Security

1
Security

• Chapter 9

9.1 The security environment 9.2 Basics of
cryptography 9.3 User authentication 9.4
Attacks from inside the system 9.5 Attacks from
outside the system 9.6 Protection mechanisms
9.7 Trusted systems
2
Security Environment

• Security refers to the overall security problem.
• Protection mechanisms refers to the specific
  operating system mechanisms used to safeguard
  information in the computer.
• Threats to computer systems
• Data confidentiality is concerned with having
  secret data remain secret.
• Data integrity means that unauthorized users
  should not be able to modify any data without the
  owners permission.
• System availability means that nobody can disturb
  the system to have it unusable.

3
The Security EnvironmentThreats

• From a security perspective, computer systems
  have three general goals.

Security goals and threats
4
Intruders

• Common Categories
• Casual prying by nontechnical users
• Snooping by insiders
• Determined attempt to make money
• Commercial or military espionage

5
Accidental Data Loss

• Valuable data can be lost by accident. Common
  Causes
• Acts of God
• fires, floods, wars
• Hardware or software errors
• CPU malfunction, bad disk, program bugs
• Human errors
• data entry, wrong tape mounted

6
Basics of Cryptography

• The purpose of cryptography is to take a message
  or a file, called the plaintext, and encrypt it
  into the ciphertext in such a way that only
  authorized people know how to convert it back to
  the plaintext.
• The secrecy depends on parameters to the
  algorithms called keys.

7
Basics of Cryptography

• Relationship between the plaintext and the
  ciphertext

8
Secret-Key Cryptography

• Substitute Cipher each letter or group of letter
  is replaced by another letter or group of letters
• Caesar cipher rotate the letter (a ? D, b ? E, c
  ? F, z ? C).
• Example attack ? DWWDFN
• Monoalphabetic substitution
• Each letter replaced by different letter
• Plaintext ABCDEFGHIJKLMNOPQRSTUVWXYZ
• Ciphertext QWERTYUIOPASDFGHJKLZXCVBNM
• Disadvantage It does not smooth out frequencies
  in the cipher text.
• Polyalphabatic cipher use multiple cipher
  alphabets.

9
Secret-Key Cryptography

• Transposition cipher reorder the letters, but
  don't disguise them.
• select a key MEGABUCK
• 7 4 5 1 2 8 3 6
• p l e a s e t r
• a n s f e r o n
• e h u n d r e d
  
• ? afnsedtoelnhesurndpaeerr
• Plain text ? cipher text

10
Transposition Ciphers

• A transposition cipher.

11
Secret-Key Cryptography

• Given the encryption key,
• easy to find decryption key
• Secret-key cryptography is called symmetric-key
  cryptography because they used the same key for
  encryption and decryption.
• The data encryption standard (DES)
• block cipher adopted by the US Government in Jan.
  1977.
• encryption based on 56-bit key.
• The Advanced Encryption Standard (AES)
• In November 2001, Rijndael become US Government
  Standard.

12
Public-Key Cryptography

• Public-key cryptography has the property
• Distinct keys are used for encryption and
  decryption.
• Given a well-chosen encryption key, it is
  virtually impossible to discover the
  corresponding decryption key.
• The encryption key can be made public and only
  the private decryption key kept secret.

13
Public-Key Cryptography

• Public-key cryptography uses an encryption
  algorithm E and a decryption algorithm D such
  that deriving D is effectively impossible even
  with a complete description of E. You can encrypt
  without knowing how to decrypt.
• Requirements
• D (E(P)) P
• It is extremely difficult to deduce the
  decryption key from the encryption key.
• E cannot be broken by a plaintext attack.

