protection
play

Protection CSE473 - Spring 2008 Professor Jaeger - PowerPoint PPT Presentation

Jun 02, 2023 •234 likes •526 views

Protection CSE473 - Spring 2008 Professor Jaeger www.cse.psu.edu/~tjaeger/cse473-s08/ CSE473 Operating Systems - Spring 2008 - Professor Jaeger Protection Protect yourself from untrustworthy users in a common space They may try to

  1. Protection CSE473 - Spring 2008 Professor Jaeger www.cse.psu.edu/~tjaeger/cse473-s08/ CSE473 Operating Systems - Spring 2008 - Professor Jaeger

  2. Protection • Protect yourself from untrustworthy users in a common space – They may try to access your resources – Or modify your resources – Or they may just make a mistake • Protect yourself from their errors CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 2

  3. Shared Platforms Process 1 Process 2 Process n Program Program Program ... Data Data Data Operating System Security Scheduling Resource Mechanisms Display ... Memory Disk Network Memory Disk Network Display ... Device Device Device Device CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 3

  4. Access Control/Authorization • An access control system determines what rights a particular entity has for a set of objects • It answers the question – E.g., do you have the right to read /etc/passwd – Does Alice have the right to view the EECS website? – Do students have the right to share project data? – Does Dr. Jaeger have the right to change your grades? • An Access Control Policy answers these questions CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page

  5. Basic Access Control • Subjects are the active entities that do things – E.g., you, Alice, students, Dr. Jaeger • Objects are passive things that things are done to – E.g., /etc/passwd, CSE website, project data, grades • Operations are actions that are taken – E.g., read, view, share, change CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page

  6. Protection System • Any “system” that provides resources to multiple subjects needs to control access among them – Operating system – Servers • Consists of: – Protection State • Description of permission assignments (i.e., policy) • Determines protection from others – Protection State Operations • Modify that state CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 6

  7. Access Matrix • Subjects • Objects • Operations O 1 O 2 O 3 • Can determine – Who can access an object S 1 Y Y N – What objects can be accessed by a subject – What operations a subject can S 2 N Y N perform on an object S 3 N Y Y CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 7

  8. Access Control • Suppose the private key file for J is object O 1 – Only J can read • Suppose the public key file for J is object O 2 O 1 O 2 O 3 – All can read, only J can modify • Suppose all can read and write from J ? ? ? object O 3 • What ’ s the access matrix? S 2 ? ? ? S 3 ? ? ? CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 8

  9. Least Privilege • Limit permissions to those required and no more • Consider three processes for user J – Restrict privilege of the process J 1 to prevent leaks O 1 O 2 O 3 J 1 R R N? W W J 2 N R R W J 3 N R R W CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 9

  10. Protection Domains • The protection domain Protection domain restricts access of external parties to our computing system’s Memory resources • How is this done today? Program A • Memory protection • E.g., UNIX protected Files memory, file-system permissions (rwx…) • A protection state describes access of all programs CSE473 Operating Systems - Spring 2008 - Professor Jaeger 10

  11. Protection State Transitions • Transition – From one access matrix state to another – Add/delete subject, object, operation assignment • Transition semantics – Owner-driven – Delegation – Administrator-driven – Administrative permissions • Attenuation of Rights Principle – Can ’ t grant a right that you do not possess CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 11

  12. UNIX System • Originated in the late 60 ’ s, early 70 ’ s – Bell Labs: Ken Thompson, Dennis Ritchie, Douglas McIlroy • Multiuser Operating System – Enables protection from other users – Enables protection of system services from users CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 12

  13. UNIX Protection State • Subjects – Users -- UIDs: real, effective, file system, saved – Groups -- GIDs – Processes make accesses on behalf of users belonging to particular groups • Objects – Files – Directories • Operations – Read – Write – Execute CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 13

