12. protection/security interface
DESCRIPTION
12. Protection/Security Interface. 12.1 Security Threats Types of Damage Vulnerable Resources Types of Attacks 12.2 Functions of a Protection System 12.3 User Authentication Approaches to Authentication Passwords 12.4 Secure Communication Principles of Cryptography - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/1.jpg)
12. Protection/Security Interface12.1 Security Threats
– Types of Damage – Vulnerable Resources – Types of Attacks
12.2 Functions of a Protection System
12.3 User Authentication– Approaches to Authentication– Passwords
12.4 Secure Communication– Principles of Cryptography– Secret-Key Cryptosystems– Public-Key Cryptosystems
Operating Systems 1
![Page 2: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/2.jpg)
Security Threats• Types of damage
1. Information Disclosure• theft
2. Information Destruction• possible without disclosure
3. Unauthorized Use of services• install SW without license, pirated copies (theft) • use fake ID/password to use online service
4. Denial of Service• difficult to quantify
• Vulnerable resources– Hardware (CPU, memory, communications, devices)– Software (files, processes, VM)
Operating Systems 2
![Page 3: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/3.jpg)
Types of Attacks• Browsing of Information
– Unauthorized search for residual information
– Unused memory and disk space is generally not deleted
– Typically done by a user who is already inside
• Information leaking
– A trusted service leaks confidential/secret information (Confinement Problem)
Operating Systems 3
![Page 4: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/4.jpg)
Types of Attacks• Trojan Horse
– Greek mythology—the siege of Troy• wooden horse = “present” by Greeks• soldiers hidden inside• Trojans pulled the horse into the city • soldiers opened the gates for the
Greeks, causing the destruction of Troy
• Attack: trusting user accepts a “present”, e.g. a free program, that causes damage (don’t open email attachments)
• Trap door– an undocumented feature– inserted on purpose or as a flaw to enter later
Operating Systems 4
![Page 5: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/5.jpg)
Types of Attacks• Viruses
– Designed to replicate themselves• removable storage media, email, file transfer
– Intended to cause damage– Need a host program
• attach to and modify host• execute as part of host
– Virus detection• check program length
(but virus can hide or compress program)• check for virus “signature”—bit pattern used by
virus to mark already infected program (viruses use encryption)
Operating Systems 5
![Page 6: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/6.jpg)
Types of Attacks• Worms
– Intended to cause damage– Exploit some system weakness to replicate– No host needed
• Example: Robert Morris Internet Worm (Nov 2, 1988)– Excessive replication caused major havoc on the internet
(denial of service)– 3 separate attacks:
• rsh: Spawn process on remote machine without pw (using a list of “trusted” systems)
• sendmail: Exploited an error that allows a message to send itself and start
• finger: Buffer overflow not checked – major weakness to take over the system
Operating Systems 6
![Page 7: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/7.jpg)
Types of Attacks• Buffer Overflow:
Example:– foo calls finger– Attack hijacks return
address by supplying aparameter that islonger than the buffer (overflows)
– When finger terminates,control goes to a placeset by the attack andis not returned to foo.
Operating Systems 7
![Page 8: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/8.jpg)
Types of Attacks• Remote execution
– Service to upload and start code on remote machine– Mobile agent: may migrate among machines– Like worm but legitimate migration– Must be designed carefully to prevent abuse of
privileges of remote host environment• Wire tapping
– Insert a device into line or listen to wireless– Passive (listen) or Active (modify)
• Waste searching– Look for passwords or sensitive data
Operating Systems 8
![Page 9: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/9.jpg)
Types of Attacks• Masquerading
– Impersonate process, user, service– Used from outside:
• Use stolen password (impersonate a legitimate user)• Break communication line, assume session
– Used from within (spoofing):• Impersonate login shell, steal password
• Trial and error– e.g., try to guess password
Operating Systems 9
![Page 10: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/10.jpg)
Types of Attacks -- Classification
• From within– direct access as a valid process– indirect Access via agent (attacker not present during attack)
• From outside– channels provided for legitimate purposes– illegitimate channels
Operating Systems 10
![Page 11: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/11.jpg)
Functions of a Protection System• External safeguards
– guard physical access (locks, badges, cameras)
• Verification of user identity (User Authentication)
• Communication safeguards
– protect public/vulnerable lines: cryptography
• Access control (Ch 13)
– can Subject perform function on Resource
• Information flow control (Ch 13)
– can S get information contained in R (indirectly)
Operating Systems 11
![Page 12: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/12.jpg)
User Authentication• Approaches:
– Knowledge of some information• Password, dialog
– Possession of some artifact• Machine-readable cards (ATM)• Combine with knowledge (PIN)
– Biometrics: Physical characteristics of person• Fingerprint• Hand geometry• Face geometry• Retina or iris scan• Voice print• Signature dynamics
Operating Systems 12