14
Public-Key Cryptography

• All users pick a public key/private key pair
• publish the public key
• private key not published
• Public key is the encryption key
• private key is the decryption key

15
Public-Key Cryptosystems RSA

• RSA, named after its inventors Rivest, Shamir,
  and Adlemean, a public-key cryptographic
  algorithm.
• The security of RSA comes from the fact that no
  methods are known to efficiently find the prime
  factors to large numbers.
• For example, 2100 can be written as 2100 2 x 2
  x 3 x 5 x 5 x 7 making 2, 3, 5, and 7 the prime
  factors in 2100.
• In RSA, the private and public keys are
  constructed from very large prime numbers. It
  turns out breaking RSA is equivalent to finding
  those two prime numbers.

16
Public-Key Cryptography

• RSA (Rivest, Shamir, Adleman) Algorithm
• choose 2 large primes, p and q gt 10100.
• compute npq and z(p-1)(q-1).
• choose a number relatively prime to z (that is,
  such that d has no common factors with z ) and
  call it d.
• find e such that e x d mod z 1.
• Group P into blocks such that CPe (mod n) and
  PCd(mod n) where 0 lt P lt n

17
Public-Key Cryptography

• Example
• p13 q17 ? n 13 x 17 221
• z (13 1) x (17
  1) 192.
  
• let d5 (prime to z 192)
• e x d mod 192 1 ?
• e x d 1 192 x k (k 0, 1, 2, ) 1, 193,
  385, ...
• 385 is divisible by d 5 ? e 385/5 77
• Example
• p3 q11 ? n 3 x 11 33
• z (3 1) x (11
  1) 20.
  
• let d7 (prime to z)
• 7 x e mod 20 1 ? 7e 1, 21, ? e 3
• C P3 (mod 33), P C7 (mod 33)

18
RSA

• An example of the RSA algorithm.

19
Pretty Good Privacy (PGP)

• Pretty Good Privacy (PGP) is a popular program
  used to encrypt and decrypt e-mail over the
  Internet.
• It can also be used to send an encrypted digital
  signature that lets the receiver verify the
  sender's identity and know that the message was
  not changed en route.
• Available both as freeware and in a low-cost
  commercial version,
• PGP is the most widely used privacy-ensuring
  program by individuals and is also used by many
  corporations. Developed by Philip R. Zimmermann
  in 1991, PGP has become a de facto standard for
  e-mail security.
• PGP can also be used to encrypt files being
  stored so that they are unreadable by other users
  or intruders. .

20
One-Way Functions

• Function such that given formula for f(x)
• easy to evaluate y f(x)
• But given y
• computationally infeasible to find x
• Example Those functions used in public-key
  cryptography.

21
Digital Signatures

• Digital signatures make it possible to sign email
  messages and other digital documents in such a
  way that they cannot be repudiated by the sender
  later.
• Steps to use digital signatures
• The sender runs the document through a one-way
  hashing algorithm
• The sender applies his private key to the hash to
  get D(hash). This is called the signature block.
• The receiver computes the hash of the document
  using MD5 or SHA and then applies the senders
  public key to the signature block to get
  E(D(hash)). Compare these two.

22
Digital Signatures
(b)

• Computing a signature block
• What the receiver gets

23
Digital Signatures

• The most popular hashing functions used are
• MD5 (Message Digest)
• SHA (Secure Hash Algorithm)
• The public key is usually published. To avoid
  altering, message senders can attach a
  certificate to the message, which contains
• The users name
• The public key
• Digitally singed by a trusted third party

24
User Authentication

• Basic Principles. Authentication must identify
• Something the user knows
• Something the user has
• Something the user is
• In the computer world, hacker is a term of honor
  reserved for great programmers.
• Crackers are those who try to break into computer
  systems where they do not belong.

25
Authentication Using Passwords

• The most widely used form of authentication is to
  require the user to type a login name and a
  password.
• Selecting Good Passwords make it difficult for a
  cracker to guess.
• In the following, which is the better practice?

26
Authentication Using Passwords

• (a) A successful login
• (b) Login rejected after name entered
• (c) Login rejected after name and password typed

27
How crackers break in?

• Locate machines
• War dialers dial telephone exchange (770-xxxx).
• Use ping to test if some computer is up and
  running.
• Guess password
• Become superuser.
• Install a packet sniffer, software that examines
  all incoming and outgoing network packets.
• Real hackers refer to those who are just running
  scripts they found on the Internet as script
  kiddies.