  14. UNIX UIDs • UIDs: real, effective, file system, saved • UID transitions – For login process: UIDs are root – After authentication, the shell ’ s UIDs are: tjaeger – Exec su: real is tjaeger; effective is root • Transitions among UIDs are complex R=1,E=1,S=0 setresuid(1, 1, 0) setresuid(1, 1, 0) setresuid(0, 0, 0) R=0,E=0,S=0 setresuid(0, 0, 0) setresuid(1, 0, 1) setresuid(1, 1, 0) setresuid(1, 0, 1) setresuid(0, 0, 0) setresuid(1, 0, 0) setresuid(1, 1, 0) setresuid(1, 0, 0) setresuid(0, 0, 0) R=1,E=0,S=1 setresuid(1, 0, 1) setresuid(0, 1, 1) setresuid(1, 1, 0) setresuid(0, 1, 0) setresuid(1, 1, 0) setresuid(0, 1, 1) setresuid(0, 0, 0) setresuid(1, 0, 1) setresuid(1, 0, 0) setresuid(0, 0, 0) setresuid(0, 1, 0) setresuid(1, 0, 1) setresuid(0, 1, 1) R=1,E=0,S=0 setresuid(1, 0, 0) setresuid(0, 0, 1) setresuid(1, 1, 0) setresuid(1, 1, 1) setresuid(0, 0, 1) setresuid(0, 0, 0) setresuid(0, 1, 0) setresuid(1, 0, 1) setresuid(0, 1, 1) setresuid(1, 0, 0) setresuid(1, 1, 1) setresuid(0, 1, 0) setresuid(1, 0, 0) R=0,E=1,S=1 setresuid(0, 1, 1) setresuid(0, 0, 1) setresuid(1, 0, 1) setresuid(0, 1, 0) setresuid(0, 1, 1) setresuid(0, 0, 1) setresuid(1, 0, 0) setresuid(1, 1, 1) R=0,E=1,S=0 setresuid(0, 1, 0) setresuid(0, 0, 1) setresuid(0, 1, 1) setresuid(1, 1, 1) setresuid(0, 1, 0) setresuid(0, 0, 1) setresuid(1, 1, 1) setresuid(1, 1, 1) R=0,E=0,S=1 setresuid(0, 0, 1) setresuid(1, 1, 1) R=1,E=1,S=1 setresuid(0, 0, 0) setresuid(0, 0, 1) setresuid(0, 1, 0) setresuid(0, 1, 1) setresuid(1, 0, 0) setresuid(1, 0, 1) setresuid(1, 1, 0) setresuid(1, 1, 1) (c) An FSA describing setresuid in Linux CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 14

  15. UNIX Access Control • Write the access matrix (access type x object) mcdaniel, fcse, and world for the following files: drwxr-xr-x 26 mcdaniel fcse 884 Feb 21 11:56 slides/ -rw-r--r-- 1 mcdaniel fcse 7098 Feb 20 16:01 www/index.html • Assume “slides” is an O 1 and index.html is O 2 jaeger R W X O 1 Y N Y O 2 Y N N CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 15

  16. Changing permissions • Change permissions of a file – chmod • chmod 644 file -- owner can read/write, group, others can read only • chmod u+x file -- adds execute permission for owner • Change owner of a file – chown • chown new_owner file • Change group of a file – chgrp • chgrp new_group file CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 16

  17. UID Transition: Setuid • A special bit in the mode bits • Execute file – Resulting process has the effective (and fs) UID/GID of file owner • Enables a user to escalate privilege – For executing a trusted service • User defines execution environment – e.g., Environment variables • Service must protect itself or user can gain root access CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 17

  18. Setuid Execution • Process A running as – UID=X • Fork process A to create process B – Both running with UID=X • The exec file C in process B with setuid bit set and owner of root – process A has UID=X – process B has UID=root CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 18

  19. Confused Deputy Problem • Situation – A program has authority (setuid root file) – Is confused into using that authority incorrectly • Example – Call httpd and supply libexecdir argument – Add your own libraries to overwrite passwd (if httpd runs as root) • Also a concern for network daemons – Why? • A motivation for capability systems – Discuss later CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 19

  20. Windows Security • 0 to full speed – No protection system in early versions • Advantage – Know the limits of the UNIX security model • What are these? • Disadvantage – Legacy approaches from insecure environment • Will they conflict with new protection system? CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 20

  21. Windows Subjects (Access Tokens) • User SID (subject identifier) – Authenticated SID • Group and Alias SIDs – Groups and Aliases that apply to this user • Privileges – Ad hoc rights • E.g., Take ownership of files • Like POSIX capabilities in UNIX • Defaults for New Objects – Access rights for new objects created (like umask) • Miscellaneous – login session ID – token ID CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 21

