26-03-2012, 04:05 PM
OPERATING SYSTEMS SECURITY
Section15-Security.ppt (Size: 626 KB / Downloads: 53)
SECURITY
SECURITY ISSUES:
External protection of a system. A classified site goes to extraordinary lengths to keep things physically tight. Among the issues to be considered:
Unauthorized access Mechanism assuring only authorized individuals see classified materials.
Malicious modification or destruction
Accidental introduction of inconsistency.
Authentication How do we know the user is who she says she is. Can have passwords on domains.
Viruses
Code fragment embedded in legitimate program
Very specific to CPU architecture, operating system, applications
Usually borne via email or as a macro
Visual Basic Macro to reformat hard drive
System And Network Threats
Worms – use spawn mechanism; standalone program
Internet worm
Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs. (See next slide)
Grappling hook program uploaded main worm program
Port scanning
Automated attempt to connect to a range of ports on one or a range of IP addresses
Denial of Service
Overload the targeted computer preventing it from doing any useful work
Distributed denial-of-service (DDOS) come from multiple sites at once
DEFINITIONS:
Cryptosystems are either Conventional or Public Key
Conventional is symmetric; Ke = Kd , so the key must be kept secret. Algorithms are simple to describe, but complex in the number of operations.
Public key is asymmetric; Ke != Kd , so Ke can be made public. Kd is secret and can't easily be derived from Ke .
Security against attack is either:
Unconditionally secure - Ke can't be determined regardless of available computational power.
Computationally secure: - calculation of Kd is economically unfeasible ( it would overwhelm all available computing facilities.)
The only known unconditionally secure system in common use!
Involves a random key that has the same length as the plain text to be encrypted.
The key is used once and then discarded. The key is exclusively OR'd with the message to produce the cypher.
Given the key and the cypher, the receiver uses the same method to reproduce the message.