![Page 13: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/13.jpg)
Fingerprint Recognition• Extremely useful biometrics
technology• Fingerprints are a primary and
accurate identification method
Operating Systems 13
![Page 14: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/14.jpg)
Fingerprint Recognition Uses the ridge endings and bifurcation's to plot points known as
minutiae The number and locations of the minutiae vary from finger to
finger and from person to person
MinutiaeFinger Image + Minutiae
Finger Image
Operating Systems 14
![Page 15: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/15.jpg)
Face Recognition• Uses an image or series of images
• Principle: analysis of the unique shape, pattern and positioning of facial features
• Passive: does not require a person’s cooperation
• Highly complex technology
Common approach: Face geometry
Operating Systems 15
![Page 16: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/16.jpg)
Voice Recognition• Not speech recognition, it is speaker recognition • Low-cost (cheap hardware)• Not very accurate (voice varies, noise)• Can be stolen (recorded)
Operating Systems 16
![Page 17: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/17.jpg)
Hand geometry• one of the most deployed biometrics world wide
Ben Gurion Airport(Israel)
Operating Systems 17
![Page 18: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/18.jpg)
Signature Verification• Static/off-line:
– match pattern (image)– can easily be reproduced
• Dynamic/On-line:– match movement of the pen during signing process
(pressure, speed)
• Many commercial products
Operating Systems 18
![Page 19: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/19.jpg)
Iris recognition• Based on visible features, i.e. rings, furrows, freckles and the
corona • Safest, most accurate biometrics technology
Heathrow Airport (London)
Operating Systems 19
![Page 20: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/20.jpg)
Retina recognition• Capture the pattern of blood vessels throughout the
retina• No two retinas are the same, even in identical twins• More difficult/less convenient than iris scan
Operating Systems 20
![Page 21: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/21.jpg)
• Thermograms– infrared camera to detect the heat patterns
Other techniques• DNA
– Unique (except for identical twins) but many imitations:
– not fully automated, slow, expensive– privacy issue – DNA contains information
about race, paternity, medical conditions– requires a physical sample of tissue
Operating Systems 21
![Page 22: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/22.jpg)
User Authentication• Problem with biometrics:
uncertainty in recognition
– System generates anumber 0 n 1
– Bimodal distribution
– Threshold must be chosen to minimize
• false alarms
• imposter acceptance
Operating Systems 22
![Page 23: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/23.jpg)
User Authentication• Passwords
– Must protect stored password files from access– Must prevent trial and error (guessing)
• Protecting password files
1. Maintain unencrypted; rely on access control
2. Encrypt using “one-way” function H:• H-1 is unknown• knowing H(x) does not yield x• keep only H(pw) with user name• at login, compute H(pw’) and compare with H(pw)
Operating Systems 23
![Page 24: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/24.jpg)
User Authentication• Preventing password guessing
– System-generated pw• Random string: difficult to memorize• “Pronounceable” words
– System-validated• Accept only passwords that obey specifications
(length, mix of letters/digits, upper/lower case)• Employ password-cracking programs to
reject easy-to-guess passwords– Time-limited
• Expiration date or number of uses
Operating Systems 24
![Page 25: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/25.jpg)
User Authentication• One-time passwords
1. Smart card (can be lost or stolen)
2. Use secret function; • System generates a challenge n, user replies with
f(n) as password; e.g. f(n)=3*n/2
3. Use one-way function to generate series ofone-time passwords from one password pw• … H(H(H(pw))) H(H(pw)) H(pw) pw• Intruder can derive H(H(pw)) from H(pw)
but not H(pw) from H(H(pw))because H-1 is unknown
Operating Systems 25
![Page 26: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/26.jpg)
User Authentication• guess any valid password:
– repeatedly generate strings s (dictionary, random, …), check if H(s) is in table
• System-extended pw– for each pw, generate random
number slt (called “salt”)– store: UserName,slt,H(slt,pw)– guessing: must check H(slt,s)
for every slt in table– salting does not make it
harder to guess the password of a specific user
Operating Systems 26
![Page 27: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/27.jpg)
Functions of a Protection System• External safeguards
– Guard physical access (locks, badges, cameras)• Verification of user identity (User Authentication)• Communication safeguards
– Protect public/vulnerable lines: cryptography• Access control
– Can Subject perform function on Resource• Information flow control
– Can S get information contained in R (indirectly)
Operating Systems 27
![Page 28: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/28.jpg)
Secure Communication• Principles of cryptography:
– Cipher text, Plain text, Key(s)– Encrypt: C = E(P,Ke)
– Decrypt: D(C,Kd) = P
• Goals:– Secrecy = message content not revealed– Integrity = message not modified– Authenticity = establish identity of sender– Nonrepudiability = establish identity of creator
(regardless of who sent it)• an actor cannot deny creation of message (signature)
Operating Systems 28
