modern security model for linux operating systems
play

Modern Security Model for Linux Operating Systems Aleksander Zdyb S - PowerPoint PPT Presentation

May 18, 2023 •451 likes •920 views

Aleksander Zdyb Modern Security Model for Linux Operating Systems Aleksander Zdyb S OFTWARE E NGINEER T IZEN P LATFORM S ECURITY a.zdyb@samsung.com https://github.com/azdyb Briefly about security requirements About Tizen operating system

  1. Aleksander Zdyb Modern Security Model for Linux Operating Systems

  2. Aleksander Zdyb S OFTWARE E NGINEER T IZEN P LATFORM S ECURITY a.zdyb@samsung.com https://github.com/azdyb

  3. • Briefly about security requirements • About Tizen operating system • Dedicated security model • Application lifecycle • Summary A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 3/46

  4. A BOUT SECURITY REQUIREMENTS

  5. (CC ) Stiftelsen Elektronikkbransjen (CC ) Sascha Müsse (CC ) Intel Free Press A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 5/46

  6. A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 6/46

  7. A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 7/46

  8. • Classic approach: software acts on behalf of user to full extent • Usage of many kinds of privileges is more and more common • There is a conflict between privileges granularity and comfort of usage and administration A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 8/34

  9. A BOUT T IZEN

  10. • Modern operating system for embedded devices • A Linux distribution • Developed by Open Source community • Main contribution from Samsung at the moment A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 10/46

  11. • Smartphones, smartwatches, smart TVs • IVI systems (In-Vehicle Infotainment) • And more wiki.tizen.org A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 11/46

  12. TIZEN 2.x TIZEN 3.0 • Commercially released in many • Still in developent Samsung's devices (smartwatches, • Works on ODROID XU3 (arm), smart TVs, smartphones) MinnowBoard MAX (x86_64) • Security ensured with classic and other architectures mechanisms of Linux • Modern, dedicated security model A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 12/46

  13. S ERVICES , RESOURCES AND PRIVILEGES

  14. Example services and resources • E-mail • Camera • Networking A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 14/46

  15. Example services and resources Related privileges • E-mail • Reading, sending messages • Contacts preview • Camera • Taking photos • Browsing pictures • Networking • Accessing remote hosts • Usage of different protocols A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 15/46

  16. Applications Services and resources Camera Internet Mapy Kalkulator Przeglądarka Location Contacts Gra A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 16/46

  17. Applications Services and resources Camera Internet Mapa Kalkulator Access control Przeglądarka Location Contacts Gra A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 17/46

  18. D EDICATED S ECURITY M ODEL

  19. • DAC – Discretionary Access Control (classic access control system) Cynara • Smack – Simplified Mandatory Access Control Kernel (one of LSMs) Smack DAC • Cynara – dedicated privilege checker (userspace) A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 19/46

  20. • Protects resources on filesystem • Access control set by owner of the resource • Access types: r w x • Subject is identified by its id and groups it belongs to Larry Ewing and The GIMP A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 20/46

  21. • Protects resources on filesystem • Access control set by owner of the resource • Access types: r w x • Subject is identified by its id and groups it belongs to A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 21/46

  22. • Both object and subject are identified by their labels • Access control is set by administrator • Access types: a r w x t l (GFDL) Casey Schaufler A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 22/46

  23. subject action object (label 1) (a r w x l) (label 2) A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 23/46

  24. Floor (_) System User • Read-only system • /run, /dev, /var/log • Home directories directories • System services • Launcher • Kernel’s helper and users’ services processes Domains are sets of labels with common prefix. There are other labels, like System::Shared, User::Home and more. A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 24/46

  25. • System service keeping and managing security policies • Dedicated solution for Tizen 3.0 • Generic – can be easily deployed in other Linux distributions A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 25/46

  26. Application Service Extension Cynara A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 26/46

  27. Privacy Manifests Manager Built-in Administrator Cynara A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 27/46

  28. L IFECYCLE OF A PPLICATION

  29. • Security Manager – service managing and configuring all of security modules in operating systems • Made for Tizen 3.0 • Can be deployed in other Linux distributions A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 29/46

  30. Security Manager is involved in: • installing applications – populates Cynara's database, creates Smack labels for apps • launching applications – applies security context (labels, groups) on behalf of launcher • managing security policies – supports edition of policies by administrator and users (Privacy Manager) (CC) Patrick Breen • managing users A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 30/46

  31. Depends on configuration Globally and privileges Unpacking files For user Installator Populating Cynara’s db Creating labels Installator configures manifest for apps application with help Security Manager from Security Manager Labelling files A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 31/46