28
Authentication Using Passwords

• How a cracker broke into LBL
• a U.S. Dept. of Energy research lab

29
UNIX Password Security

• UNIX Password Security
• The login program asks the user to type his name
  and password.
• The login program then reads the password file
  until it finds the line containing the users
  login name. If the password matches, the login is
  permitted.
• Improvement Associate an n-bit random number,
  called the salt, with each password.

30
Authentication Using Passwords
,
,
,
,
Password
Salt

• The use of salt to defeat precomputation of
• encrypted passwords

31
Improving Password Security

• The password program might complaint
• Passwords should be a minimum of seven
  characters.
• Passwords should contain both upper and lower
  case letters.
• Passwords should contain at least one digit or
  special character.
• Passwords should not be dictionary words,
  peoples names, etc.
• One-time passwords
• Challenge-response authentication

32
Authentication Using a Physical Object

• Information-bearing plastic cards come in two
  varieties
• Magnetic stripe cards
• Chip cards
• Stored value cards
• Smart cards
• Smart cards
• Advantages
• They do not need an online connection to a bank.
• Secure login authentication.
• Disadvantages
• Fixed cryptographic protocol could be broken.
• Slower operation
• Example American Express Credit Cards

33
Authentication Using a Physical Object

• Magnetic cards
• magnetic stripe cards
• chip cards stored value cards, smart cards

34
Authentication Using Biometrics

• Biometrics are physical characteristics of the
  user that are hard to forge.
• A biometrics system has two parts
• Enrollment Biometrics is stored in a database
  or a smart card.
• Identification the user shows up and provides a
  login name.

35
Authentication Using Biometrics

• Examples
• Finger length
• Fingerprint
• Retinal pattern analysis
• Signature analysis
• Voice recognition
• Urinate sample
• DNA analysis

36
Authentication Using Biometrics

• A device for measuring finger length.

37
Countermeasures

• Limiting times when someone can log in
• Automatic callback at number prespecified
• Limited number of login tries
• A database of all logins
• Simple login name/password as a trap
• security personnel notified when attacker bites

38
Operating System SecurityTrojan Horses

• Free program made available to unsuspecting user
• Actually contains code to do harm
• Place altered version of utility program on
  victim's computer
• trick user into running that program

39
Login Spoofing

• (a) Correct login screen
• (b) Phony login screen

40
Logic Bombs and Trap Doors

• A logic bomb is a piece of code written by
  company programmer
• potential to do harm
• OK as long as he/she enters password daily
• If programmer is fired, no password and bomb
  explodes
• A trap door is the code inserted into the system
  by a system programmer to bypass some normal
  check.
• Solution code reviews

41
Trap Doors

• (a) Normal code.
• (b) Code with a trapdoor inserted

42
Buffer Overflow

• Most systems are written in C. No C compiler does
  array bounds checking.
• Overflow could point to an invalid address or
  even an executable code.
• It is difficult to fix because there are so many
  existing C programs around that do not check for
  buffer overflow.

43
Buffer Overflow

• (a) Situation when main program is running
• (b) After program A called
• (c) Buffer overflow shown in gray

44
Generic Security Attacks

• To test a systems security is to hire a group of
  experts, known as tiger teams or penetration
  teams, to see if they can break in.
• When designing a system, it should withstand
  typical attacks
• Request memory, disk space, tapes and just read
• Try illegal system calls
• Start a login and hit DEL, RUBOUT, or BREAK
• Try modifying complex OS structures
• Try to do specified DO NOTs
• Convince a system programmer to add a trap door
• Beg administrators secretary to help a poor user
  who forgot password

