Lecture 4_System_Security_x_6

Lecture 4_System_Security_x_6 - System Security The...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
1 COMP 6370 – Lecture 4 – System Security 1 System Security COMP 6370 – Lecture 4 – System Security 2 The Security Environment Threats Security goals and threats COMP 6370 – Lecture 4 – System Security 3 Intruders Common Categories 1. Casual prying by nontechnical users 2. Snooping by insiders 3. Determined attempt to make money 4. Commercial or military espionage Example: (be careful with this site!!!!) http://tools.rosinstrument.com COMP 6370 – Lecture 4 – System Security 4 Accidental Data Loss Common Causes 1. Acts of God - fires, floods, wars 2. Hardware or software errors - CPU malfunction, bad disk, program bugs 3. Human errors - data entry, wrong tape mounted COMP 6370 – Lecture 4 – System Security 5 Security Design Principles (Gollmann) 1. In a given application, should the protection mechanisms focus on data, operations or users? 2. In which layer of the computer system should a security mechanism be placed? 3. Do you prefer simplicity – and higher assurance – to a feature rich security environment? 4. Should the tasks of defining and enforcing security be given to a central entity or should they be left to individual components in a system? 5. How can you prevent an attacker from getting access to a layer below the protection mechanism? COMP 6370 – Lecture 4 – System Security 6 Should the protection mechanisms focus on data, operations or users? Hardware Application Software Resource/ Data User Data Operations Operations Users
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 COMP 6370 – Lecture 4 – System Security 7 Which layer should a security mechanism be placed? Users run application programs Application programs use services such as a DBMS or an ORB Applications and services run on top of an OS The OS has a kernel that handles every access to the hardware The hardware physically stores and manipulates the data in the system Applications Services Operating Sys. OS Kernel Hardware Layers of an IT System COMP 6370 – Lecture 4 – System Security 8 Simplicity – and higher assurance – or a feature rich security environment? A simple generic mechanism will badly match specific protection requirements, but to choose the right options in a feature-rich security environment users have to be security experts. Security-unaware users are definitely in a no-win situation.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 6

Lecture 4_System_Security_x_6 - System Security The...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online