Transcript SAM-2
Fortress Model and Defense in Depth Some revision on Computer Architecture SAM-2 1 Revision on Computer Architecture • Central Processing Unit – Arithmetic Logic Unit – Control Unit • Primary Storage • Secondary Storage • Cache Memory • Paging SAM-2 2 Revision on Computer Architecture • Process: a program run in its own address space • Thread: a piece of a program inside a process for a certain task, often called a light weight process • A thread has less overhead than a process, it is faster to create, to switch to, and destroy SAM-2 3 Revision on Computer Architecture • Multi-tasking – A number of programs can be loaded into a computer’s memory and they would be executed by time-slicing of the CPU • Multi-processing – The computer has more than one CPU and can execute more than one program at the same time SAM-2 4 Revision on Computer Architecture • Multi-threading – A style of programming that allows many separate threads of control inside one process. The execution of tasks are easily switched within the process to give more efficient use of the CPU – Must be supported by the OS – Improper use can lead to deadlock SAM-2 5 Revision on Computer Architecture Virtual Machine • An environment created by the OS, in which an application can run and behave as if it had an entire machine all to itself. Windows can have multiple applications running in their own separate virtual machines at the same time. • Problem in the virtual machine would not bring down the whole computer SAM-2 6 Revision on Computer Architecture • Operating state of a processor – Ready state – Supervisory state – Problem state – Wait state SAM-2 7 Fortress Model • Watch towers to detect threat • Protection by: – Moat – Outer Wall – Inner Wall of Keep • Draw bridge and Gate – controlled access • Weapons to fight back? SAM-2 8 Fortress Model for IS • Give only authorized access • Set up zones of security – Defense in depth – Layer system • Anyone outside the gate is suspected • Anyone inside is trusted??? SAM-2 9 Design of Computer to give more security • Protection rings of CPU or/and OS • Segmented memory • File permission SAM-2 10 Protection Ring • • • • Protection and access mechanism of CPU First developed in Multics A ring field in the register is used Ring 0 is most privileged, lower-numbered rings have more privileges than highernumber rings • Multics has 8 rings SAM-2 11 Protection Rings of Multics 0 1 2 3 4 5 6 7 |_______________| Write Bracket |______________________________________________| Read Bracket SAM-2 12 Protection Rings • They provide strict boundaries and definitions on what the processes that work within the ring can access and what commands that can successfully execute • A process can access objects within its own ring and other objects in the outer rings SAM-2 13 Protection Rings • If a process has to use an object in an inner ring it has to make request through the operation system by making a system call • Inner rings are said to work in the supervisor mode, and outer rings in the user mode SAM-2 14 Protection Rings • X86 CPU can have 4 rings • Ring 0 – Operating system kernel • Ring 1 - Remaining part of the operating system • Ring 2 – I/O drivers and utilities • Ring 3 – Applications and programs SAM-2 15 Protection Rings • Most processors use only two rings: – Supervisor – User • Processes run by the supervisor/kernel are trusted, they can access the device I/O • Processes run by the users are not trusted, they can only access the device I/O through system call to the kernel SAM-2 16 Segmented Memory • Most current CPU are multi-tasking • A number of programs can be loaded to the memory first • CPU is shared by executing one program in one instant and then switch to another program in another instant • How to protect the memory space of the processes? SAM-2 17 Segmented Memory • Memory is partitioned into segments • Each segment created in virtual memory associated with a process • Each segment memory defined by segment address and offset address • Control of segment with flags: read, write, execute etc. and according to the access right of the process SAM-2 18 Segmented Memory • It provides isolation of memory space of processes • It protects memory from unauthorized access SAM-2 19 File Permission (UNIX) • Users divided into 3 classes to access files and directories • User (u) – The user is the owner of the file, usually the person who created it initially. • Group (g) – All users are assigned one or more user groups. Therefore, there is also a group ownership associated with each file. • Other (o) – All users other than the owner of the file or a member of the file's group SAM-2 20 Security Controls Administrative Physical Technical SAM-2 21 Security Controls SAM-2 22 Protection Rings for Physical Security • Ring1 – Areas on the perimeter of the building • Ring 2 – Immediate area around the building • Ring 3 – Internal location of the building • Ring 4 – Human factor SAM-2 23 Defense in Depth IT Infrastructure • Perimeter defense – Firewall, IDS etc • Network Infrastructure protection – Sub-netting, packet filtering • Host defense – Authentication, system hardening • Data Security – File permission, data encryption SAM-2 24 Defense in Depth for the Home User SAM-2 25 Examples of Defense in Depth • firewalls (more than one between important data and the Internet) • tripwire for host integrity • host hardening to shut down unneeded services • anti-virus protection for email and vulnerable hosts • preventative scanning for vulnerabilities SAM-2 26 Administrative Controls • • • • • • • Clearance and Access Rights Segregation of duties Mutual checking Audit trail Username and Password Training Awareness SAM-2 27 Security is always an attitude SAM-2 28