|CPU Control Unit||
Access and interpret instructions
Arithmetic and Logic funtions
within the CPU (in most cases) easy for alu/cu to acess
every pulse determines if either the alu or cu runs an instruction
dynamic RAM - cheaper/capacitor (must be recharged) slower
static RAM - flip/flop circuit; doesn't lose charge; more expensive but faster
burned in; low lever instructions that can never be changed.
POST (Power On System Testing)
Read Only Memory, but you can program it, comes from manufacturer empty. Burn once.
Erasable Programmable ROM via UV
Electrical Erasable Programmable ROM via electrical charges. So cpu can reset/program. FLASH>
go to location stored in register place and execute
Hackers will replace location value with their own
Memory the cpu has direct access to, doesn't need to get from RAM, then on the bus, then into a register, lots of wasted clock cycles.
Allows computers to address more memory than it has
MMU will check local memory first, then see if it's in virtual, a 2ndary device.
Code that is run, instruction by instruction, on a particular O/S platform. machine code.
Intermediate of source to machine code. So you compile Java to bytecode, then it can run on any O/S as long as it has Java VM running that takes bytecode and creates correct machine code.
Linear - have to wait for full FDE to finish to start next cycle
Pipeline - allows multiple FDE steps
One instruction at a time; can be pipeline
Multiple instructions at a time; each being pipe lined simultaneously.
Complex Instruction Set Computing
Each instruction performs multiple steps
Compilers are simpler
Performance may suffer.
Reduced Instruction Set Computing
Instructions are simple; need more to achieve same instruction. so more modular.
Compilers are more complex.
Time slicing the CPU among processes to 'appear' to be doing more than one at a time
Multiple instructions being run on multiple CPUs
subdividing a process into several sub processes and running them on one or more CPUs at the same time.
Single State- one security state per machine
Multi-state - more than one. More expensive. Must have mechanism to shield different levels
User Mode - Typical/User programs. Only a subset of instructions available to you.
Privileged Mode - All instructions available. (Supervisor or Kernel mode)
|Storage Types (PRSV)||
Primary - directly on board cpu and available (registers)
Real - holds user prgrms, no direct cpu access
Secondary - hard disc/tape/
Virtual - memory space that can exceed real memory
Securing processes; put the most sensitive processes at the center (ring) or bottom layer.
One layer must only talk to next layer via security, well defined paths.
processes should not have access to understand the inter workings of how the steps are performed to carry out their task.
Only allow program to have access to object than are absolutely necessary.
The code between subject and object that enforces access rules. Implemented via Security Kernel
Trusted Computer Base
Hardware/Software/Controls working together to provide security policies.
|Evaluation Criteria phases||
Certification - comparing your systems posture with published standards
Accreditation - Submission of cert to group for approval
Closed systems standard not readily available/published.
Trusted Computer Security Evaluation Criteria
Published Orange book, specifying categories to rate functionality & assurance of a system.
Trusted Network Interpretation
ITSEC - Europe
|Single State Machine||
The state of all objects any a point in time and transition from one state to another.
Confidentiality Only/Built on State Machine Model
- Simple Security Principle (no read up) - S may not read an O at higher sensitivity level.
- * security principle - (no write down) S may not write an object at a lower sensitivity level.
Discretionary security property - Access Matrix enforces discretionary AC
Integrity - stop unauthorized changes. Based on state model.
Simple Integrity Property - No read down, S cannot read O of lower integrity level
* security property ( no write up) - S can't write to an object w/higher integrity level.
Defines each data item and then restricts the programs that can access it.
Uses security labels to grant access
CDI - Contrained data item
UDI - unconstrained data item
IVP - Integrity Verification Procedure -
TP - Modifies data item from UID - CDI via IVP
|Information Flow Model||
controls all data flow from S to O and back.
Users access matrix to define every valid information transfer.
Biba and Bel-LaPadula are limited IFM's.
|Non Interference Model||
objects in one security level have no effect on an object in a different level.
make sure state change in one object doesn't bleed to another at a different level.
Method to exchange information which is not normal.
Storage (B2 or above)
inserting code during init/fail state.
ensure that security procedures are not unloaded first or loaded last.
malformed packets lead to buffer overflow
Undocumented mechanism to access system to bypass security protection.
Remote Access Trojan
Open port to allow remote access to device.
Evaluation Assurance Levels
EAL3 Methodically tested and checked
EAL4 Methodically Designed, tested, and reviewed
EAL5 Semi formal designed and tested
EAL6 Semi formal verified design and tested
EAL7 Formally verified design and tested.
A1 Verified Design
B1 Security Labels
B2 Structured Protection (No Covert Channel)
B3 Security Domains (Assurance of Isolation)
C1 Discretionary Security Protection (Users/Groups) ID
C2 Controlled Access Protection (Unique Users)