ch11

dashingincestuousSecurity

Feb 22, 2014 (3 years and 5 months ago)

65 views

Chapter 11

Security and Ethics


Understanding Operating Systems,
Fourth Edition

Understanding Operating Systems, Fourth Edition

2

Objectives

You will be able to describe:


The role of the operating system with regard to
system security


The effects of system security practices on overall
system performance


The levels of system security that can be
implemented and the threats posed by evolving
technologies


The differences between computer viruses and
worms, and how they spread


The difficulties of teaching ethics to user groups
and the role of education in system security

Understanding Operating Systems, Fourth Edition

3

Role of the

Operating System in Security


Operating system plays a key role in computer
system security


Any vulnerability at the operating system level

opens
the entire system to attack


The more complex and powerful the operating
system, the more likely it is to have vulnerabilities to
attack


System administrators must be on guard to arm
their operating systems with all available defenses
against attack


Understanding Operating Systems, Fourth Edition

4

System Survivability


Capability of a system to fulfill its mission, in a

timely manner, in the presence of attacks, failures,
or accidents


Key properties

of survivable systems
:


Resistance to attacks


Recognition of attacks and resulting damage


Recovery of essential

services after an attack


Adaptation and evolution of system defense
mechanisms

to mitigate future attacks

Understanding Operating Systems, Fourth Edition

5

System Survivability

(continued)

Table 11.1:
Four key properties of a

survivable system

Understanding Operating Systems, Fourth Edition

6

Levels of Protection

Table 11.2:
A simplified comparison

of security protection

required for three typical

computer configurations

System

administrator must

evaluate the risk of intrusion
f
or
each computer configuration, which in turn depends on the
level of connectivity given

to the system

Understanding Operating Systems, Fourth Edition

7

Backup and Recovery


Backup and recovery policies
are essential

for
most computing systems


Many system managers use a layered backup
schedule


Backups, with one set stored off
-
site, are crucial to
disaster recovery


Written policies

and
procedures and regular user
training are essential elements of

system
management

Understanding Operating Systems, Fourth Edition

8

Backup and Recovery


Written security procedures

should recommend
:


Frequent password changes


Reliable backup procedures


Guidelines

for loading new software


Compliance with software licenses


Network safeguards


Guidelines for monitoring network activity


Rules for terminal access

Understanding Operating Systems, Fourth Edition

9

Security Breaches


A gap in system security can be malicious or not


Intrusions can be classified as:


Due to

uneducated users and unauthorized access
to system resources


Purposeful disruption of the system’s operation


Purely accidental


Examples:
Hardware malfunctions, undetected errors
in
OS

or applications, or natural disasters


Malicious or not, a breach of

security severely
damages the system’s credibility

Understanding Operating Systems, Fourth Edition

10

Unintentional Intrusions


Any breach of security or modification of data

that
was not the result of a planned intrusion


Examples:


Accidental incomplete modification of data


When nonsynchronized processes access data
records and modify some but not all of

a record’s
fields


Errors
due to

incorrect
storage of

data values



e.g., When

the field isn’t large

enough to hold the
numeric value stored there

Understanding Operating Systems, Fourth Edition

11

Unintentional Intrusions

(continued)

Figure 11.1:

(a)
Original data value in a field large

enough to
hold it. If the

field is too small,

(b)
FORTRAN replaces the

data with asterisks
,
(c) COBOL truncates the

higher order
digits and stores only

the digits that remain

Understanding Operating Systems, Fourth Edition

12

Intentional Attacks


Types of Intentional attacks:


Intentional unauthorized access


e.g.,
denial of service attacks, browsing, wire

tapping,
repeated trials, trap doors, and trash collection


Viruses and worms


Trojan Horses


Bombs


Blended threats

Understanding Operating Systems, Fourth Edition

13

Intentional Unauthorized Access


Denial of service (DoS) attacks
:


Synchronized attempts to deny service to authorized

users by causing a computer to perform
repeated
unproductive task


Browsing:



