Understanding operating systems 5th ed ch11
-
Upload
barrboy -
Category
Technology
-
view
593 -
download
0
description
Transcript of Understanding operating systems 5th ed ch11
![Page 1: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/1.jpg)
Understanding Operating SystemsFifth Edition
Chapter 11
Security and Ethics
![Page 2: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/2.jpg)
Understanding Operating Systems, Fifth Edition 2
Learning Objectives
• The role of the operating system with regard to system security
• The effects of system security practices on overall system performance
• The levels of system security that can be implemented and the threats posed by evolving technologies
![Page 3: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/3.jpg)
Understanding Operating Systems, Fifth Edition 3
Learning Objectives (continued)
• The differences among computer viruses, worms, and blended threats
• The role of education and ethical practices in system security
![Page 4: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/4.jpg)
Understanding Operating Systems, Fifth Edition 4
Role of the Operating System in Security
• Key role – Operating system level vulnerability opens entire
system to attack– Operating system complexity and power increases
• More vulnerable to attack
• System administrator’s role– Provide operating systems with all available defenses
against attack
![Page 5: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/5.jpg)
Understanding Operating Systems, Fifth Edition 5
System Survivability
• System’s capability to fulfill mission– Timely manner– In presence of attacks, failures, or accidents
• Survivable systems’ key properties – Attack resistance– Attack and resulting recognition – Essential services recovery after attack– System defense mechanism adaptation and evolution
• Mitigate future attacks
![Page 6: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/6.jpg)
Understanding Operating Systems, Fifth Edition 6
System Survivability (continued)
![Page 7: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/7.jpg)
Understanding Operating Systems, Fifth Edition 7
Levels of Protection
• System administrator– Evaluate each computer configuration intrusion risk
• Depends on connectivity level given to system
![Page 8: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/8.jpg)
Understanding Operating Systems, Fifth Edition 8
Backup and Recovery
• Policies– Essential for most computing systems
• System manager– Uses layered backup schedule
• Backups– One set stored off-site
• Crucial for disaster recovery
• System management essential elements– Written policies and procedures– Regular user training
![Page 9: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/9.jpg)
Understanding Operating Systems, Fifth Edition 9
Backup and Recovery (continued)
• Written security procedures recommendations– Frequent password changes– Reliable backup procedures– Guidelines for loading new software– Software license compliance – Network safeguards– Guidelines for monitoring network activity– Terminal access rules
![Page 10: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/10.jpg)
Understanding Operating Systems, Fifth Edition 10
Security Breaches
• System security gaps– Malicious or not
• Intrusions classifications– Due to uneducated users and unauthorized access to
system resources– Purposeful disruption of system operation– Purely accidental
• Examples: hardware malfunctions, undetected errors in operating system or applications, natural disasters
• Any security breach – Severely damages system credibility
![Page 11: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/11.jpg)
Understanding Operating Systems, Fifth Edition 11
Unintentional Intrusions
• Security breach or data modification– Not resulting from planned intrusion
• Examples– Accidental incomplete modification of data
• Nonsynchronized processes access data records
• Modify some record fields
– Errors due to incorrect storage of data values• Field not large enough to hold numeric value stored
![Page 12: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/12.jpg)
Understanding Operating Systems, Fifth Edition 12
Unintentional Intrusions (continued)
![Page 13: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/13.jpg)
Understanding Operating Systems, Fifth Edition 13
Intentional Attacks
• Attack types– Intentional unauthorized access
• Denial of service attacks, browsing, wire tapping, repeated trials, trap doors, trash collection
– Viruses and worms– Trojan horses– Bombs– Blended threats
![Page 14: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/14.jpg)
Understanding Operating Systems, Fifth Edition 14
Intentional Attacks (continued)
• Intentional unauthorized access– Denial of service (DoS) attacks
