ch15 - perating System Concepts with Java – 7 th Edition...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: perating System Concepts with Java – 7 th Edition, Nov 15, 2006 Silberschatz, Galvin and Gagne ©2007 Chapter 15: Security 15.2 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Chapter 15: Security ¡ The Security Problem ¡ Program Threats ¡ System and Network Threats ¡ Cryptography as a Security Tool ¡ User Authentication ¡ Implementing Security Defenses ¡ Firewalling to Protect Systems and Networks ¡ Computer-Security Classifications ¡ An Example: Windows XP 15.3 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Objectives ¡ To discuss security threats and attacks ¡ To explain the fundamentals of encryption, authentication, and hashing ¡ To examine the uses of cryptography in computing ¡ To describe the various countermeasures to security attacks 15.4 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 The Security Problem ¡ Security must consider external environment of the system, and protect the system resources ¡ Intruders (crackers) attempt to breach security ¡ Threat is potential security violation ¡ Attack is attempt to breach security ¡ Attack can be accidental or malicious ¡ Easier to protect against accidental than malicious misuse 15.5 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Security Violations ¡ Categories ¢ Breach of confidentiality ¢ Breach of integrity ¢ Breach of availability ¢ Theft of service ¢ Denial of service ¡ Methods ¢ Masquerading (breach authentication) ¢ Replay attack ¡ Message modification ¢ Man-in-the-middle attack ¢ Session hijacking 15.6 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Standard Security Attacks 15.7 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Security Measure Levels ¡ Security must occur at four levels to be effective: ¢ Physical ¢ Human ¡ Avoid social engineering, phishing, dumpster diving ¢ Operating System ¢ Network ¡ Security is as week as the weakest chain 15.8 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Program Threats ¡ Trojan Horse ¢ Code segment that misuses its environment ¢ Exploits mechanisms for allowing programs written by users to be executed by other users ¢ Spyware, pop-up browser windows, covert channels ¡ Trap Door ¢ Specific user identifier or password that circumvents normal security procedures ¢ Could be included in a compiler ¡ Logic Bomb ¢ Program that initiates a security incident under certain circumstances ¡ Stack and Buffer Overflow ¢ Exploits a bug in a program (overflow either the stack or memory buffers) 15.9 Silberschatz, Galvin and Gagne ©2007 Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 C Program with Buffer-overflow Condition 15.1015....
View Full Document

{[ snackBarMessage ]}

Page1 / 45

ch15 - perating System Concepts with Java – 7 th Edition...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online