OS

Security
Security Problems Security must consider external environment of the system, and protect the system resources. Intruders (crackers) attempt to breach security. Attack can be accidental or malicious (intentional). Easier to protect against accidental rather than intentional misuse . Among the forms of intentional access are the following: Unauthorized Reading of Data (theft of information). Unauthorized modification of data. Unauthorized destruction of data. To protect the system, we must take security measures at two levels: Physical: The site or sites containing the computer systems must be physically secured. Human: Users must be screened carefully so that the chance of authorizing a user who then gives access to an intruder is reduced.

Standard Security Attacks

-1-

OS

Authentication
A major security problem for OS is the authentication problem. The protection system depends on an ability to identify the programs and processes that are executing. Authentication is based on three items: User Possession (a Key or Card) User Knowledge (a User ID & Password) User Attribute (Fingerprint, Signature) Passwords This is a most common approach to authenticating a User Identity is the use of user passwords. When the user identifies by their user id or account name, the system asked for password. If the password is matched with stored password then the system will allow the user otherwise not. Different passwords may be associated with different access rights. E.g. different passwords may be used for each of reading, appending and updating a file. Password Vulnerabilities There are problem associated with password use and the problem with passwords are related to the difficulty of keeping a password secret. Password can be compromised by being guessed, accidentally exposed or illegally transferred from an authorized user to unauthorized user. We can use some of the password scheme for solving this problem.

-2-

OS

The Password can be changed frequently or for each session. A new password is selected either by the user or system. Encrypted Passwords Another approach for solving the password solution is used Encrypted Passwords. In this scheme, when user gives the password then the password saved in encrypted format (encoded) in the system. E.g. In Unix OS, Password stored in encoded form. Even when a user presents a password, it is encoded and compared against the stored password. Even if the stored encoded password is seen, it cannot be decoded, so the password cannot be determined. A good technique is to generate the password by using the first letter of each word of an easy remembered phrase using both upper and lower characters with a number or punctuation marks.

E.g. the phrase My Brothers name is Sandeep then might be the Password is MbniS.!. This password hard to crack, but easy for user to remember.

-3-

OS

Program Threats
Program written by one user may be used by another user (misuse). Two common Methods 1. Trojan Horse 2. Trap Door Trojan Horse A Trojan horse is a useful program or command procedure that contains a hidden code that, when invoked, performs some unwanted or harmful functions. It can be used to accomplish functions indirectly that an unauthorized user could not accomplish directly. E.g., to gain access to the files of another user on a shared system, a user could create a Trojan horse program that when executed changed the invoking users file permissions so that the files are readable by any user. This scheme is used by Windows NT OS. Trap Door The designer of a program or system might leave a hole in the software that only he/ she is capable of using. In another words, a trapdoor is a secret entry point into a program that allows someone

-4-

OS

who is aware of the trapdoor to gain access without going through the usual procedures for security access.

Trapdoors have been used for many years by programmers to debug and test programs. The trapdoor is a code that recognizes some special sequence of input, or i.e. triggered by being run from a certain user id or by an unlikely sequence of events.

Trapdoor become threats when they are used by unauthorized programmers to gain unauthorized access. The type of security breach was shown in the movie War Games.

It is difficult to implement OS controls for trapdoors. Security measures must focus on program development and software update.

System Threats
Most OS provide for processes to spawn other processes. In such environment, it is possible to create a situation where OS resources and user files are misused. Two Most Common Methods 1. Viruses 2. Worms

-5-

OS

Viruses
Viruses are designed to spread into other programs and including modifying or destroying files and causing system crashes and program malfunctions. Viruses are major problem for computer users (microcomputer systems). Viruses are usually spread by users downloading viral programs from public bulletin board or exchanging floppy disks containing an infection. Many categories of viruses, literally many thousands of viruses: File Boot Macro Source code Encrypted Stealth Tunneling Multipartite Armored

-6-

OS

Boot Sector Computer Virus

Virus problem can be prevent from a no. of ways: Use Anti-virus Programs/ Software Purchasing License Software (not use Pirated) Check removable devices with Anti-virus program before using with system. WORMS A worm is a process that uses the spawn mechanism to hit system performance. The worm copies of itself, using up system resources and perhaps locking out system use by all other processes.

-7-

OS

The first worm was released on November 2, 1988 by Robert Tappan Morris. He unleashed a worm program on one or more hosts connected to the internet. The worm was made up of two programs, a grappling hook (also called bootstrap or vector) program and the main program. Automated attempt to connect to a range of ports on one or a range of IP addresses.

The Morris Internet Worm

Encryption
It is a one common method of protecting information transmitted over unreliable links. The basic mechanism works as follows: 1. The information (text) is encrypted (encoded) from its initial readable form (called clear text), to an internal form (called cipher text). This internal text form, although readable, does not make any sense.

-8-

OS

2. The cipher text can be stored in a readable file or transmitted over unprotected channels. 3. To make sense of the cipher text, the receiver must decrypt (decode) it back into clear text. For using of this approach encryption algorithm is used and it contains: E, use for encryption algorithm D, use for decryption algorithm k, a secret key (or keys) m, for message Encryption algorithm must satisfy the following properties for any message:
1. Dk(Ek(m))=m 2. Both Ek and Dk can be computed efficiently

3. The security of the system depends on only the secrecy of the key and does not depend on the secrecy of the algorithm E and D.

-9-

OS

Encryption and Decryption of message

- 10 -