  22. Access Checking with ACEs • Example CSE473 Operating Systems - Spring 2008 - Professor Jaeger Page 22

Recommend

Tier 1 Water Budget CTC SPC Meeting # 2/09 Agenda Item # 6.1 February 17, 2009 Gayle

Tier 1 Water Budget CTC SPC Meeting # 2/09 Agenda Item # 6.1 February 17, 2009 Gayle

CTC Source Protection Region CTC Source Protection Region CTC Source Protection Region CTC Source Protection Region www.ctcswp.ca CTC Source Protection Region CTC Source Protection Region CTC Source Protection Region CTC Source Protection

645 views • 48 slides
Protection Issues I/O protection Protection and System Calls Prevent users from

Protection Issues I/O protection Protection and System Calls Prevent users from

Protection Issues I/O protection Protection and System Calls Prevent users from performing illegal I/Os Memory protection Otto J. Anshus Prevent users from modifying kernel code and data (including slides from Kai Li,

350 views • 6 slides
The Protection Mainstreaming Mobile Application (ProM) The Protection Mainstreaming App is

The Protection Mainstreaming Mobile Application (ProM) The Protection Mainstreaming App is

The Protection Mainstreaming Mobile Application (ProM) The Protection Mainstreaming App is available for download through the Google Play and iTunes App Stores. The Protection Mainstreaming App is based on the Global Protection Cluster Guidance

260 views • 3 slides
I. Asset Protection Trusts Foreign Asset Protection Trusts Offshore Asset Protection

I. Asset Protection Trusts Foreign Asset Protection Trusts Offshore Asset Protection

I. Asset Protection Trusts Foreign Asset Protection Trusts Offshore Asset Protection Structure STRONGEST asset protection because its not under US law Hurdles FAPTs create for Creditors: o They dont recognize US judgments.

219 views • 9 slides
Module 18: Protection Goals of Protection Domain of Protection Access Matrix

Module 18: Protection Goals of Protection Domain of Protection Access Matrix

Module 18: Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based Systems Language-Based Protection Operating System Concepts 18.1

355 views • 19 slides
Module 18: Protection Goals of Protection Domain of Protection Access Matrix

Module 18: Protection Goals of Protection Domain of Protection Access Matrix

Module 18: Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based Systems Language-Based Protection Silberschatz, Galvin, and Gagne

314 views • 16 slides
Invention-Con 2017 - International 2 Protection - Patents International Protection: Patents

Invention-Con 2017 - International 2 Protection - Patents International Protection: Patents

Invention-Con 2017 - International 2 Protection - Patents International Protection: Patents Presented By: Robin Hylton Session on International Protection: Patents Patent Protection Outside the United States Paris Convention Basics

584 views • 54 slides
Groundwater Quality Vulnerability Analysis - WHPA delineation & vulnerability CTC SWP

Groundwater Quality Vulnerability Analysis - WHPA delineation & vulnerability CTC SWP

CTC Source Protection Region CTC Source Protection Region CTC Source Protection Region CTC Source Protection Region www.ctcswp.ca CTC Source Protection Region CTC Source Protection Region CTC Source Protection Region CTC Source Protection

486 views • 30 slides
Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly

Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly

Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly internal problem Protection: mechanism for controlling the access of programs, processes, or users to the resources defined by a computer

499 views • 16 slides
Protection & Advocacy Kentucky Protection & Advocacy Camille Collins What is P&A?

Protection & Advocacy Kentucky Protection & Advocacy Camille Collins What is P&A?

Protection & Advocacy Kentucky Protection & Advocacy Camille Collins What is P&A? Federal law requires that each state and U.S. Territory establish a protection and advocacy system. KY P&A is the established agency in

339 views • 20 slides
5 TOP TIPS TO SELL MORE PROTECTION! 5 TOP PROTECTION TIPS! AGENDA Turning water into wine!