45
Famous Security Flaws

• UNIX
• lpr remove the password file
• Force core dump on the password file
• Use some root related command such as mkdir
• TENEX for DEC-10 computers
• Carefully position a password to cause the page
  fault for each character input
• OS/360
• During the password verification, wind the tape
  to read the unauthorized file

46
Famous Security Flaws
(a)
(b)
(c)

• The TENEX password problem

47
Design Principles for Security

• System design should be public
• Default should be no access
• Check for current authority
• Give each process least privilege possible
• Protection mechanism should be
• simple
• uniform
• in lowest layers of system
• Scheme should be psychologically acceptable
• Keep the design simple

48
Network Security

• External threat
• code transmitted to target machine
• code executed there, doing damage
• Goals of virus writer
• quickly spreading virus
• difficult to detect
• hard to get rid of
• Virus is a program can reproduce itself
• By attaching its code to another program
• additionally, do harm
• Worms are programs which can self replicate
  without attaching to other program.

49
Virus Damage Scenarios

• Blackmail (encrypt your files and ask for money)
• Denial of service as long as virus runs
• main() while (1) fork()
• Permanently damage hardware (Overwrite BIOS)
• Target a competitor's computer
• do harm (reduce product quality)
• espionage (steal industrial secret)
• Intra-corporate dirty tricks
• sabotage another corporate officer's files (then
  get promoted)

50
How Viruses Work

• Virus written in assembly language
• Inserted into another program
• use tool called a dropper to attach the virus
  to another program.
• Virus dormant until program executed
• then infects other programs
• eventually executes its payload
• The payload may do nothing until a certain date
  has passed.

51
How Viruses Work

• Seven kinds of virus based on what is infected
• Companion prog.com, prog.exe
• Executable program
• Memory
• Boot sector
• Device driver
• Macro
• Source code

52
How Viruses Work

• Executable program viruses
• Overwriting viruses are viruses that overwrite
  the executable program with itself.
• Parasitic viruses are viruses attach themselves
  to the program and do their dirty work, but allow
  the program to function normally afterward.
• Cavity viruses are viruses which hide itself in
  the memory holes.

53
How Viruses Work

• Recursive procedure that finds executable files
  on a UNIX system
• Virus could infect (or attach virus to) them all

54
How Viruses Work

• An executable program
• With a virus at the front
• With the virus at the end
• With a virus spread over free space within program

55
Viruses

• A memory-resident virus stays in memory all the
  time.
• A virus that resides in the master boot record or
  boot sector is called boot sector virus.
• A device virus is the virus that infects a device
  drivers.
• A micro virus is a micro attached to the
  document.
• A source code virus is the virus code included in
  a program source code.
• include ltvirus.hgt

56
How Viruses Work

• After virus has captured interrupt, trap vectors
• After OS has retaken printer interrupt vector
• After virus has noticed loss of printer interrupt
  vector and recaptured it

57
How Viruses Spread

• Virus placed where likely to be copied
• When copied
• infects programs on hard drive, floppy
• may try to spread over LAN
• Attach to innocent looking email
• when it runs, use mailing list to replicate

58
Antivirus and Anti-Antivirus Techniques

• A goat file is a program that does nothing but is
  infected by a virus.
• Use goat file to create the profile of a virus
  and insert it into the virus database.
• Virus scanners scan every executable file or some
  specific types of files to locate the virus.
• The anitvirus program can detect file infection
  by comparing the file length.
• A virus that mutates on each copy is called a
  polymorphic virus.
• A piece of code that can mutate a sequence of
  machine instructions without changing its
  functionality is called mutation engine.

