Cain and Able? Kohonen networks ?cyber security subject so that the matter should relate to cyber security for sure and should connect to readers
Need to present a research reports on
1.Cain and Able
2. Kohonen networks
Both reports should be written with a word count of 70-105 words(not more than the count provided) and should provide a URL reference link too .
Note : NO PLAGIARISM
Should have minimum of 3 statements which describes the information about the report.
Tips: Should be in simple own words and no usage of critical words and attached the file to know in detail to write on it. This question is from a cyber security subject so that the matter should relate to cyber security for sure and should connect to readers.
Deadline Sep01, 2022 12:00Pm.Cst
Security in Computing, Fifth Edition
Chapter 5: Operating Systems
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
1
Chapter 4 Flashback
2
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
2
Chapter 5 Objectives
Basic security functions provided by operating systems
System resources that require operating system protection
Operating system design principles
How operating systems control access to resources
The history of trusted computing
Characteristics of operating system rootkits
3
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
3
Operating System Functions
4
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Security-relevant features:
Enforced sharing
Inter-process communication and synchronization
Protection of critical data
Guaranteed fair service
Interface to hardware
User authentication
Memory protection
File and I/O device access control
Allocation and access control to general objects
4
Operating System Functions
5
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Security-relevant features:
Enforced sharing
Interprocess communication and synchronization
Protection of critical data
Guaranteed fair service
Interface to hardware
User authentication
Memory protection
File and I/O device access control
Allocation and access control to general objects
5
History of Operating Systems
Single-user systems, no OS
Multi-programmed OS, aka monitors
Multiple users
Multiple programs
Scheduling, sharing, concurrent use
Personal computers
6
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
First, an entire computer was dedicated to one program at a time, but this approach proved wasteful
The first operating systems saved startup, loading, and shutdown time and made much better use of limited resources
The first personal computers took a major step back, as they were dedicated to single users and effectively one program at a time
Multitasking returned to the mainstream in the 1990s, and with it came all the lessons of the early shared computers
6
Protected Objects
Memory
I/O Devices:
Sharable I/O devices, such as disks
Serially reusable I/O devices, such as printers
Sharable programs and subprocedures
Networks
Sharable data
7
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
These are some of the common objects that need protection by and in OSs.
7
OS Layered Design
8
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Operating system visualized in layers, from most critical (bottom) to least critical.
8
Functions Spanning Layers
9
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Authentication is a good example of a function that needs to span the layers in the layered model.
9
Modular OS Design
10
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Modern OSs are built from discrete modules. These modules generally come from a variety of sources and are subject to updating/overwriting, so they cannot trust one another.
10
Virtualization
With virtualization, the OS presents each user with just the resources that user should see
The user has access to a virtual machine (VM), which contains those resources
The user cannot access resources that are available to the OS but exist outside the VM
A hypervisor, or VM monitor, is the software that implements a VM
Translates access requests between the VM and the OS
Can support multiple OSs in VMs simultaneously
Honeypot: A VM meant to lure an attacker into an environment that can be both controlled and monitored
11
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
The takeaway here is that, by acting as a sandbox, virtualization is a robust form of access control.
11
Separation and Sharing
Methods of separation:
Physical – printers for example
Temporal – processes executive at different times
Logical – illusion that no other processes exist
Cryptographic – processes conceal data and computations
Methods of supporting separation/sharing:
Do not protect – when sensitive procedures run at separate times
Isolate – processes running concurrently are unaware of the other
Share all or share nothing – owner choice public or private
Share but limit access or Limit use of an object
12
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Hardware Protection of Memory
13
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Fence
A fence defined by a fixed memory address. Users have access only to memory above a certain address.
13
Fence Registers
14
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Fence registers allow for the boundary to change
Like fences, but fence registers allow for the boundary to change.
14
Base/Bounds Registers
15
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Memory space can be broken into more than two sections, allowing for multiple users.
With base and bounds registers, memory space can be broken into more than two sections, allowing for multiple users.
15
Two Pairs of Base/Bounds Registers
16
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
This separates executable memory from data memory for each user, making it harder for bugs/attacks to overwrite code.
This separates executable memory from data memory for each user, making it harder for bugs/attacks to overwrite code.
16
Tagged Architecture
17
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
In a tagged architecture, each word of machine memory has one or more extra bits to identify its access rights. The big benefit is that access rights aren’t based on contiguous memory locations. Tagged architecture has not been widely adopted.
In a tagged architecture, each word of machine memory has one or more extra bits to identify its access rights. The big benefit is that access rights aren’t based on contiguous memory locations. Tagged architecture has not been widely adopted.
17
Segmentation
18
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
A program is divided into separate, logical pieces and each has its own set of access rights. The OS maintains a table of each segment and its true memory address, and it translates calls to each segment using that table (shown on next slide).