  32. • Spawns a process Launcher • SM checks in Cynara what groups to apply for process Cynara • SM sets effective groups to allow access to some special files (e.g. devices) DAC • SM sets a proper Smack label for process Smack A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 32/46

  33. Hi Cynara! Can Maps haz perms to read location? GPS Yep, them can haz dat! A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 33/46

  34. Client is a Smack label Client identifying the application GPS MAPS User Application (e.g. maps) run with a Cynara Service managing protected proper label and by a given user (e.g. resource (e.g. GPS location) Suzan, uid=1001) requests access checks in Cynara , if the User is an uid GPS location (bound to privilege access should be granted of user running http://tizen.org/privilege/location ) the application Privilege One of privileges in Tizen 3.0, e.g. http://tizen.org/privilege/location A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 34/46

  36. Hi Cynara! Can Calculator haz Camera, if them want? No, man! Launcher No way we gib them dat! A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 36/46

  37. Linux checks (DAC) if process belongs to a proper group (e.g. camera_users ) Groups are assigned by Security Manager on every launch Application (e.g. Camera) run with a proper label and / dev/camera by a given user (e.g. Susan, uid=1001) requests access to device /dev/camera A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 37/46

  38. B ONUSES

  39. • Serving on D- Bus? We’ve got your back • Nether – networking access control • nice-lad – auditing • Vasum – containers A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 39/46

  40. S UMMARY

  41. • Security of embedded systems and privacy of stored data are very important • Classic security mechanisms are not enough • Security must be taken into account from the very beginning • Security doesn't have to be burdensome for developers A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 41/46

  42. Q UESTIONS ?

  43. • https://wiki.tizen.org/wiki/Main_Page • https://wiki.tizen.org/wiki/Security/Overview • https://wiki.tizen.org/wiki/Security:Cynara • https://wiki.tizen.org/wiki/Security:nice-lad A.Z DYB | „ M ODERN S ECURITY M ODEL FOR L INUX O PERATING S YSTEMS ” | B RUSSELS 2016-01-30 | 43/46

Recommend

What is GNU/Linux? GNU/Linux is a free operating system Other operating systems:

What is GNU/Linux? GNU/Linux is a free operating system Other operating systems:

What is GNU/Linux? GNU/Linux is a free operating system Other operating systems: Microsoft windows Apple Mac OS X Sun Solaris FreeBSD/OpenBSD AIX And many more..... GNU/Linux history GNU project started by

330 views • 9 slides
Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux

Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux

Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux History Linux Architecture Logging in to Linux Command Format Linux Filesystem Directory and File Commands Wildcard Characters

686 views • 19 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
CS 377: Operating Systems Linux Case Study Outline Linux History Design Principles A

CS 377: Operating Systems Linux Case Study Outline Linux History Design Principles A

CS 377: Operating Systems Linux Case Study Outline Linux History Design Principles A review of what youve System Overview learned, and how it Process Scheduling applies to a real Memory Management operating system File

245 views • 13 slides
Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1 Fall 2015 Outline Basic concepts in computer security Design principles for security Important security tools for operating systems

1.15k views • 64 slides
Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1 Spring 2015 Outline Basic concepts in computer security Design principles for security Important security tools for operating systems

844 views • 56 slides
Processes Focus: Process model Process management case study: Unix/Linux/Mac OS X (Windows is a

Processes Focus: Process model Process management case study: Unix/Linux/Mac OS X (Windows is a

Processes Focus: Process model Process management case study: Unix/Linux/Mac OS X (Windows is a little different.) Operating Systems Problem: unwieldy hardware resources Solution: operating system Operating Systems , a 240 view Focus: key

539 views • 16 slides
Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Security-Enhanced Linux Trent

474 views • 26 slides
Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Linux Security Modules Trent

872 views • 30 slides
CS 423 Operating System Design: Scheduling in Linux Professor Adam Bates Spring 2017 CS

CS 423 Operating System Design: Scheduling in Linux Professor Adam Bates Spring 2017 CS

CS 423 Operating System Design: Scheduling in Linux Professor Adam Bates Spring 2017 CS 423: Operating Systems Design Goals for Today Learning Objective: Understand inner workings of modern OS schedulers Announcements, etc:

790 views • 30 slides
CS 423 Operating System Design: Scheduling in Linux Professor Adam Bates Spring 2017 CS

CS 423 Operating System Design: Scheduling in Linux Professor Adam Bates Spring 2017 CS

CS 423 Operating System Design: Scheduling in Linux Professor Adam Bates Spring 2017 CS 423: Operating Systems Design Goals for Today Learning Objective: Understand inner workings of modern OS schedulers Announcements, etc:

