Chapter 9, Security Modern Operating Systems by

Download Report

Transcript Chapter 9, Security Modern Operating Systems by

Chapters 9 & 10,
Modern Operating Systems
by A. S. Tanenbaum
IA 705, Prof. Brown, Spring 2003
Group E
IA705, Spring 2003
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
1
Chapter 9, UNIX & Linux
Modern Operating Systems
by A. S. Tanenbaum
Group E
IA705, Spring 2003
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
2
Jose Paloschavez
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
3
The Security Environment
• Threats
• Intruders
• Accidental Data Loss
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
4
Basics of Cryptography
•
•
•
•
Secret-Key Cryptography
Public-Key Cryptography
One-Way Functions
Digital Signatures
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
5
Authentication Using Passwords
•
•
•
•
Authentication Using Passwords
Authentication Using a Physical Object
Authentication Using Biometrics
Countermeasures
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
6
Matt Troxler
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
7
Attacks from the Inside
•
•
•
•
•
Trojan Horses
Login Spoofing
Logic Bombs
Trap Doors
Buffer Overflow
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
8
Design Principles for Security
• Public Design - easier to service.
• Default = Deny Access - easier to trace
errors.
• Check access occasionally, not just a login
or file open procedure
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
9
Design Principles Cont’d
• Minimal permissions for all users/processes.
• Ease of use - difficult interfaces usually
result in wide-open environments.
• Keep it simple - Tight and efficient code is
easy to review and lock down.
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
10
External Attacks (Viruses)
How they function
• “Dropper” tool is used to deploy a virus
• Infected file is distributed (preferably
publicly)
• Users go get (or receive unknowingly) and
install the infected file
• Payload of the file runs, does whatever the
virus does
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
11
Classifications of Viruses
• Companion virus - runs
in place of a legitimate
file
• Executables - virus code
imbeds itself in another
.exe (overwriting)
• Parasitic viruses overwriting, but the
original files still work
after infection.
• Cavity virus - virus
embeds itself in unused
portions of legit. files
• Memory Resident - Lives
in memory, little disk
activity
• Boot Sector - lives at the
first sector of the HDD
• Device Driver - gets
loaded as a legit. file in
kernel mode
• Macro - attached to a file
that appears innocent
• Source Code - requires
some knowledge of
programming
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
12
How Viruses Spread
• Downloads
• Email
• Storage Space (fixed or removable disks,
memory, etc.)
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
13
Antivirus and Anti-Antivirus…
and so on…
• Date hiding – Date
disguising – Parent
folder…
• Size hiding –
Compression
• Bitwise hiding –
Look for decryption
routine/key
Polymorphic
– Look for
morphing
routine code
Checksums
– Delete or
overwrite –
Encrypt
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
14
Securing Mobile Code
• Sandboxing
• Interpretation
• Code
• Java Security
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
15
Protection Mechanisms
• Protection Domains
• Access Control Lists
• Capabilities
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
16
Trusted Systems and Multilevel
Security
•
•
•
•
•
Trusted Computing Base
Formal Models
Bell-La Padula Model
Biba Model
Orange Book
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
17
Covert Channels
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
18
Chapter 10, UNIX & Linux
Modern Operating Systems
by A. S. Tanenbaum
Group E
IA705, Spring 2003
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
19
Jim Boggs
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
20
History
•
•
•
•
•
•
UNICS
PDP-11 UNIX & Portable UNIX
Berkeley UNIX
Standard UNIX & POSIX
MINIX
Linux
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
21
Overview of UNIX
UNIX Goals & Interfaces
• Goals
– Handle Multiple Processes & Users
– Design Principles
• Interfaces
User Interface
Library Interface
System Call Interface
Users
Utility Programs
Standard Library
UNIX OS
Hardware
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
User Mode
Kernel Mode
22
Overview of UNIX
UNIX Shell & Utility Programs
• Shell
–
–
–
–
Ordinary program providing command line interface
Standard input/output
Flexibility (wild cards, standard I/O,flags, pipes)
Shell Scripts
• Utility Programs
–
–
–
–
File & Directory Commands
Filters
Development Tools & Text Processing
System Administration
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
23
Overview of UNIX
Kernel Structure
• Simplified Kernel Drawing Here
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
24
Processes in UNIX
Concepts and Process Management
• Active Entities are Processes
–
–
–
–
Foreground & Background
Parent & Child
ID for Each
Single & Multiple Threads
• Process Management System Calls
– Means for Processes to Communicate
– Based on POSIX
– Examples
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
25
Processes in UNIX
Implementation
• Process Table
–
–
–
–
Scheduling Parameters
Memory Image
Signals
Miscellaneous
• Use Structure
–
–
–
–
–
Machine Registers
System Call State
File Descriptor
Accounting
Kernel Stack
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
26
Processes in UNIX
Threads
• UNIX
– Supported in Kernel, but Process-oriented
– Difficult Thought Process in Using Multiple Threads
• Fork & other Examples
• Linux
–
–
–
–
Kernel-oriented
Clone
Detailed Sharing
Non-portability
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
27
Processes in UNIX
Scheduling
• UNIX
– Designed for Response to Interactive Processes
– Process-oriented Queue Management
– Get Processes Rapidly out of the Kernel
• Linux
– Thread-oriented
– Classes of Linux Threads
• Real-time FIFO
• Real-time Round Robin
• Timesharing
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
28
Processes in UNIX
Booting UNIX
•
•
•
•
Get Kernel Running
Set Message Buffer
Allocate Kernel Data Structure
System Configuration (drivers)
– Static Links
– Dynamic Loads
• Begin Process 0
• Init
• Login
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
29
Memory Management in UNIX
Concepts
•
•
•
•
Text Segment
Data Segment
Stack Segment
Space Saving Techniques
– Shared Text Segments
– Memory-mapped Files
• No POSIX System Calls
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
30
Memory Management in UNIX
Implementation in UNIX
• Swapping
– Early Concept
– Moving Process from Memory to Disk
– Moving Process from Disk to Memory
• Paging
– Entire Process Need Not be in Memory
– Kernel and Paging Daemon
– Replacement Algorithm
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
31
Memory Management in UNIX
Implementation in Linux
•
•
•
•
•
Default Allocation to each Process
Copy-on-Write
Three-level Paging
Kernel is Never Paged Out
Buddy Algorithm
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
32
John Lagas
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
33
I/O in UNIX
Concepts
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
34
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
35
UNIX File System
Concepts
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
36
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
37
Security in UNIX
Concepts
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
38
J. Paloschavez, M. Troxler, J. Boggs,
J. Lagas Chapters 9 & 10 IA705
39