Unauthorized users gain access to search through
secondary storage directories or files for information
they should not have the privilege to read


Understanding Operating Systems, Fourth Edition

14

Intentional Unauthorized Access

(continued)


Wire Tapping:
Unauthorized users monitor or

modify a user’s transmission



Passive wire tapping:

Refers to

just listening

to the
transmission but
not

changing the contents
, and
reasons include:


To

copy data while bypassing any authorization
procedures


To
collect specific information

such as password


Active wire tapping:
Data being sent is modified


Methods include “
between lines transmission” and
“piggyback entry”

Understanding Operating Systems, Fourth Edition

15

Intentional Unauthorized Access

(continued)


Repeated Trials:

To

enter systems by guessing
authentic passwords


Trap doors:

An unspecified and undocumented
entry point to the system


Installed by a system diagnostician or programmer

for future use


Leaves the system vulnerable to future intrusion


Trash collection:

Use of discarded materials such
as disks, CDs, printouts, etc., to enter the system
illegally


Understanding Operating Systems, Fourth Edition

16

Intentional Unauthorized Access

(continued)

Table 11.3:

Average time required to guess passwords up to

ten alphabetic characters

(A
-
Z)

using brute force

Understanding Operating Systems, Fourth Edition

17

Intentional Unauthorized Access

(continued)


Malicious attacks on computers

may violate state
and federal law under the
Federal Computer Fraud
and Abuse

Act of 1986


Those convicted have been sentenced to significant
fines and jail terms, as well as confiscation of their
computer equipment


In the U.S., attempts to intrude

into your system
should be reported to the
FBI

Understanding Operating Systems, Fourth Edition

18

Viruses


Small programs written to alter the way a computer
operates, without permission of the user



Must

meet two criteria:

It must be self
-
executing

and
self
-
replicating


Usually written to attack a certain operating system


Spread via a wide variety of applications


Macro virus works by attaching itself to a template
(such as NORMAL.DOT), which in turn is attached
to word processing documents

Understanding Operating Systems, Fourth Edition

19

Viruses (continued)

Figure 11.2:
A file infector virus attacks

a clean file (a) by

attaching a small

program to it (b
)

Understanding Operating Systems, Fourth Edition

20

Viruses (continued)

Table 11.4:

Types of viruses

Understanding Operating Systems, Fourth Edition

21

Viruses (continued)

Table 11.4 (continued):

Types of viruses

Understanding Operating Systems, Fourth Edition

22

Worms

and Trojan Horses


Worm:

A m
emory
-
resident program that copies
itself from one system to the next

without requiring
the aid of an infected program file


Results in
slower processing time of
real

work


E
specially destructive

on networks


Trojan Horse:

A destructive program that’s
disguised as a legitimate or harmless program


Allows the program’s creator to secretly access
user’s system


Understanding Operating Systems, Fourth Edition

23

Bombs and Blended Threats


Logic bomb:

A

destructive program with a fuse



a
certain triggering event (such as

a
keystroke or
connection with the Internet)


Spreads unnoticed

throughout a network


Time bomb:

A destructive program triggered by a
specific time, such as a

day of the year


Blended Threat:

Combines into one program the
characteristics of other attacks


e.g., including a virus, worm, Trojan Horse, spyware,
and other malicious code into a single program

Understanding Operating Systems, Fourth Edition

24

Blended Threats (continued)

Blended Threats:
(continued)


Characteristics
of
blended

threat
:


Harms the affected system


Spreads to other systems using multiple methods


Attacks other systems from multiple points


Propagates without human intervention


Exploits vulnerabilities of target systems


Protection:

Combination of defenses in
combination with regular patch management

Understanding Operating Systems, Fourth Edition

25

System Protection


No single guaranteed method of
protection


System vulnerabilities

include:


File downloads, e
-
mail exchange


Vulnerable firewalls


Improperly configured Internet connections, etc.


