Scribd Logo
Unggah

Selamat datang di Scribd!

  • Fundamental Computer Security

    Diunggah oleh

    kakyo29433
    28 tayangan16 halaman
    security system fundamental

    Judul Asli

    fundamental computer security

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    PPT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    security system fundamental

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PPT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    28 tayangan16 halaman

    Fundamental Computer Security

    Diunggah oleh

    kakyo29433
    security system fundamental

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PPT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 16

    Fundamentals of

    Computer Security

    Geetika Sharma
    Fall 2008

    Outline
    Fundamentals

    of Computer Security
    Security Threats and Protection Methods
    Security Models and Mechanisms
    Security Issues in Distributed systems
    Latest Techniques

    Agent Based Approach


    Grid Specific Host Based Intrusion Detection
    System

    Fundamentals of Computer
    Security[1]

    Computer Systems

    Can be represented by:


    Subjects

    Objects

    Active entities that access objects


    Passive entities that must be protected
    Examples: data, hardware, software and communication links

    Access Control Policy


    Describes how objects are accessed by subjects
    Flow Control Policy
    Regulates the information flow between objects and
    subjects

    Security Threats[1]

    Interruption (availability)
    Loss

    of data and denial of service

    Interception
    Related

    to secrecy

    Modification and Fabrication are violations of


    system integrity

    Threats from Web/Network[4]

    Client Side

    What can the server do to the client?

    Fool it

    Server Side

    What can the client do to the server?

    Install or run unauthorized software, inspect/alter files

    Bring it down (denial of service)


    Gain access (break-in)

    Network

    Is anyone listening? (Sniffing)


    Is the information genuine? Are the parties genuine?

    Security Mechanisms[1]

    Authentication
    Verification
    Authorization
    Extending permission
    Fault Tolerance
    Sustaining faults
    Encryption
    Prevents exposure of information and maintains
    privacy
    Auditing
    Passive form of protection

    Security Models[1]

    Discretionary

    Provides separation of users and data


    E.g. access control matrix

    Mandatory

    Requires access control of all subjects and orders


    under its control on a system wide basis
    E.g. multilevel security, all subjects and objects in
    the system are assigned a sensitivity label. The
    labels are used as the basis for mandatory access
    control decisions.

    Security Issues in Distributed


    Systems[1]
    Interoperability

    and Transparency

    Gives rise to security issues

    Approaches

    to Implementing New Services

    Add an additional layer of software that runs on top of


    the existing system to provide the new services
    Redesign the system so that the new services can be
    executed more efficiently in the kernel mode

    Security Issues in Distributed


    Systems[1]

    Client/Server Security
    A client initiates an access to an object through the
    kernel
    Kernel authenticates the client and then invokes the
    object server
    Implemented via Interprocess Communication at
    transport layer
    Supported by secure host-to-host communications at the
    network layer and node to node communication at the
    link layer
    Secure distributed system consists of communicating
    security servers using trusted gateway.

    Security Issues in Distributed


    Systems[1]
    Client processes
    request

    response
    Other OS Servers
    response
    Authentication
    Server

    Authorization
    Server

    Other Security
    Servers
    request

    Trusted Secure Kernel


    Client/Server Distributed Security Architecture

    Latest Techniques

    Majority of information security incidents is


    perpetrated by insiders i.e. internal computer users
    constitute the largest threat to the computer
    systems security[2].
    Traditional methods (such as identification and
    authentication, access restriction, etc.) do not solve
    this problem
    Drawbacks; among them are

    low ability of internal malicious users detection,


    inability to process large amounts of information,
    low productivity

    Agent Approach for Security in


    Distributed Systems[2]
    Intelligent Security System for Computers users
    activity monitoring
    Online and off-line monitoring allowing to detect
    anomalies and irregularities in user behavior.
    On-line monitoring is carried in real time, and is
    used to predict user actions (use neural networks)
    Off-line monitoring is done after the user has
    ended his work, and is based on the analysis of
    statistical information obtained during user's work.

    Agent Approach for Security in


    Distributed Systems[2]
    Win
    98

    On-line User
    Agent

    On-line User
    Agent

    Free
    BSD

    Dbase
    Off-line User
    Agent

    Win
    2000

    On-line User
    Agent

    Controller
    Agent

    On-line User
    Agent

    Linux

    System Architecture for Agent Based Security in Distributed systems

    GHIDS: Defending Computational Grids


    Against Misusing of Shared Resources [3]

    Grid Specific Host Based Intrusion Detection System


    Design
    Performance Impact
    Central Control
    Leverage Existing Software
    Configurability
    Effectiveness
    Approach/Services
    Uses Bottleneck Verification (Host)
    Detects users that go from user to super user improperly
    Monitors process creation, modification and destruction (Host)
    Monitors accessing of critical resources (Host)
    Grid User ID and Host Level ID stores when Grid services used
    Architecture
    Host and Grid level deployment
    Virtual Kernel Device created
    Grid Middleware modified
    Data Analyzer
    User Interface

    References
    1. Randy Chow, Theodore Jognson. Distributed Operating Systems and
    Algorithms, Addison-Wesley 1997
    2. Agent Approach for Providing Security in Distributed Systems;
    TCSET'2006, February 28-March 4, 2006, Lviv-Slavsko, Ukraine
    3. GHIDS:Defending Computational Grids Against Misusing of Shared
    Resources, Feng et all, IEEE 2006
    4. www.cse.sc.edu/~farkas/csce522-2003/lectures/csce522lect22.ppt (2003)

    Thanks!

    Anda mungkin juga menyukai