• Synchronized attempts denying service to authorized users causing computer to perform repeated unproductive task
– Browsing• Unauthorized users gain access to search through
secondary storage directories or files for information they should not have the privilege to read
![Page 15: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/15.jpg)
Understanding Operating Systems, Fifth Edition 15
Intentional Attacks (continued)
• Intentional unauthorized access (continued)– Wire tapping
• Unauthorized users monitor or modify transmission
– Passive wire tapping: transmission monitored– Passive wire tapping reasons
• Copy data while bypassing authorization procedures
• Collect specific information (password)
– Active wire tapping: modifying data • Methods include “between lines transmission” and
“piggyback entry”
![Page 16: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/16.jpg)
Understanding Operating Systems, Fifth Edition 16
Intentional Attacks (continued)
• Intentional unauthorized access (continued)– Repeated trials
• Enter system by guessing authentic passwords
– Trap doors• Unspecified and undocumented system entry point
• Diagnostician or programmer install
• System vulnerable to future intrusion
– Trash collection• Discarded materials (disks, CDs, printouts) to enter
system illegally
![Page 17: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/17.jpg)
Understanding Operating Systems, Fifth Edition 17
Intentional Attacks (continued)
![Page 18: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/18.jpg)
Understanding Operating Systems, Fifth Edition 18
Intentional Attacks (continued)
• Malicious computer attacks– Possible state and federal law violation
• Convictions– Significant fines and jail terms– Computer equipment confiscation
![Page 19: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/19.jpg)
Understanding Operating Systems, Fifth Edition 19
Intentional Attacks (continued)
• Viruses– Small programs altering computer operations
• No user permission to run
– Two criteria• Self-executing and self-replicating
– Operating system specific (usually)– Spread using wide variety of applications– Macro virus
• Attaches itself to template (such as NORMAL.DOT)
• In turn: attaches to word processing documents
![Page 20: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/20.jpg)
Understanding Operating Systems, Fifth Edition 20
Intentional Attacks (continued)
![Page 21: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/21.jpg)
Understanding Operating Systems, Fifth Edition 21
![Page 22: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/22.jpg)
Understanding Operating Systems, Fifth Edition 22
Intentional Attacks (continued)
• Worm– Memory-resident program– Copies itself from one system to next
• No aid from infected program file
– Slower processing time of real work– Especially destructive on networks
• Trojan horse– Destructive program
• Disguised as legitimate or harmless program
– Allows program creator secret access to system
![Page 23: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/23.jpg)
Understanding Operating Systems, Fifth Edition 23
Intentional Attacks (continued)
• Logic bomb– Destructive program with fuse (triggering event)
• Keystroke or connection with Internet– Spreads unnoticed throughout network
• Time bomb– Destructive program triggered by specific time
• Day of the year
• Blended threat– Logic bomb and time bomb characteristics combined
• Single program including virus, worm, Trojan horse, spyware, other malicious code
![Page 24: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/24.jpg)
Understanding Operating Systems, Fifth Edition 24
Intentional Attacks (continued)
• Blended threat (continued)– Characteristics
• Harms affected system
• Spreads to other systems using multiple methods
• Attacks other systems from multiple points
• Propagates without human intervention
• Exploits vulnerabilities of target systems
– Protection• Combination of defenses with regular patch
management
![Page 25: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/25.jpg)
Understanding Operating Systems, Fifth Edition 25
System Protection
• No single guaranteed method of protection
• System vulnerabilities– File downloads, e-mail exchange– Vulnerable firewalls– Improperly configured Internet connections
• Security issues require continuous attention
• Multifaceted system protection
• Protection methods – Antivirus software, firewalls, restrictive access, and
encryption
![Page 26: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/26.jpg)
Understanding Operating Systems, Fifth Edition 26
Antivirus Software
• Combats viruses only– Preventive, diagnostic, or both
– Preventive programs calculate checksum for each production program
