See UNISA – Summary of 2010 Posts for a list of related UNISA posts. this post we briefly investigate memory management. If you are not studying at UNISA you should probably give this materials summary post a miss 🙂
Last time we looked at the file system and associated interface… today we peek into an important topic … security.
Protection versus Security
Protection controls the access of programs, processes or users to resources of a computer system, while security ensures the authentication of system users to enforce integrity.
The domain of protection defines the resources that may be accessed by a process. The association between the domain and the process can be static (fixed for process lifetime) or dynamic. The domain could be bound to a user, process or procedure, which defines a coarse to granular protection scheme.
… three protection domains, two of which overlap.
… access matrix is a visualization technique of protection models. Each row represents a domain and the columns objects. The rights vary from read, write, execute, switch (from one domain to another), to owner (which allows assigning of rights to domain for owned resource (column).
An access list defines a list of objects with nonempty set of access rights for an object. A capability list defines a list of objects and the operations allowed on the objects, whereby the operating ensures that the list can only be accessed indirectly by the user.
Another much more granular approach is to allow language-based protection. The following extract is from the security quick reference poster “0026 Security” from www.saarchitect.net and shows some of the Microsoft .NET language based security features:
Some of the common threats include …
- Trojan Horse … hiding and executing code in domains they really should not be present in.
- Trap Door … leaving a hole in systems that can be exploited later.
- Stack and Buffer Overflow … the most common of all threat, which the stack is manipulated to point to an unfortunate and unexpected piece of code.
- Viruses … illegitimate code embedded in legitimate code, aimed at introducing chaos, annoyance and in some cases damage. If I have one wish, it is to catch all hackers and virus developers, send them to the moon and have them undo all the damage, wasted time and energy, which we could invest far more intelligently.
- Worms … just like the a tapeworm, this program is designed to replicate and spawn to ravage systems.
- Port Scanning … scan the ports and determine capabilities and potential holes.
- Denial of Service … taking over a system and denying access to others.
Two useful “Esels Bruecken” …
- Spoofing … replay authentication packets
- Tampering … change data
- Repudiation … do something, then deny it
- Information disclosure … disclosing details in error messages
- Denial of service … flood a network
- Elevation of privilege … Exploit buffer overruns to gain system privileges)
- DREAD … thread ranking
- Damage potential
- Affected users
Symmetric encryption is focused on protecting data and ensuring that only a receiver processing a shared (symmetric) key can read the message. The main challenge is to secure the shared key and to exchange the key securely.
Asymmetric encryption has the same objective as symmetric encryption, by using different (asymmetric) encryption and decryption keys. The data is encrypted using the public key and decrypted using the private key.
The most common method of authenticating a user is through the use of a username and a password. The main vulnerability is the need for users to write down passwords to be in a position to remember the numerous and often cryptic passwords they are assigned in the binary world. There are numerous strategies, like never expiring passwords, expiring passwords, one-time passwords, passwords and pin (two-factor authentication) and code book with one-time passwords.
Another option, finding common adoption, is the use of biometrics, such as palm, hand or fingerprint readers. Again two-factor authentication is often used in conjunction with biometrics.
To conclude, an encryption summary
Pulling extracts from the security quick reference poster “0026 Security” from www.saarchitect.net, we have a nice summary of symmetric, asymmetric and hashing options:
A final word …
Strive for principle of least privilege … do not logon and work with administrator rights … minimise the attack surface, implement intrusion detection for early warning and adequate virus protection for catching the unwelcome visitors. If not, you will experience what my sons used to experience often until they woke up … loss of data and re-installation of system.
The next blog post will be the last on this subject, looking at distributed system structures. See you then.