A program is divided into separate, logical pieces (e.g., an array, a procedure). Each segment has its own set of access rights. The operating system maintains a table of each segment and its true memory address, and it translates calls to each segment using that table (shown on next slide). Advantages:
The operating system can move segments around as necessary, which is very helpful as segments grow and shrink.
Segments can be removed from memory if they aren’t being used currently.
Every legitimate address reference must pass through the OS, providing an opportunity for access control.
18
Segment Address Translation
19
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Paging
20
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Similar to segmentation, programs are broken into fixed-size fragments (pages) rather than being broken down by logical unit. Because programs aren’t broken into logical units, paging doesn’t allow different parts of a program to have different access rights.
Similar to segmentation, but programs are broken into fixed-size fragments (pages) rather than being broken down by logical unit. Because programs aren’t broken into logical units, paging doesn’t allow different parts of a program to have different access rights.
20
Paged Segmentation
21
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Programs can be broken into segments, and the segments are then combined to fill pages. This approach creates an extra layer of translation but allows for the benefits of both paging and segmentation.
21
Paging vs. Segmentation
22
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Paging allows the main memory to use data that is residing on a secondary storage device. These data are stored in the secondary storage device as blocks of same size called pages. Paging allows the operating system to use data that will not fit in to the main memory.
Memory segmentation is a method that provides memory protection. Each memory segment is associated with a specific length and a set of permissions. When a process tries to access the memory it is first checked to see whether it has the required permission to access it.
22
Principles of Secure OS Design
Simplicity of design
OSs are inherently complex, and any unnecessary complexity only makes them harder to understand and secure
Layered design
Enables layered trust
Layered trust
Layering is both a way to keep a design logical and understandable and a way to limit risk
Example: very tight access controls on critical OS functions, fewer access controls on important noncritical functions, and few if any access controls on functions that aren’t important to the OS
23
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Kernelized Design
A kernel is the part of the OS that performs the lowest-level functions
Synchronization
Inter-process communication
Message passing
Interrupt handling
A security kernel is responsible for enforcing the security mechanisms of the entire OS
Typically contained within the kernel
24
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Kernelized Design
25
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
25
Reference Monitor
26
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
The reference monitor is the most important part of the security kernel, controlling access to objects.
The reference monitor is the most important part of the security kernel, controlling access to objects. A reference monitor must be tamperproof, unbypassable, and analyzable.
26
Trusted Systems
A trusted system is one that has been shown to warrant some degree of trust that it will perform certain activities faithfully
Characteristics of a trusted system:
A defined policy that details what security qualities it enforces
Appropriate measures and mechanisms by which it can enforce security adequately
Independent scrutiny or evaluation to ensure that the mechanisms have been selected and implemented properly
27
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
History of Trusted Systems
28
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Attempts to declare computers trustworthy go back almost 50 years. Over the years, changes in technology have resulted in new requirements, and the explosion of new devices and software have made it impossible to keep up.
28
Trusted Computing Base (TCB)
29
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
The TCB monitors and protects the secrecy and integrity of four basic interactions: process activation, execution domain switching, memory protection, and I/O operation.
The TCB portion of the OS is the part we depend on for enforcement of security policy. The TCB monitors and protects the secrecy and integrity of four basic interactions: process activation, execution domain switching, memory protection, and I/O operation.
29
Other Trusted System Characteristics
Secure startup
System startup is a tricky time for security, as most systems load basic I/O functionality before being able to load security functions
Trusted path
An unforgeable connection by which the user can be confident of communicating directly with the OS (BIOS setting)
Object reuse control
OS clears memory before reassigning it to ensure that leftover data doesn’t become compromised
Audit
Trusted systems track security-relevant changes, such as installation of new programs or OS modification
Audit logs must be protected against tampering and deletion
30
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Intel’s trusted boot technology uses TPMs to achieve secure startup.
30
Rootkits
A rootkit is a malicious software package that attains and takes advantage of root status or effectively becomes part of the OS
Rootkits often go to great length to avoid being discovered or, if discovered and partially removed, to reestablish themselves
This can include intercepting or modifying basic OS functions
31
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Rootkit Evading Detection
32
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
In this example, a rootkit is hooking a system call in order to intercept potentially threatening results.
In this example, a rootkit is hooking a system call in order to intercept potentially threatening results.
32
Summary
OSs have evolved from supporting single users and single programs to many users and programs at once
Resources that require OS protection: memory, I/O devices, programs, and networks
OSs use layered and modular designs for simplification and to separate critical functions from noncritical ones
Resource access control can be enforced in a number of ways, including virtualization, segmentation, hardware memory protection, and reference monitors
Rootkits are malicious software packages that attain root status or effectively become part of the OS
33
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
33
image2.emf
image3.emf
image4.emf
image5.emf
image6.emf
image7.emf
image8.emf
image9.emf
image10.emf
image11.emf
image12.emf
image13.emf
image14.emf
image15.jpg
image16.emf
image17.emf
image18.emf
image19.emf
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