– Diagnostic software compares file sizes and looks for replicating instructions or unusual file activity
• Removes infection and leaves remainder intact– Sometimes
• Cannot repair worms, Trojan horses, blended threats – Malicious code in entirety
![Page 27: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/27.jpg)
Understanding Operating Systems, Fifth Edition 27
Antivirus Software (continued)
![Page 28: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/28.jpg)
Understanding Operating Systems, Fifth Edition 28
Antivirus Software (continued)
![Page 29: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/29.jpg)
Understanding Operating Systems, Fifth Edition 29
Firewalls
• Set of hardware and/or software – Designed to protect system – Disguises IP address from unauthorized users
• Sits between Internet and network
• Blocks curious inquiries and potentially dangerous intrusions– From outside system
• Firewall mechanisms to perform tasks– Packet filtering – Proxy servers
![Page 30: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/30.jpg)
Understanding Operating Systems, Fifth Edition 30
Firewalls (continued)
![Page 31: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/31.jpg)
Understanding Operating Systems, Fifth Edition 31
Firewalls (continued)
• Typical firewall tasks– Log activities accessing Internet– Maintain access control
• Based on senders’ or receivers’ IP addresses
– Maintain access control • Based on services requested
– Hide internal network from unauthorized users– Verify virus protection installed and enforced– Perform authentication
• Based on source of a request from the Internet
![Page 32: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/32.jpg)
Understanding Operating Systems, Fifth Edition 32
Firewalls (continued)
• Packet filtering– Firewall reviews header information
• Incoming and outgoing Internet packets • Verify source address, destination address, protocol
authenticity
• Proxy server– Hides important network information from outsiders
• Network server invisible– Determines validity of network access request – Invisible to users– Critical to firewall success
![Page 33: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/33.jpg)
Understanding Operating Systems, Fifth Edition 33
Authentication
• Verifying authorization of individual accessing system
• Kerberos– Network authentication protocol– Provides strong authentication for client/server
applications– Uses strong cryptography– Requires systematic revocation of access rights from
clients • Who no longer deserve access
![Page 34: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/34.jpg)
Understanding Operating Systems, Fifth Edition 34
Authentication (continued)
![Page 35: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/35.jpg)
Understanding Operating Systems, Fifth Edition 35
Encryption
• Extreme protection method– Sensitive data put into secret code– System communication
• Data encrypted, transmitted, decrypted, processed
– Sender inserts public key with message– Receiver uses private key to decode message
• Disadvantages– Increased system overhead– System dependent on encryption process itself
![Page 36: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/36.jpg)
Understanding Operating Systems, Fifth Edition 36
Encryption (continued)
• Sniffers– Programs on computers attached to network
• Peruse data packets as they pass by• Examine each packet for specific information• Particularly problematic in wireless networks
• Spoofing– Assailant fakes IP address of Internet server
• Changes address recorded in packets sent over Internet
– Unauthorized users disguise themselves as friendly sites
![Page 37: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/37.jpg)
Understanding Operating Systems, Fifth Edition 37
Password Management
• Basic techniques protect hardware and software– Good passwords – Careful user training
![Page 38: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/38.jpg)
Understanding Operating Systems, Fifth Edition 38
Password Construction
• Good password– Unusual, memorable, changed often
• Password files – Stored in encrypted form
• Password length– Directly affects ability of password to survive
password cracking attempts
![Page 39: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/39.jpg)
Understanding Operating Systems, Fifth Edition 39
Password Construction (continued)
![Page 40: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/40.jpg)
Understanding Operating Systems, Fifth Edition 40
Password Construction (continued)
![Page 41: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/41.jpg)
Understanding Operating Systems, Fifth Edition 41
Password Construction (continued)
• Good password techniques– Use minimum of eight characters
• Including numbers and nonalphanumeric characters
