CS 3733 Operating Systems
Lecture 40 [4/22/98]: Operating Systems Security
Read Chapter 20 of SG
- Security Problems
- Unauthorized reading of data (theft)
- Unauthorized modification
- Unauthorized destruction
- Authentication
- Passwords are often easy to guess
- If unencripted can be read by snoop programs
- Crack programs can go through the complete password address space
- Newer versions of Unix keep a shadow password table so that
users can't directly see the password table.
- Ways to improve security:
- Force long passwords
- Force frequent changes
- System picks password
- Use one-time passwords (credit-card calculators)
- Operating system threats
- Trojan horse (e.g. fake login)
- Trap door (cheat codes) could be hidden in the compiler.
- Worms - standalone invader (discuss the famous Morris worm)
- Viruses - code fragment embedded in a legitimate program.
use safe computing practices
- Standard things to monitor for:
- Short or easy passwords
- Unauthorized set-uid programs
- Unauthorized programs in system directories
- Unexpected long-running processes
- Improper directory protections
- Improper protections on system files
- Bad search paths
- Invalid program checksums
- Security levels:
- D -minimal MS-Dos and Windows 3.1
- C
- C1 - cooperating users access data at same level of security -
UNIX
- C2 - Individual access control
(Secure Unix, well-configured NT)
- B - C2 plus sensitivity label for each object
- B1 - security label for each object in system
- B2 - security label extended to each system resource
- B3 - lists of users that are not given access
- A -
- A1 - functionally equivalent to B3 with
formal specification and verification bult in.
- NT Security
- User accounts
- Identified by a unique security ID
- At log in gets a security access token (SAT)
- Every process that runs on behalf of user gets a copy
of the SAT
- A subject tracks and manages permissions for each program:
- simple subject
- Server subject
Skill: Appreciate basic issues in operating systems security.
Revised 4/20/98