COSC 316 COMPUTER HOSTS SECURITY

1
COSC 316 COMPUTER HOSTS SECURITY

• SOUNDARARAJAN EZEKIEL
• COMPUTER SCIENCE DEPARTMENT
• INDIANA UNIVERSITY OF PENNYLVANIA
• INDIANA, PA 15705

2
Part I Computer Security BasicsChapter 1
Introduction Some Fundamental Questions

• In the first part we will talk about
• Introduction to computer security
• Unix Operating System
• Security Policy
• In the First Chapter We will answer the
  following questions
• What is computer security?
• What is Operating System?
• What is Deployment Environment?

3
2005 CSI/FBI SURVERY

• There are a variety of computer security
  technologies that organizations are increasingly
  investing in to combat the relentless, evolving,
  sophisticated threats, both internal and
  external. Despite these efforts, well over 5,000
  computer security incidents were reported with
  87 of respondents experiencing some type of
  incident.
• In many of the responding organizations, a common
  theme of frustration existed with the nonstop
  barrage of viruses, Trojans, worms, and spyware.
• Although the usage of antivirus, antispyware,
  firewalls, and antispam software is almost
  universal among the survey respondents, many
  computer security threats came from within the
  organizations.
• Of the intrusion attempts that appeared to have
  come from outside the organizations, the most
  common countries of origin appeared to be United
  States, China, Nigeria, Korea, Germany, Russia,
  and Romania.
• An overwhelming 91 of organizations that
  reported computer security incidents to law
  enforcement were satisfied with the response of
  law enforcement.
• Almost 90 of respondents were not familiar with
  the InfraGard (www.infragard.net) organization
  that is a joint effort by the FBI and industry to
  educate and share information related to threats
  to U.S. infrastructure.
• The survey respondents were very interested in
  being better informed on how to prevent computer
  crimes. Over 75 of respondents voiced a desire
  to attend an informational session hosted by
  their local FBI office.

4
Some Info about Internet

• Internet usage
• http//www.internetworldstats.com/top20.htm
• Information http//www.protectkids.com/dangers/sta
  ts.htm
• http//www.internetworldstats.com/stats.htm
• http//www.internetnews.com/
• http//www.internettrafficreport.com/main.htm
• http//www.caida.org/
• http//www.websidestory.com/
• http//www.icann.org/
• http//www.isc.org/index.pl?/ops/ds/
• http//www.livinginternet.com/

5
Some Info about Internet

• http//www.internet-report.com/
• http//www.whois.sc/internet-statistics/
• http//www.w3schools.com/browsers/browsers_stats.a
  sp
• http//www.isc.org/
• http//www.clickz.com/stats/
• http//www.refdesk.com/netsnap.html
• http//news.netcraft.com/
• http//www.icann.org/
• http//www.apnic.net/
• http//www.arin.net/
• http//lacnic.net/en/index.html
• http//www.dnsstuff.com/

6
Unix Information

• Unix and InternetIt ran InternetUsed for
  firewall, mail servers, domain name server
• 1960s Ken Thompson, Dennis Ritchie- worked on
  MULTICS(Multiplexed Information and Computing
  System ) along with GE, MIT
• 1969 ATT pulled the plug
• Thompson wrote a game on MULTICS called Space
  Travel that enabled a pilot to fly a ship around
  a simulation of the solar system and land on the
  planets and moons.
• Thompson translated the game into FORTRAN on the
  GECOS operating system on a GE-635 computer.
• Thompson and Ritchie then ported Space Travel to
  the PDP-7's assembly language using a
  cross-assembler running on GECOS, and then
  transferred the program to the PDP-7 using
  punched paper tapes.

7
Unix -- Continue

• After learning how to program the PDP-7,
  Thompson, Ritchie, Ossanna, and Canaday began to
  program the operating system
• By 1970, the basic elements of the operating
  system were in place
• Brian Kernighan jokingly named it the Uniplexed
  Information and Computing System (UNICS) as a pun
  on MULTICS it support only one user
• When multiprocessing functionality was added a
  short time later, the name was changed to "Unix",
  which is now just a name and not an acronym for
  anything.
• The first PDP-11 version used 16 KB of memory for
  the operating system, and provided 8 KB of memory
  for user programs.
• In the spring of 1971, the interest in Unix began
  to grow,
• In 1975, the sixth version of Unix was released
• US Federal Law prevented Bell Labs from selling
  products due to its status as a unique, monopoly
  institution, it was also made available at no
  cost.
• This spread of Unix through the research
  community also laid the technological foundation
  for the later establishment of the NSFNET, CSNET,
  and EUnet.
• http//www.livinginternet.com/i/iw_unix.htm
• http//www.livinginternet.com/i/iw_unix_dev.htm
• http//www.livinginternet.com/i/iw_unix_war.htm
• http//www.livinginternet.com/i/iw_unix_more.htm
• http//directory.google.com/Top/Computers/Software
  /Operating_Systems/Unix/

8
Introduction

• Today-- International network and e-commerce
  News about cyber crimes
• DoS, credit card stolen and other info such as
  medical info, other crime
• Cost money, time, inconvenience
• People who break into system for fun, do damage,
  steal or delete info
• Who is a computer Hacker- No proper
  definition--- attacker, code breaker, saboteur,
  intruder, vandal, thiefcriminals -- bad guys

9
Introduction ..Continue

• Most of the criminals insiders ( former)
  revenge
• What is a computer--- Now new definition like
  hand held device--- more kinds of computers
• What is Computer Security- no one know what is
  this means
• The protection of information assets through the
  use of technology, processes, and training.
• A computer is secure if you can depend on it and
  its software as you expect
• Computer security is the effort to create a
  secure computing platform, designed so that
  agents (users or programs) can only perform
  actions that have been allowed. This involves
  specifying and implementing a security policy.
  The actions in question can be reduced to
  operations of access, modification and deletion.
  Computer security can be seen as a subfield of
  security engineering, which looks at broader
  security issues in addition to computer security.

