CS283 - Lecture 6 - Part 7 - Additional Topics - Trusted Operating Systems

CS283 - Lecture 6 - Part 7 - Additional Topics - Trusted Operating Systems

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Lecture 6 - Part 7 - Additional Topics WU Trusted Operating Systems GWU CS 172/283 Autumn 2009 Draws extensively from Memons notes, Brooklyn Poly And Pfleeger text, Chapter 5 11/25/2009 CS283- 172/Fall06/GWU/Vora/Identity Need A Policy: description of requirements A Model: policy representation: check if policy can be enforced Design: implementation of policy A Design: implementation of policy Trust: based on features and assurance 2 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Design Principles for Secure Systems Two basic themes: Simplicity KISS Makes design and interactions easy Easy to prove its safety Restriction Minimize the power of entities Utilize compartmentalization Apply Common Sense! 3 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Principles of good design 1. least privilege 2. fail-safe defaults 3. economy of mechanism . omplete mediation 4. complete mediation 5. open design eparation of privilege 6. separation of privilege 7. least common mechanism sychological acceptability 4 8. psychological acceptability GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Principle of least privilege Entity should be given only those privileges needed perform a task to perform a task Function/role should control the rights Temporary elevation of privilege should be relinquished immediately upon task completion Granularity of privileges 5 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Principle of fail-safe defaults Unless a subject is given explicit access to an object, should be denied access to the object it should be denied access to the object. Default access to an object is none a subject is unable to complete its task before it If a subject is unable to complete its task before it terminates it should undo the changes made to the state of the system. Restrict privileges at the time of creation 6 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Principle of economy of mechanism Security mechanisms should be as simple as possible. This results in fewer errors esting and verification is easier Testing and verification is easier Assumptions are fewer 7 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Principle of complete mediation All accesses to objects should be checked to ensure they are allowed. Improper access attempts should e expected and protected against be expected and protected against Security vs. performance issues 8 GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 Part 7 - Rev 20091124 Principle of open design Security of a mechanism should not depend upon ecrecy of its design or implementation secrecy of its design or implementation Secrecy != security Complexity != security Security through obscurity Cryptography and openness or example AES...
View Full Document

This document was uploaded on 12/05/2009.

Page1 / 33

CS283 - Lecture 6 - Part 7 - Additional Topics - Trusted Operating Systems

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online