498 views • 34 slides
Integrating Flexible Support for Security Policies into the Linux Operating System

Integrating Flexible Support for Security Policies into the Linux Operating System

Integrating Flexible Support for Security Policies into the Linux Operating System http://www.nsa.gov/selinux Stephen D. Smalley sds@tycho.nsa.gov Information Assurance Research Group National Security Agency (Slight modifications by David

542 views • 19 slides
Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source:

Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source:

Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source: http://en.wikipedia.org/w/index.php?title=File:Unix_history-simple.svg&page=1; Creative Commons GNU/Linux and Distributions Linux kernel: the core

476 views • 5 slides
Security in an Operating System Operating systems need to protect against two types of security

Security in an Operating System Operating systems need to protect against two types of security

H Security Security in an Operating System Operating systems need to protect against two types of security violations: Accidental security violations, e.g.: a program accidentally overwrites a file; a user issues rm -rf *,

6.18k views • 28 slides
Operating Systems Threads ENCE 360 Outline Model Motivation Libraries Chapter 2.2

Operating Systems Threads ENCE 360 Outline Model Motivation Libraries Chapter 2.2

Operating Systems Threads ENCE 360 Outline Model Motivation Libraries Chapter 2.2 Chapter 26.1, 26.2 MODERN OPERATING SYSTEMS (MOS) OPERATING SYSTEMS: THREE EASY PIECES By Andrew Tanenbaum By Arpaci-Dusseau and Arpaci-Dusseau

382 views • 20 slides
Tizen, Security and The Internet of Things Casey Schaufler 1 Casey Schaufler Security

Tizen, Security and The Internet of Things Casey Schaufler 1 Casey Schaufler Security

Tizen, Security and The Internet of Things Casey Schaufler 1 Casey Schaufler Security Dinosaur Smack Linux Security Module Manager Tizen and Linux Kernel Security 2 Tizen Linux based operating system Project of the Linux

486 views • 23 slides
Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

5/24/2017 Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity of our software and systems 12B. Authentication millions of lines of code, thousands of developers rich and powerful protocols

533 views • 14 slides
Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

5/18/2018 Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity of our software and systems 12B. Authentication millions of lines of code, thousands of developers rich and powerful protocols

374 views • 9 slides
The Modern Operating System in 2018 Justin Cormack Who am I? Engineer at Docker in Cambridge,

The Modern Operating System in 2018 Justin Cormack Who am I? Engineer at Docker in Cambridge,

The Modern Operating System in 2018 Justin Cormack Who am I? Engineer at Docker in Cambridge, UK. Formerly Unikernel Systems. Work on security, systems software, LinuxKit, containers @justincormack 2 The last monolith Lines of code in the

934 views • 60 slides
CS5460: Operating Systems Lecture 24: Security CS 5460: Operating Systems Once upon a time,

CS5460: Operating Systems Lecture 24: Security CS 5460: Operating Systems Once upon a time,

CS5460: Operating Systems Lecture 24: Security CS 5460: Operating Systems Once upon a time, this patch was made to Linuxs wait4() system call: + if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) +

550 views • 33 slides
Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables http://outflux.net/slides/2013/drupal/tunables.pdf R0Ng DrupalCon Portland 2013 Kees Cook <keescook@google.com> (pronounced Case) Who is

474 views • 33 slides
Scheduling in Linux (2.6) Don Porter 1 COMP 530: Operating Systems Last time We went

Scheduling in Linux (2.6) Don Porter 1 COMP 530: Operating Systems Last time We went

COMP 530: Operating Systems Scheduling in Linux (2.6) Don Porter 1 COMP 530: Operating Systems Last time We went through the high-level theory of scheduling algorithms One approach was a multi-level feedback queue Today: View into

448 views • 32 slides
Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111

Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111

Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 Operating Systems Peter Reiher Lecture 18 CS 111 Page 1 Spring 2015 Outline Basic concepts in computer security Design principles for

1.06k views • 62 slides
Understanding Linux Malware Emanuele Cozzi 1 , Mariano Graziano 2 , Yanick Fratantonio 1 , Davide

Understanding Linux Malware Emanuele Cozzi 1 , Mariano Graziano 2 , Yanick Fratantonio 1 , Davide

Understanding Linux Malware Emanuele Cozzi 1 , Mariano Graziano 2 , Yanick Fratantonio 1 , Davide Balzarotti 1 1 EURECOM 2 Cisco Systems, Inc. IEEE Symposium on Security & Privacy, May 2018 Malware and operating systems Malware and operating

690 views • 57 slides

More recommend