Need for continuous attention to security issues


System protection is multifaceted and
protection
methods
include:


Use of antivirus software, firewalls, restrictive access
and encryption

Understanding Operating Systems, Fourth Edition

26

Antivirus Software


Software to combat viruses can be preventive,
diagnostic,

or both


Preventive programs may calculate a checksum for
each production program


Diagnostic software compares file sizes, looks for
replicating instructions or unusual file activity


Can sometimes remove the infection and leave the
remainder intact


Unable to repair worms, Trojan horses, or blended
threats as they are
malicious code in entirety

Understanding Operating Systems, Fourth Edition

27

Antivirus Software

(continued)

Table 11.5: Websites containing current information on



systems security


Understanding Operating Systems, Fourth Edition

28

Antivirus Software

(continued)

Figure 11.4:
(a) Uninfected

file; (b)
file
infected

with a virus;
(c)

a

Trojan horse or

worm consists entirely

of malicious code

Understanding Operating Systems, Fourth Edition

29

Firewalls


A

set of hardware and/or software designed to
protect a system by disguising

its IP address from
unauthorized users


Sits between the Internet and network


Blocks curious inquiries and potentially dangerous
intrusions from outside the system


Mechanisms used by the firewall to perform various
tasks include:


Packet filtering


Proxy servers

Understanding Operating Systems, Fourth Edition

30

Firewalls

(continued)

Figure 11.5:
Firewall
sitting

between campus networks and



Internet, filtering requests

for access

Understanding Operating Systems, Fourth Edition

31

Firewalls

(continued)


Typical tasks of the firewall

are to
:


Log activities that access the internet


Maintain access control based on senders’ or
receivers’ IP addresses


Maintain access control based on services that are
requested


Hide internal network from unauthorized users


Verify that virus protection is installed and enforced


Perform authentication based on the source of a
request from the Internet

Understanding Operating Systems, Fourth Edition

32

Firewalls

(continued)


Packet filtering:



Firewall reviews header information for incoming and
outgoing Internet packets to verify
authenticity of
source address, destination address, and protocol


Proxy server
:



Hides important network information from outsiders
by making network server invisible


Determines if request for access to the network is
valid


Proxy servers are invisible to users but are critical to
the success of the firewall

Understanding Operating Systems, Fourth Edition

33

Authentication


Authentication:

A
verification that an individual
trying to access a system is authorized

to do so


Kerberos:

A

network authentication protocol


Need for password encryption to improve network
security led to development of Kerberos


Designed to provide strong authentication for
client/server applications


Uses strong cryptography


Requires systematic revocation of access rights from
clients who no longer deserve to have access

Understanding Operating Systems, Fourth Edition

34

Authentication

(continued)

Figure 11.6:
Using Kerberos, when

client A attempts to access

server B, user is

authenticated (a) and receives

a ticket for the

session (b). Once the

ticket is issued, client

and server can
communicate

at will (c). Without

the ticket, access is not

granted

Understanding Operating Systems, Fourth Edition

35

Encryption


Most extreme protection
method
for sensitive data
where data is put

into a secret

code


To communicate with another system, data is
encrypted, transmitted, decrypted, and processed


Sender inserts
public key

with the message


Message receiver required to have
private key

to
decode the message


Disadvantages:


Increases system’s overhead


System becomes totally dependent on encryption
process itself

Understanding Operating Systems, Fourth Edition

36

Sniffers and Spoofing


Sniffers:

Programs that reside on computers
attached to the network


Peruse data packets as they pass by, examine each
one for specific information


e.g.,
Particularly

problematic in wireless networks


Spoofing:

Assailant

fakes IP addresses of an
Internet server by changing the address recorded
in

packets it sends over the Internet


Used when unauthorized users

want to disguise
themselves as friendly sites

Understanding Operating Systems, Fourth Edition

37

Password Management


Most basic techniques used to protect hardware
and software investments
include:


Good passwords



Careful user training


Password Construction:


Good password is unusual, memorable, and

changed often


Password files normally stored in encrypted form


Password
length
has a direct effect on the ability of
password to survive

password cracking attempts

Understanding Operating Systems, Fourth Edition

38

Password Construction

(continued)

