Security and Operating Systems
[Pages:43]Security and Operating Systems Security and Operating Systems What is Security? Internal Roles Protecting Whom?
Authentication
Attacks and Defenses
Certified Systems
Logging
It's the Application
Security and Operating Systems
1 / 38
Security and Operating Systems
Security and Operating Systems Security and Operating Systems What is Security? Internal Roles Protecting Whom?
Authentication
Attacks and Defenses
Certified Systems
Logging
It's the Application
s What is operating system security? s How do operating systems contribute to
system security? s Alternatively, if we're trying to develop a
secure system, what do we demand of the OS? s Today's lecture concentrates on what the OS
can/should/does do
2 / 38
What is Security?
Security and Operating Systems Security and Operating Systems What is Security? Internal Roles Protecting Whom?
Authentication
Attacks and Defenses
Certified Systems
Logging
It's the Application
s Informal: Security is keeping unauthorized entities from doing things you don't want them to do.
s More formal: Confidentiality, integrity, availability
s What is the operating system's role?
3 / 38
Internal Roles
Security and Operating Systems Security and Operating Systems What is Security? Internal Roles Protecting Whom?
Authentication
Attacks and Defenses
Certified Systems
Logging
It's the Application
s We've discussed a lot of internal features: privileged mode, memory protection, file access permissions, etc.
s What do these accomplish? s What is the real goal?
4 / 38
Protecting Whom?
Security and Operating Systems Security and Operating Systems What is Security? Internal Roles Protecting Whom?
Authentication
Attacks and Defenses
Certified Systems
Logging
It's the Application
s Internal features protect the operating system against users
s This necessary but not sufficient s File permissions protect users (and the OS)
against other users s Again, this is necessary but not sufficient
5 / 38
User Authentication
Security and Operating Systems
Authentication User Authentication Something You Know: Passwords Hashed Passwords Challenge/Response Authentication THe Human Element Something You Have: Tokens Something You Are: Biometrics
Attacks and Defenses
Certified Systems
Logging
It's the Application
s File permissions are based on user identity, which is based on authentication
s How does an OS authenticate users? s Many methods: something you know,
something you have, something you are
6 / 38
Something You Know: Passwords
Security and Operating Systems
Authentication User Authentication Something You Know: Passwords Hashed Passwords Challenge/Response Authentication THe Human Element Something You Have: Tokens Something You Are: Biometrics
Attacks and Defenses
Certified Systems
Logging
It's the Application
s Very common s Very easily guessed s Originally stored in plaintext, but that's a very
bad idea s Today, passwords are usually stored hashed s However -- some network authentication
schemes, such as challenge/response, require plaintext (or equivalent)
7 / 38
Hashed Passwords
Security and Operating Systems
Authentication User Authentication Something You Know: Passwords Hashed Passwords Challenge/Response Authentication THe Human Element Something You Have: Tokens Something You Are: Biometrics
Attacks and Defenses
Certified Systems
Logging
It's the Application
s Store f (PW), where f is not invertible s When user enters PW, calculate f (PW) and
compare s To guard against precomputation attacks,
assign a random salt at password change time and store salt, f (PW,salt) s Attackers can still run password-guessing programs, so most operating systems use access control to protect the hashed passwords
8 / 38
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- security and operating systems
- chapter 5 system software operating systems and
- oem software licensing rules restrictions
- operating systems university of cambridge
- chapter 6 operating systems ftms
- powerpoint presentation operating systems
- operating system installation guidelines
- navigating the windows operating system
- operating systems pc mac
- installation prerequisites texas
Related searches
- management philosophy and operating style
- computer and information systems managers
- social security and working after age 66
- social security and working after 62
- computer operating systems ppt
- operating systems william stallings pdf
- heating and cooling systems prices
- free operating systems for computers
- owning and operating atm machines
- evolution of operating systems pdf
- free operating systems 32 bit
- operating systems downloads