– Create misspelled word• Join bits of phrases into word easy to remember
– Follow certain pattern on the keyboard– Create acronyms from memorable sentences– Use upper and lowercase characters (if allowed)– Never use word included in any dictionary
![Page 42: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/42.jpg)
Understanding Operating Systems, Fifth Edition 42
Password Construction (continued)
• Dictionary attack– Method of breaking encrypted passwords– Requirements
• Copy of encrypted password file
• Algorithm used to encrypt passwords
– Prevention• “Salt” user passwords with extra random bits
• Makes them less vulnerable to dictionary attacks
![Page 43: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/43.jpg)
Understanding Operating Systems, Fifth Edition 43
Password Alternatives
• Smart card use– Credit card-sized calculator
• Requires “something you have and something you know”
– Displays constantly changing multidigit number • Synchronized with identical number generator in system
– User must type in the number appearing on smart card• Added protection: user enters secret code
– User admitted to system if both number and code validated
![Page 44: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/44.jpg)
Understanding Operating Systems, Fifth Edition 44
Password Alternatives (continued)
• Biometrics– Science and technology of identifying individuals
• Based on each person’s unique biological characteristics
– Current research focus• Analysis of human face, fingerprints, hand
measurements, iris/retina, voice prints– Positively identifies person being scanned– Critical factor
• Reducing margin of error– Expensive
![Page 45: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/45.jpg)
Understanding Operating Systems, Fifth Edition 45
Password Alternatives (continued)
• Graphics and pattern clicks
• Evolving subject
• Establish sequence of clicks on photo/illustration– Repeat sequence to gain access
• Advantages– Eliminates keyboard entries
• Resistant to dictionary attack
![Page 46: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/46.jpg)
Understanding Operating Systems, Fifth Edition 46
Password Alternatives (continued)
![Page 47: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/47.jpg)
Understanding Operating Systems, Fifth Edition 47
Social Engineering
• Technique– System intruders gain access to information about a
legitimate user– Learn active passwords
• Looking in and around user’s desk for written reminder
• Trying logon ID as password
• Searching logon scripts
• Telephoning friends and coworkers to learn information (family member names, pet names, vacation destinations, hobbies, car model)
![Page 48: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/48.jpg)
Understanding Operating Systems, Fifth Edition 48
Social Engineering (continued)
• Phishing– Intruder pretends to be legitimate entity
• Asks unwary user to reconfirm personal and/or financial information
– Example: 2003 incident involving eBay customers • Default passwords
– Pose unique vulnerabilities • Widely known
– Routinely shipped with hardware or software– Routinely passed from one hacker to next– Change immediately
![Page 49: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/49.jpg)
Understanding Operating Systems, Fifth Edition 49
Ethics
• Ethical behavior: Be good. Do good.– IEEE and ACM issued standard of ethics in 1992– Apparent lack of computing ethics
• Significant departure from other professions
• Consequences of ethical lapses– Illegally copied software: lawsuits and fines– Plagiarism: illegal and punishable by law– Eavesdropping on e-mail, data, or voice
communications: sometimes illegal and usually unwarranted
![Page 50: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/50.jpg)
Understanding Operating Systems, Fifth Edition 50
Ethics (continued)
• Consequences of ethical lapses (continued)– Cracking (malicious hacking)
• Owner and users question validity of system data
– Unethical use of technology• Clearly the wrong thing to do
• Activities to teach ethics– Publish policies clearly stating actions tolerated– Teach regular seminar including real-life case
histories– Conduct open discussions of ethical questions
![Page 51: Understanding operating systems 5th ed ch11](https://reader035.fdocuments.us/reader035/viewer/2022081518/5456437daf79597b578b4d59/html5/thumbnails/51.jpg)
Understanding Operating Systems, Fifth Edition 51
Summary
• Must emphasize importance of secure system
• System only as good as integrity of stored data – Single security breach damages system’s integrity
• Catastrophic or not
• Accidental or not
– Damaged integrity threatens viability of:• Best-designed system, its managers, its designers, its
users
• Vigilant security precautions are essential