![Page 29: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/29.jpg)
Secure Communication• Secret-key Cryptosystems
Symmetric: S and R share a common secret key K which is used for both encrypting and decrypting
Operating Systems 29
![Page 30: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/30.jpg)
• Examples• transposition cipher:
• rearranges the order of letters • example algorithm: swap 2 letters, skip n• key: n• e.g., n=1: 'hello world' → 'ehlol owrdlnd’
• substitution cipher• replace letters or groups of letters • example: Cesar cypher• algorithm: replace every letter by the letter k
positions down in the alphabet• key: k• e.g., k=1: 'fly at once' → 'gmz bu podf‘
• Easy to break using statistical analysis
Secure Communication
Operating Systems 30
![Page 31: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/31.jpg)
• Example: DES– US standard (1977)– Blocks of 64 bits– Block is divided into L and R half– F applies Key to R– result is XOR’d with L, becomes new R– old R becomes new L– repeat 16 times– F uses:
• permutations• substitutions• XOR with a 56-bit key
• Triple-DESC = DEA(DEA(DEA(P, K3), K2, K1)
Secure Communication
Operating Systems 31
![Page 32: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/32.jpg)
Secure Communication• With Secret-key cryptosystems:
– Secrecy: only R can decrypt C– Integrity: intruder cannot produce valid message– Nonrepudiation: not possible, S can deny– Authenticity of sender: must prevent replay
Operating Systems 32
![Page 33: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/33.jpg)
Secure Communication• Use nonce N to prevent replay of message:
S R(1) N(2) C=E({P,N},K)
– Capturing either message does not help;both are different every time
• Use timestamp T to prevent replay
S R C=E({P,T},K)
– Limits possible replay to a chosen time interval
Operating Systems 33
![Page 34: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/34.jpg)
Secure Communication• Key distribution and authentication
– Both S and R must have the same key K– Trusted server approach:
• Each process has its own secret key for communication with trusted Key Distribution Center (KDC)
• At runtime, process A asks KDC for a Session Key KAB for communication with process B
KDC A B(1) A,B(2) E({KAB,B,ticket},KA) (3) ticket ticket = E({KAB,A},KB)
Operating Systems 34
![Page 35: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/35.jpg)
Secure Communication• Public-key cryptosystems (Diffie-Hellman, 1976)
– Asymmetric: different keys for encryption and decryption
– One cannot be derived from the other– One is Public key, other is Private
Operating Systems 35
![Page 36: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/36.jpg)
Secure Communication• With Public-key cryptosystems
– Secrecy: only R can decrypt message using KRpriv
– Integrity: intruder cannot produce valid message without KS
priv
– Authenticity of creator: same as integrity: only S knows KS
priv
– Authenticity of sender: use nonce or timestamp to prevent replay
Operating Systems 36
![Page 37: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/37.jpg)
Secure Communication• How to make a key/function so that the other cannot be
derived from it?• RSA (Rivest, Shamir, Adelman) Public Key
C = E(P) = Pe mod n P = D(C) = Cd mod n– (e,n): Public encryption key– (d,n): Private/secret decryption key;
d cannot be derived from e
Operating Systems 37
![Page 38: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/38.jpg)
Secure Communication• RSA Key Generation
1. Choose large primes p and q; compute n=p*q• Example: p=5, q=7, n=35
2. Choose d to be a (large) prime number having no factors in common with (p1)*(q1)• Example:
(51)*(71)=24; d=5 or 7 or 11 (choose 11)
3. Choose e such that e*d mod (p1)*(q1) = 1• Example:
e*11 mod 24 = 1; e = 11 or 35 or 59 or 83 … C = E(P) = P59 mod 35 P = D(C) = C11 mod 35
Operating Systems 38
![Page 39: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/39.jpg)
Secure Communication• Why is RSA encryption secure?
– n is derived from p and q; (n=p*q)
– d is also derived from p and q; (no common factors)
– e is derived from d but also needs p and q;
– only d is known/public, p and q have been discarded → e cannot be derived
– similarly, d cannot be derived from e without p and q
Operating Systems 39
![Page 40: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/40.jpg)
Secure Communication• Public key distribution and authentication
– Making key public is easy, but need to authenticate it:• How does A safely get B’s public key KB
publ ?
• Trusted server approach:
KDC A(1) A,B(2) E({B,KB
publ},KKDCpriv)
– KDC provides B’s public key KBpubl
– KKDCpriv guarantees authenticity (KDC sent it)
Operating Systems 40
![Page 41: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/41.jpg)
Secure Communication• Digital Signatures:
– How can a document be “signed” and transmitted electronically?
– Here is my signature
• Anyone can copy and attach it to any document
– Sign on paper, scan• Any document is digitized and can be modified
– Public-key cryptosystems permit unforgeable electronic “signatures”?
Operating Systems 41
![Page 42: 12. Protection/Security Interface](https://reader036.vdocuments.site/reader036/viewer/2022062500/5681542a550346895dc22cb7/html5/thumbnails/42.jpg)
Secure Communication• Digital Signature: document M is to be “signed”
– Sender generates unique digest: d = H(M)– Sender encrypts E(d,KS
priv), receiver decrypts with KSpubl
– Receiver computes d’ = H(M);• d’ is a unique signature of document M• d=d’ means that d is a also a unique signature of M;• Decryption authenticates sender, proving sender sent d
i.e., sender signed M
Operating Systems 42