CS283 - Lecture 5 - Part 1 - Security Policy - 20091006

CS283 - Lecture 5 - Part 1 - Security Policy - 20091006 -...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
ecurity Policy Security Policy GWU CS 172/283 Autumn 2009 Draws extensively from: Memon’s notes, Brooklyn Poly Pfleeger Text, Chapter 5 Bishop’s text, Chapter 4, Bishop’s slides, Chapter 4
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Services in an OS A general purpose Operating System provides the following security mechanisms: ¾ Memory protection ile protection ¾ File protection ¾ General object protection ¾ Access authentication • How do we go about designing a “trusted” OS (that is, one that we believe implements the above mechanisms)? • The term “trust” has a different meaning than the 2 term “secure”. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 1- Rev 20091006
Background image of page 2
Trust is derived from three components A Policy: which provides a description of requirements A Model: which provides a representation of policy A Design: which is an implementation of policy ¾ Trust: derives from the user’s perception that the design properly implements the security policy 3 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 1- Rev 20091006
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Trust • Policies, mechanisms and procedures make assumptions and the system user trusts that these ssumptions hold assumptions hold. • For example, a System Administrator (SA) receives ecurity patch and installs it Has she increased the security patch and installs it. Has she increased the security of the system by installing the patch? or example aspirin from drugstore is considered For example, aspirin from drugstore is considered trustworthy. On what basis should the purchaser draw such a conclusion? 4 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 1- Rev 20091006
Background image of page 4
Trust: Example 1 A System Administrator (SA) installs a patch he SA trusts that the patch came from the 1. The SA trusts that the patch came from the supplier and not some rogue entitity, and that the patch was not tampered with in transit 2. The SA trusts that the vendor tested patch thoroughly he SA trusts that the vendor’s test environment 3. The SA trusts that the vendor s test environment corresponds to local environment where the SA is planning to deploy the patch 4. The SA trusts that the patch is installed correctly with the tools that the SA has to perform such stallation 5 installation GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 1- Rev 20091006
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Trust: Example 2 Aspirin from drugstore is considered trustworthy. The basis of the purchaser’s trust in this product is a consequence of: ¾ Testing and certification by the US Federal Drug A Administration. ¾ The suppliers Conformance to Manufacturing standards of the manufacturing company and regulatory echanisms that ensure such conformance mechanisms that ensure such conformance ¾ The Safety seal on the bottle. 6 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 1- Rev 20091006
Background image of page 6
Trust: Example 3 ormal Verification Method: Formal Verification Method: • This method gives a mathematical proof that given input i , program P produces output o as specified • Suppose a security-related program S has been formally verified to work with operating system O • What are the assumptions that are made in this context?
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This document was uploaded on 12/05/2009.

Page1 / 50

CS283 - Lecture 5 - Part 1 - Security Policy - 20091006 -...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online