Transcript SAM-2

Fortress Model and
Defense in Depth
Some revision on
Computer Architecture
SAM-2
1
Revision on Computer Architecture
• Central Processing Unit
– Arithmetic Logic Unit
– Control Unit
• Primary Storage
• Secondary Storage
• Cache Memory
• Paging
SAM-2
2
Revision on Computer Architecture
• Process: a program run in its own address
space
• Thread: a piece of a program inside a
process for a certain task, often called a
light weight process
• A thread has less overhead than a process,
it is faster to create, to switch to, and
destroy
SAM-2
3
Revision on Computer Architecture
• Multi-tasking
– A number of programs can be loaded into a
computer’s memory and they would be
executed by time-slicing of the CPU
• Multi-processing
– The computer has more than one CPU and
can execute more than one program at the
same time
SAM-2
4
Revision on Computer Architecture
• Multi-threading
– A style of programming that allows many
separate threads of control inside one
process. The execution of tasks are easily
switched within the process to give more
efficient use of the CPU
– Must be supported by the OS
– Improper use can lead to deadlock
SAM-2
5
Revision on Computer Architecture
Virtual Machine
• An environment created by the OS, in
which an application can run and behave
as if it had an entire machine all to itself.
Windows can have multiple applications
running in their own separate virtual
machines at the same time.
• Problem in the virtual machine would not
bring down the whole computer
SAM-2
6
Revision on Computer Architecture
• Operating state of a processor
– Ready state
– Supervisory state
– Problem state
– Wait state
SAM-2
7
Fortress Model
• Watch towers to detect threat
• Protection by:
– Moat
– Outer Wall
– Inner Wall of Keep
• Draw bridge and Gate – controlled access
• Weapons to fight back?
SAM-2
8
Fortress Model for IS
• Give only authorized access
• Set up zones of security
– Defense in depth
– Layer system
• Anyone outside the gate is suspected
• Anyone inside is trusted???
SAM-2
9
Design of Computer to
give more security
• Protection rings of CPU or/and OS
• Segmented memory
• File permission
SAM-2
10
Protection Ring
•
•
•
•
Protection and access mechanism of CPU
First developed in Multics
A ring field in the register is used
Ring 0 is most privileged, lower-numbered
rings have more privileges than highernumber rings
• Multics has 8 rings
SAM-2
11
Protection Rings of Multics
0
1
2
3
4
5
6
7
|_______________|
Write Bracket
|______________________________________________|
Read Bracket
SAM-2
12
Protection Rings
• They provide strict boundaries and
definitions on what the processes that
work within the ring can access and what
commands that can successfully execute
• A process can access objects within its
own ring and other objects in the outer
rings
SAM-2
13
Protection Rings
• If a process has to use an object in an
inner ring it has to make request through
the operation system by making a system
call
• Inner rings are said to work in the
supervisor mode, and outer rings in the
user mode
SAM-2
14
Protection Rings
• X86 CPU can have 4 rings
• Ring 0 – Operating system kernel
• Ring 1 - Remaining part of the operating
system
• Ring 2 – I/O drivers and utilities
• Ring 3 – Applications and programs
SAM-2
15
Protection Rings
• Most processors use only two rings:
– Supervisor
– User
• Processes run by the supervisor/kernel
are trusted, they can access the device I/O
• Processes run by the users are not trusted,
they can only access the device I/O
through system call to the kernel
SAM-2
16
Segmented Memory
• Most current CPU are multi-tasking
• A number of programs can be loaded to
the memory first
• CPU is shared by executing one program
in one instant and then switch to another
program in another instant
• How to protect the memory space of the
processes?
SAM-2
17
Segmented Memory
• Memory is partitioned into segments
• Each segment created in virtual memory
associated with a process
• Each segment memory defined by
segment address and offset address
• Control of segment with flags: read, write,
execute etc. and according to the access
right of the process
SAM-2
18
Segmented Memory
• It provides isolation of memory space of
processes
• It protects memory from unauthorized
access
SAM-2
19
File Permission (UNIX)
• Users divided into 3 classes to access files and
directories
• User (u)
– The user is the owner of the file, usually the
person who created it initially.
• Group (g)
– All users are assigned one or more user
groups. Therefore, there is also a group
ownership associated with each file.
• Other (o)
– All users other than the owner of the file or a
member of the file's group
SAM-2
20
Security Controls
Administrative
Physical
Technical
SAM-2
21
Security Controls
SAM-2
22
Protection Rings for
Physical Security
• Ring1 – Areas on the perimeter of the
building
• Ring 2 – Immediate area around the
building
• Ring 3 – Internal location of the building
• Ring 4 – Human factor
SAM-2
23
Defense in Depth
IT Infrastructure
• Perimeter defense
– Firewall, IDS etc
• Network Infrastructure protection
– Sub-netting, packet filtering
• Host defense
– Authentication, system hardening
• Data Security
– File permission, data encryption
SAM-2
24
Defense in Depth
for the Home User
SAM-2
25
Examples of Defense in Depth
• firewalls (more than one between
important data and the Internet)
• tripwire for host integrity
• host hardening to shut down unneeded
services
• anti-virus protection for email and
vulnerable hosts
• preventative scanning for vulnerabilities
SAM-2
26
Administrative Controls
•
•
•
•
•
•
•
Clearance and Access Rights
Segregation of duties
Mutual checking
Audit trail
Username and Password
Training
Awareness
SAM-2
27
Security is always an
attitude
SAM-2
28