csit324 os &web interface security introduction. c ourse o utline concepts security environment:...
TRANSCRIPT
CSIT324 OS &WEB INTERFACE SECURITYIntroduction
COURSE OUTLINE
Concepts Security environment: Threats, intruders,
accidental data loss. Cryptography basics: types Protection mechanisms Authentication Insider attacks, Code bug exploitation plus
defenses.
ASSESSMENT
Course works, test – 30% Final Exam – 70%
REFERENCE
Modern OS by Andrew S. Tanenbaum
SECURITY ENVIRONMENT
OS - Security – Protection mechanisms – the specific OS
mechanisms used to safeguard information in the PC.
SECURITY FACETS
1. ThreatsPC has 4 general goals with corresponding threats
to them: Data confidentiality – concerned with having secret
data remain secret.Data integrity – unauthorized users should not be
able to modify any data without the owner’s permission. Data modification includes changing data, removing data and adding false data.
System availability – nobody can disturb the system to make it unusable. Denial of service attacks.
Privacy – protecting individuals from misuse of information about them
2. INTRUDERS/ADVERSARIES
People who are nosing around places where they have no business.
Forms: Passive intruders – want to read files they are
not authorized to read. Active intruders – more malicious (want to
make unauthorized changes to data).
CATEGORIES OF INTRUDERS
Casual prying by nontechnical users: people reading other users’ email &other files if no barriers are placed in the way.
Snooping by insiders. Determined attempts to make money: bank
programmers have attempted to steal from the bank they are working for.
Commercial/military espionage: espionage is a serious &well-funded attempt by a competitor/a foreign country to steal programs, trade secrets, patentable ideas, technology, circuits designs, business plans e.t.c.
3. ACCIDENTAL DATA LOSS
Valuable data can be lost by accident.Causes: Act of God – fires, floods, earthquakes, wars,
riots. Hardware/software errors – CPU
malfunctions, unreadable disks, telecom errors, program bugs.
Human errors – incorrect data entry, wrong program run, lost disk.
Solutions: Maintain adequate backups far away from
the original data.
CRYPTOGRAPHY BASICS.
Cryptography refers to the process of converting plaintext into ciphertext (encrypt) in that only authorized people know how to convert it back to plaintext.
Ciphertext is an incomprehensible pile of bits.
Encryption &decryption algorithms (functions) should always be public.
FORMS OF CRYPTOGRAPHY
Secret-key cryptography – mono-alphabetic substitution. Also referred to as symmetric cryptography.
Advantage:Efficient because the amount of computation
required to encrypt/decrypt a message is manageable.
Drawback:Sender &receiver must both be in possession of
the shared secret key. Public-key cryptography – private (decryption
key) and public key pair but the public key (encryption key) is published.
PUBLIC KEY ENCRYPTION….
Key generation is automated with a user-selected password fed into the algorithm.
The correspondent encrypts the message with the receiver’s public key.
Since only the receiver has the private key, only the receiver can decrypt the message.
DIGITAL SIGNATURES
Digital signatures – sign a document digitally. Make it possible to sign emails &other digital
documents in such a way that they can’t be repudiated by the sender later.
One way is to first run the document through a one-way cryptographic hashing algorithm which very hard to invert.
Hashing function produces a fixed length result independent of the original document size.
Common hash functions: Message Digest 5 (MD5) that produces a 16byte result, Secure Hash Algorithm (SHA-1) that produces a 20-byte result.
HASHING PROCESS..SENDER’S END.
The document owner applies his private key to the hash to get D(hash). This value, called the Signature block, is appended to the document &sent to the receiver.
The application of D to the hash is also referred to as decrypting the hash though its not really a decryption because the hash has not been encrypted. It just a mathematical transformation on the hash.
RECEIVER’S END..
When the doc and hash arrive, the receiver first computes the hash of the doc using MD5 or SHA.
The receiver then applies the sender’s public key to the signature block to get E{D(hash)}.
It encrypts the decrypted hash, canceling it out &getting the hash back.
If the computed hash doesn’t match the hash from the signature block, the doc, the signature block, or both have been tampered with or changed by accident.
NB: the value of this scheme is that it applies public-key cryptography only to a relatively small piece of data, called the hash.
TRUSTED PLATFORM MODULE (TPM)
TPM is crypto-processor with some nonvolatile storage inside it for keys.
TPM can perform cryptographic operations such as encrypting blocks of plaintext or decrypting blocks of ciphertext in main memory.
TPM can also verify digital signatures. According to Microsoft, operating system
controls the TPM to prevent unauthorized software from being run.
TPM APPLICATIONS…
If the TPM is involved in the booting process, it will start only operating systems signed by a secret key placed inside the TPM by the manufacturer &disclosed only to selected OS vendors e.g. Microsoft.
Thus TPM can be used to limit users’ choices of software to those approved by the computer manufacturer.
TPM APPLICATIONS…
Music &movie industries are very keen on TPM as it could be used to prevent piracy of the content.
It also open up new business models such as renting songs/movies for a specific period of time by refusing to decrypt them after the expiration date.
TPM drawback: Doesn’t make PCs more secure against
external attacks. It only focuses on using cryptography to prevent users from doing anything not approved directly or indirectly by the TPM controllers.
RESEARCH ON:
Certificate Authorities PKI
Next Lecture: Protection Mechanisms.
End!