Figure 11.8:
Password verification

flowchart


Understanding Operating Systems, Fourth Edition

39

Password Construction

(continued)

Table 11.6:
Number of combinations

of passwords
depending

on their length and

available character set

Understanding Operating Systems, Fourth Edition

40

Password Construction

(continued)


Reliable techniques for generating a good
password:


Use minimum of eight characters, including numbers
and nonalphanumeric

characters


Create a misspelled word or join bits of phrases into
a word that’s easy to remember


Follow a certain pattern on the keyboard


Create acronyms from memorable sentences


Use
upper and lowercase characters

if allowed


Never use a word that’s included in any dictionary

Understanding Operating Systems, Fourth Edition

41

Password Construction

(continued)


Dictionary attack
:
A

method of breaking encrypted
passwords


Requirements:



A
copy of the encrypted password file


Algorithm

used to encrypt the passwords


Prevention:


Some operating systems “salt” user passwords with
extra random bits to make them less vulnerable to
dictionary attacks

Understanding Operating Systems, Fourth Edition

42

Password Alternatives


Use of a smart card


A

credit card
-
sized calculator that requires both
“something you have and something you

know”


Displays a constantly changing multidigit number
synchronized

with an identical number generator in
the system



User must type in the number that appears at that
moment on the smart card


For

added protection, user then enters a secret code


User is admitted to the system

only if both number
and code are validated

Understanding Operating Systems, Fourth Edition

43

Password Alternatives
(continued)


Biometrics:


The science and technology of identifying individuals

based on unique biological characteristics of each
person


Current research focuses

on


Analysis of the human face, fingerprints, hand
measurements, iris/retina, and voice

prints


Positively identifies the person being

scanned


Critical factor is reducing the margin of error


Presently, biometric authentication is expensive

Understanding Operating Systems, Fourth Edition

44

Social Engineering


A

technique whereby system intruders gain access
to information

about a legitimate user to learn
active passwords

by


Looking in and around the user’s desk for a written
reminder


Trying the user logon ID as the password


Searching logon scripts


Telephoning friends and co
-
workers to learn the
names of user’s family members, pets, vacation
destinations, favorite hobbies, car model, etc.

Understanding Operating Systems, Fourth Edition

45

Social Engineering

(continued)


Phishing
:


Intruder pretends

to be a legitimate
entity and contacts unwary users asking them to
reconfirm

their personal and/or financial information


Example: 2003 incident involving eBay customers


Default passwords:


Pose unique vulnerabilities because they are widely
known


Routinely shipped with hardware or software


Routinely passed from one hacker to the next


Should be changed immediately


Understanding Operating Systems, Fourth Edition

46

Ethics


Ethical behavior:

Be good. Do good.


IEEE and ACM issued a standard of ethics

in 1992


Apparent lack of ethics in computing is a significant
departure from other professions


Consequences
of
ethical lapses:


Illegally copied software can result in lawsuits and
fines


Plagiarism is illegal and punishable by law


Eavesdropping on e
-
mail, data, or voice
communications is sometimes illegal and usually
unwarranted

Understanding Operating Systems, Fourth Edition

47

Ethics

(continued)


Consequences
of
ethical lapses:

(continued)


Cracking

(malicious
hacking
) causes system’s owner
and users to question the validity of system’s data


Unethical use of technology is clearly the wrong
thing to do


Specific activities to teach ethics

can include:


Publish policies that clearly state which actions will
and will not be condoned


Teach a regular seminar on the subject including
real
-
life case histories


Conduct open discussions of ethical questions

Understanding Operating Systems, Fourth Edition

48

Summary


Can’t overemphasize the importance of keeping
the system secure


System is only as good as the integrity of the data
that’s stored on it


A single breach of security


whether catastrophic
or not, whether accidental or not


damages the
system’s integrity


Damaged integrity threatens the viability of the
best
-
designed system, its managers, its designers,
and its users


Vigilant security precautions are essential