59
Antivirus and Anti-Antivirus Techniques

• (a) A program
• (b) Infected program
• (c) Compressed infected program
• (d) Encrypted virus
• (e) Compressed virus with encrypted compression
  code

60
Antivirus and Anti-Antivirus Techniques

• Examples of a polymorphic virus
• All of these examples do the same thing

61
Antivirus and Anti-Antivirus Techniques

• Integrity checkers use the checksum to identify
  an infected file.
• Behavioral checkers stay in memory and try to
  catch virus.
• Virus avoidance better safe than sorry.
• good OS
• install only shrink-wrapped software
• use antivirus software
• do not click on attachments to email
• frequent backups

62
Antivirus and Anti-Antivirus Techniques

• The industry should do
• Make simple operating system
• Forget active content
• There should be a way to selectively write
  protect specified disk cylinders to prevent
  viruses from infecting the programs on them.
• Flash ROM is a nice idea, but it should only be
  modifiable when an external toggle switch has
  been flipped.
• Recovery from virus attack
• halt computer, reboot from safe disk, run
  antivirus

63
The Internet Worm

• Nov. 2, 1988 a Cornell graduate student, Robert
  Tappan Morris, released a worm program into the
  Internet.
• Consisted of two programs
• bootstrap to upload worm
• the worm itself
• Worm first hid its existence.
• Next replicated itself on new machines
• Run a remote shell using the rsh command
• Overflow finger daemon to execute sh.
• Use sendmail to mail a copy of the bootstrap and
  get it executed.

64
The Internet Worm

• Morris was caught when one of his friends spoke
  with the New York Times computer reporter, John
  Markoff, and tried to convince Markoff that the
  incident was an accident.
• Morris was tried and convicted in federal court.
  He was sentenced to a fine of 10,000, 3 years
  probation, and 400 hours of community service.
• The CERT (Computer Emergency Response Team) is
  established thereafter.
• What is Morris doing now?

65
Mobile Code

• Many Web pages contain small programs called
  applets to be fetched and executed.
• Agents are programs are shipped from one machine
  to another for execution.
• A PostScript file is a file to be printed on a
  PostScript printer.

66
Mobile Code

• Methods of dealing with applets and mobile code
• Sandboxing attempts to confine each applet to a
  limited range of virtual addresses enforced at
  run time.
• Interpretation makes applets run interpretively,
  for example, in JVM (Java Virtual Machine).
• Code signing devices to accept applets from
  trusted sources.
• Security was a part of the Java design.

67
Mobile Code Sandboxing

• (a) Memory divided into 1-MB sandboxes
• (b) One way of checking an instruction for
  validity

68
Mobile Code

• Applets can be interpreted by a Web browser
• Untrusted applet is confined in the sandbox.
• Local applets are trusted applets.

69
Code Signing

• How code signing works
• The vendor computes a hash function of an applet
  to get a 128-bit or 160-bit number, depending on
  whether MD5 or SHA is used.
• It then signs the hash value by encrypting it
  with its private key.
• When the applet is received, the browser computes
  the hash functions and decrypts the accompanying
  signature using the vendors public key.

70
Mobile Code

• How code signing works

71
Java Security

• Java programs are compiled to an intermediate
  binary code called JVM byte code.
• A type safe language
• compiler rejects attempts to misuse variable
• Checks include
• Attempts to forge pointers
• Violation of access restrictions on private class
  members
• Misuse of variables by type
• Generation of stack over/underflows
• Illegal conversion of variables to another type

72
Java Security

• Examples of specified protection with JDK 1.2
• Security policy (coding signing) applies to all
  local and remote applets.

73
Protection Mechanisms

• Protection mechanisms are mechanisms used to
  safeguard data.
• Policy whose data are to be protected from whom
• Mechanism how is the policy enforced in the
  system. (our emphasis)
• Protection Domains
• object computer resource, either hardware (CPU,
  printer, etc.) or software (files, processes,
  etc.).
• right an appropriate operation on an object.
  (read, write)
• protection domain set of (object, rights)
  pairs.
• In some systems, protection is enforced by a
  program called a reference monitor.

