tailieunhanh - Lecture Operating system concepts - Chapter 19: Security
The information stored in the system (both data and code), as well as the physical resources of the computer system, need to be protected from unauthorized access, malicious destruction or alteration, and accidental introduction of inconsistency. In this chapter, we examine the ways in which information may be misused or intentionally made inconsistent. We then present mechanisms to guard against this occurrence. | Module 19: Security I The Security Problem I Authentication I Program Threats I System Threats I Securing Systems I Intrusion Detection I Encryption I Windows NT Operating System Concepts Silberschatz, Galvin and Gagne 2002 The Security Problem I Security must consider external environment of the system, and protect it from: ✦ unauthorized access. ✦ malicious modification or destruction ✦ accidental introduction of inconsistency. I Easier to protect against accidental than malicious misuse. Operating System Concepts Silberschatz, Galvin and Gagne 2002 Authentication I User identity most often established through passwords, can be considered a special case of either keys or capabilities. I Passwords must be kept secret. ✦ Frequent change of passwords. ✦ Use of “non-guessable” passwords. ✦ Log all invalid access attempts. I Passwords may also either be encrypted or allowed to be used only once. Operating System Concepts Silberschatz, Galvin and Gagne 2002 Program Threats I Trojan Horse ✦ Code segment that misuses its environment. ✦ Exploits mechanisms for allowing programs written by users to be executed by other users. I Trap Door ✦ Specific user identifier or password that circumvents normal security procedures. ✦ Could be included in a compiler. I Stack and Buffer Overflow ✦ Exploits a bug in a program (overflow either the stack or memory buffers.) Operating System Concepts Silberschatz, Galvin and Gagne 2002 System Threats I Worms – use spawn mechanism; standalone program I Internet worm ✦ Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs. ✦ Grappling hook program uploaded main worm program. I Viruses – fragment of code embedded in a legitimate program. ✦ Mainly effect microcomputer systems. ✦ Downloading viral programs from public bulletin boards or exchanging floppy disks containing an infection. ✦ Safe computing. I Denial of Service ✦ Overload the targeted computer .
đang nạp các trang xem trước