OS Internal Protection &amp; Security

Uploaded by

Copyright:

Available Formats

CSC204

Chapter 4: OS Internal Protection

4.1 User Authentication

2) Single sign-on - With this property a user

4) One-time password - a password that is

 Combination of multiple methods (multi-

You might also like

CH4 - OS Internal Protection & Security

CH4 - OS Internal Protection & Security