74
Protection Mechanisms Protection Domains

• Examples of three protection domains

75
Protection Mechanisms

• At every instance in time, each process runs in
  some protection domain. (e.g. in UNIX the domain
  of a process is defined by a user's id (uid) and
  group id (gid))
• A system call causes a domain switch.
• e.g. when a process EXECs a file with the SETUID
  of SETGID bit on, the process acquires a new
  effecutive UID or GID with a different (UID, GID)
  combination.
• For example, passwd

76
Protection Mechanisms

• How to keep track of which object belongs to
  which domain?
• Protection Matrix A large matrix with the rows
  being domains and the columns being objects.
• Access Control List (ACL) - by column
• Capabilities - by row

77
Protection Domains

• A protection matrix

78
Protection Domains

• A protection matrix with domains as objects

79
Access Control Lists

• Access Control List (ACL) is the technique to
  associate with each object an ordered list
  containing the domains that may access the object
  and their rights
• file1?1,r ?2,rw ?NULL
• file1 (Anne's UID, r), (Bob's UID, rw).
• e.g. UNIX provides 3 bits per file for
• owner owner's group others
• rwx --- ---
• The owner can change the protection bits at any
  time suing chmod - change mode.

80
Access Control Lists

• Use of access control lists of manage file access

81
Access Control Lists

• Two access control lists

82
Capabilities

• A capability list or C-list is a method to
  associate a list of objects that may be accessed
  and on which operations are permitted with each
  process .
• Requests are sent to a type manager. The type
  manager is given more rights than the capability
  itself allows (e.g. to read an inode to access a
  file - this is called rights amplification).

83
Capabilities

• A Capabilities usually have generic rights
• Copy capability create a new object with the
  same capability.
• Copy object create a duplicate object with a
  new capability.
• remove capability delete an entry from the
  C-list.
• destroy object permanently remove an object and
  a capability.

84
Capabilities

• Each process has a capability list

85
Capabilities

• Cryptographically-protected capability
• Generic Rights
• Copy capability
• Copy object
• Remove capability
• Destroy object

Server Object Rights f(Objects, Rights, Check)
86
Trusted Systems

• Two questions are asked
• Is it possible to build a secure computer system?
  Yes.
• If so, why is it not done?
• Current systems are not secure but users are
  unwilling to throw them out.
• Building a secure system is to keep it simple.
  But users want more features. More features mean
  more complexity, more code, more bugs, and more
  security errors.
• TCB (Trusted Computing Base) consisting of the
  hardware and software necessary for enforcing all
  the security rules.

87
Trusted SystemsTrusted Computing Base

• A reference monitor

88
Formal Models of Secure Systems

• (a) An authorized state
• (b) An unauthorized state
• Can it be proven that the system can never reach
  an unauthorized state? Difficult

89
Multilevel Security

• The Bell-La Padula Model is designed for handling
  military security.
• The Biba model is designed for the data
  integrity.
• U.S. Department of Defense uses the Orange Book
  to divide operating systems into seven categories
  based on their security properties.

90
Multilevel Security

• The Bell-La Padula multilevel security model

91
Multilevel Security

• The Biba Model
• Principles to guarantee integrity of data
• Simple integrity principle
• process can write only objects at its security
  level or lower
• The integrity property
• process can read only objects at its security
  level or higher

92
Orange Book Security

• Symbol X means new requirements
• Symbol -gt requirements from next lower category
  apply here also

93
Orange Book Security
94
Covert Channels

• A covert channel is described as "any
  communication channel that can be exploited by a
  process to transfer information in a manner that
  violates the systems security policy."
• Essentially, it is a method of communication that
  is not part of an actual computer system design,
  but can be used to transfer information to users
  or system processes that normally would not be
  allowed access to the information.

95
Covert Channels
Encapsulated server can still leak to
collaborator via covert channels
Client, server and collaborator processes
96
Covert Channels

• A covert channel using file locking

97
Covert Channels

• Pictures appear the same but information is
  hidden in the image. It is called steganography.
• Picture on right has text of 5 Shakespeare plays
• encrypted, inserted into low order bits of color
  values

Hamlet, Macbeth, Julius Caesar Merchant of
Venice, King Lear
Zebras