5 TOP TIPS TO SELL MORE PROTECTION! 5 TOP PROTECTION TIPS! AGENDA Turning water into wine!

5 TOP TIPS TO SELL MORE PROTECTION! 5 TOP PROTECTION TIPS! AGENDA Turning water into wine! Multi claims - limited benefit plans Pay rise on claims Sick pay for self employed Marketing Protection 5 TOP TIPS FOR PROTECTION

1.02k views • 63 slides
Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses

Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses

Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses Protection domains Class hierarchy: root can to everything a normal user can do + alpha Access control matrix Domains (Users)

575 views • 24 slides
E L Consumer Consumer P Protection Protection M Project Project A S Nicole Gordillo,

E L Consumer Consumer P Protection Protection M Project Project A S Nicole Gordillo,

E L Consumer Consumer P Protection Protection M Project Project A S Nicole Gordillo, Tyler Ballesteros, Simone Singh, & Jackson McDonough E 47 U.S. Code 227 The Telephone Consumer Protection Act (TCPA) is a federal

431 views • 21 slides
Implementation of Source Protection Plan Policies Halton-Hamilton Source Protection Committee

Implementation of Source Protection Plan Policies Halton-Hamilton Source Protection Committee

Implementation of Source Protection Plan Policies Halton-Hamilton Source Protection Committee Meeting December 8, 2015 The Ministry of the Environment and Climate Change 2 Source Protection Plan Policy Approaches Source Protection

656 views • 46 slides
5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION

5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION

5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION DEIRDRE ALLISON RECORDS MANAGEMENT YEARN2LEARN TRAINING GENERAL DATA PROTECTION REGULATION What is it? GDPR represents the most significant

172 views • 14 slides
Silberschatz and Galvin Chapter 19 Protection CPSC 410--Richard Furuta 4/26/99 1 Protection

Silberschatz and Galvin Chapter 19 Protection CPSC 410--Richard Furuta 4/26/99 1 Protection

Silberschatz and Galvin Chapter 19 Protection CPSC 410--Richard Furuta 4/26/99 1 Protection Goals of protection schemes Domain of protection Mechanisms access matrix implementation of access matrix revocation of access

437 views • 14 slides
Source Water Protection Presented to: TCC Source Protection Committee Presented by: Valerie

Source Water Protection Presented to: TCC Source Protection Committee Presented by: Valerie

Spills and Emergencies Source Water Protection Presented to: TCC Source Protection Committee Presented by: Valerie Bowering, TCC Source Protection Program Coordinator Date: March 28, 2019 This presentation is based on my knowledge and

310 views • 17 slides
the Social Protection Floor 16 th June 2016 Bangkok Social Protection Department of the ILO -

the Social Protection Floor 16 th June 2016 Bangkok Social Protection Department of the ILO -

Asia and the Pacific Regional Training Course on Labour and Social Policies for Decent Work Social Protection Report and the Social Protection Floor 16 th June 2016 Bangkok Social Protection Department of the ILO - Thibault van Langenhove - 1

405 views • 17 slides
Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining Data Protection People 18 th April 2016 Agenda Introduction Current Rules (DPA 98 & PECR) Overview of GDPR Business-wide impact Practical

479 views • 28 slides
Passive Fire Protection For the Oil & Gas Industry Passive Fire Protection What is purpose

Passive Fire Protection For the Oil & Gas Industry Passive Fire Protection What is purpose

Passive Fire Protection For the Oil & Gas Industry Passive Fire Protection What is purpose of fireproofing? To Save Lives To Preserve Assets To Prevent Escalation Passive Fire Protection Passive Fire Protection Passive Fire

311 views • 29 slides
The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection) and 2002/58/EC

440 views • 19 slides
Nation National al Fire Fire Protection Protection Assoc Association iation (NFPA) Standard

Nation National al Fire Fire Protection Protection Assoc Association iation (NFPA) Standard

Bri Briefing efing on on Nation National al Fire Fire Protection Protection Assoc Association iation (NFPA) Standard (NFPA) Standard 805 Fire Protection 805 Fire Protection Mark Satorius Executive Director for Operations, OEDO June

423 views • 16 slides
Child Online Protection National Child Online Protection committee Experience in

Child Online Protection National Child Online Protection committee Experience in

Child Online Protection National Child Online Protection committee Experience in (Re-established June 2013) with a Ministerial Decree No. 257 Egypt Islam Omran Child Online Protection Committee Coordinator Ministry of Communications and

434 views • 15 slides
The Office of Infrastructure Protection National Protection and Programs Directorate Department

The Office of Infrastructure Protection National Protection and Programs Directorate Department

5/24/2016 The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Measures for Public Gatherings Western Region Healthcare Emergency Preparedness Coalition (WRHEPC)

550 views • 12 slides

More recommend