CSIT324 OS &WEB INTERFACE SECURITYIntroduction

COURSE OUTLINE

Concepts Security environment: Threats, intruders,

accidental data loss. Cryptography basics: types Protection mechanisms Authentication Insider attacks, Code bug exploitation plus

defenses.

ASSESSMENT

Course works, test – 30% Final Exam – 70%

REFERENCE

Modern OS by Andrew S. Tanenbaum

SECURITY ENVIRONMENT

OS - Security – Protection mechanisms – the specific OS

mechanisms used to safeguard information in the PC.

SECURITY FACETS

1. ThreatsPC has 4 general goals with corresponding threats

to them: Data confidentiality – concerned with having secret

data remain secret.Data integrity – unauthorized users should not be

able to modify any data without the owner’s permission. Data modification includes changing data, removing data and adding false data.

System availability – nobody can disturb the system to make it unusable. Denial of service attacks.

Privacy – protecting individuals from misuse of information about them

2. INTRUDERS/ADVERSARIES

People who are nosing around places where they have no business.

Forms: Passive intruders – want to read files they are

not authorized to read. Active intruders – more malicious (want to

make unauthorized changes to data).

CATEGORIES OF INTRUDERS

Casual prying by nontechnical users: people reading other users’ email &other files if no barriers are placed in the way.

Snooping by insiders. Determined attempts to make money: bank

programmers have attempted to steal from the bank they are working for.

Commercial/military espionage: espionage is a serious &well-funded attempt by a competitor/a foreign country to steal programs, trade secrets, patentable ideas, technology, circuits designs, business plans e.t.c.

3. ACCIDENTAL DATA LOSS

Valuable data can be lost by accident.Causes: Act of God – fires, floods, earthquakes, wars,

riots. Hardware/software errors – CPU

malfunctions, unreadable disks, telecom errors, program bugs.

Human errors – incorrect data entry, wrong program run, lost disk.

Solutions: Maintain adequate backups far away from

the original data.

CRYPTOGRAPHY BASICS.

Cryptography refers to the process of converting plaintext into ciphertext (encrypt) in that only authorized people know how to convert it back to plaintext.

Ciphertext is an incomprehensible pile of bits.

Encryption &decryption algorithms (functions) should always be public.

FORMS OF CRYPTOGRAPHY

Secret-key cryptography – mono-alphabetic substitution. Also referred to as symmetric cryptography.

Advantage:Efficient because the amount of computation

required to encrypt/decrypt a message is manageable.

Drawback:Sender &receiver must both be in possession of

the shared secret key. Public-key cryptography – private (decryption

key) and public key pair but the public key (encryption key) is published.

PUBLIC KEY ENCRYPTION….

Key generation is automated with a user-selected password fed into the algorithm.

The correspondent encrypts the message with the receiver’s public key.

Since only the receiver has the private key, only the receiver can decrypt the message.

DIGITAL SIGNATURES

Digital signatures – sign a document digitally. Make it possible to sign emails &other digital

documents in such a way that they can’t be repudiated by the sender later.

One way is to first run the document through a one-way cryptographic hashing algorithm which very hard to invert.

Hashing function produces a fixed length result independent of the original document size.

Common hash functions: Message Digest 5 (MD5) that produces a 16byte result, Secure Hash Algorithm (SHA-1) that produces a 20-byte result.

HASHING PROCESS..SENDER’S END.

The document owner applies his private key to the hash to get D(hash). This value, called the Signature block, is appended to the document &sent to the receiver.

The application of D to the hash is also referred to as decrypting the hash though its not really a decryption because the hash has not been encrypted. It just a mathematical transformation on the hash.

RECEIVER’S END..

When the doc and hash arrive, the receiver first computes the hash of the doc using MD5 or SHA.

The receiver then applies the sender’s public key to the signature block to get E{D(hash)}.

It encrypts the decrypted hash, canceling it out &getting the hash back.

If the computed hash doesn’t match the hash from the signature block, the doc, the signature block, or both have been tampered with or changed by accident.

NB: the value of this scheme is that it applies public-key cryptography only to a relatively small piece of data, called the hash.

TRUSTED PLATFORM MODULE (TPM)

TPM is crypto-processor with some nonvolatile storage inside it for keys.

TPM can perform cryptographic operations such as encrypting blocks of plaintext or decrypting blocks of ciphertext in main memory.

TPM can also verify digital signatures. According to Microsoft, operating system

controls the TPM to prevent unauthorized software from being run.

TPM APPLICATIONS…

If the TPM is involved in the booting process, it will start only operating systems signed by a secret key placed inside the TPM by the manufacturer &disclosed only to selected OS vendors e.g. Microsoft.

Thus TPM can be used to limit users’ choices of software to those approved by the computer manufacturer.

TPM APPLICATIONS…

Music &movie industries are very keen on TPM as it could be used to prevent piracy of the content.

It also open up new business models such as renting songs/movies for a specific period of time by refusing to decrypt them after the expiration date.

TPM drawback: Doesn’t make PCs more secure against

external attacks. It only focuses on using cryptography to prevent users from doing anything not approved directly or indirectly by the TPM controllers.

RESEARCH ON:

Certificate Authorities PKI

Next Lecture: Protection Mechanisms.

End!