10
What is computer Security

• If your information remain unread by others
  machine secure--- called trust( you trust the
  system to preserve and protect your data)
• We need practical definitiongt
• Security is about the protection of assert
• Prevention lock the door
• Detection something has been stolen
• Reaction- Call the police Insurance
• This is physical security
• Computer Security
• Confidentialityprevention of unauthorized
  disclosure of information
• Integrityprevention of unauthorized modification
  of info
• Availabilityprevention of unauthorized
  withholding of information or assurance

11
What is computer Security-continue

• Lets talk about 3 traditional area of security
• Accountability Audit information must be
  selectively kept and protected so that actions
  affecting security can be traced to the
  responsible party
• Reliability-
• Safety-
• We can combine these two? Dependability
• The property of a computer system such that
  reliance can justifiably be placed on the service
  it delivers.
• Conclusion- No single definition while reading
  do not confuse with your notion--- lots of time
  wasted to define unambiguous notations for
  security

12
What is an OS?

• Computer is a tool for solving problems
• When Running
• Word Processor machine for arranging words and
  ideas.
• Spreadsheet- financial planning machine
• Network powerful communication machine
• Set of program ? OS

Application Software- MSWord, Chat, Media Player
Application Software
System Software
System Software
Hardware
Utility
OS
13
Man-Machine Scale

• Computer security controlling access to
  information and resources
• Controlling is elusive( not clear)
• User run application program

Application Services Operating System OS
Kernel Hardware
- Application program uses services provided by
general software package like DBMS or ORB(
object reference broker)
-These software package run on top of
the Operating system which performs file
and Memory management and control access
to Sources like printers and I/O devices
--The OS may have a kernel that mediate every
access to the processor and to memory
-- The hardware that is processors and memory,
physically stores And manipulate the data held in
the computer system
14
Onion Model for protection mechanisms
OS
OS Kernel
Hardware
Services
Specific Complex Focus on Users
Generic simple Focus on data
Applications
Machine Oriented
Man Oriented
15
OS-Continue

• All Unix Can be divided into 4 parts
• The Kernel HandoutKernel.doc
• Standard Utility Program HandoutKernel.doc
• System database files
• Relatively small used by variety of program
  example /etc/passwd - master list of every
  user in the system
• /etc/group - group of user with similar access
  right
• System startup and Configuration files
• Relatively small-used by variety of programs
  describes which server to start, network name and
  address of the machine
• Example /etc/resolv.conf - store information
  about how to look up Internet hostsnames
• With Unix security we can add 5th Entity
• Security Policy-- policy determine how the
  computer is run with respect to users and system
  administrators
• We will discuss in chapter 3

16
What is Deployment Environment?

• Deployment use/operations/
• Unix developed in 70s OS for Minicomputers
  Many different deployment environments over 30
  years
• 5 different deployment environments
• Multi-user, shared systems
• Original environment- single computer used by
  many users
• Shared systems common in universities, business
• 70s 32-64 KB memory 5 MB disk space
• Modern servers more than 50 GB memory, TB
  space, 100s processors

17
5 deployment environments

• One-user Unix workstations
• Unix workstations popular in 80s by Sun
  Micorsystesm
• Uses X Window systems allow single user to open
  many windows
• Now Mac OS X, FreeBSD, HP, Sun, SGI
• Unix servers
• Unix servers are powerful designed to prevent
  users to interfere others mail server, web
  service, domain name service, file service, .
• Mobile Unix systems
• Now hand held device 64 MB of RAM, StrongARM
  Microprocessors simpler form of Linux
• Embedded systems
• Examples firewall, home router, automobiles
• Key differences in all 5- Polices and amount of
  auditing that is provided

18
Chapter 2 Unix History and Lineage

• Part1- History of Unix Operating Systems
• Part 2 Unix Security
• Part 1
• 1960 ATT( American Telephone and Telegraph),
  Honeywell, General Electric (GE), Massachusetts
  Institute of Technology (MIT) started a
  project--- MULTICS( MULTiplexed Information
  Computing Service)
• Goal Provide a computer service- 24-7-365,
  faster, scalable like utility companies
• Funded by DARPA( Department of defense Advanced
  Research Project Agency)

19
MULTICS

• Designed for modular systems high speed
  processor, memory, communication, military
  security we can shutdown part not affect other
  user.
• Designed for security levels

Restricted Proprietary Sensitive Public
Top Secret Secret Confidential Unclassified
Commercial Security
Military Security
1969 good plan behind schedule labs located
different place They pulled the ProjectKen,
Dennis, used old PDP-7 to pursue their idea
20
Birth of Unix

• 1970s Unix was operational
• 1971 rewrote for PDP-11
• Added compact programs called tools the way
  programmer think written in assembly
• 1973 ken rewrote Unix in C ( Ritchies )
• C is portable, run as fast as assembly
• Written in PDP run most of the other machine
  then later they developed portable I/O library
• 1978 used in VAX machines

21
Unix escapes ATT

• After kens paper in ACM-Symposium on OS
  Principles ( SOSP) every one liked UNIX
• 1977 500 machine ( 125 universities, 10
  countries)
• 1980 they developed program to view root account
• University of California at Berkeley bought a
  tape for 400
• Bill Joy and Chuck Haley- developed BSD( Berkeley
  Software Distribution)
• 6 years UnixBSD become OS
• File size was 14 letter then 255 characters
• Used for LAN
• Become Popular

22
Unix

• Unix goes Commercial
• Tension between ATT and Berkeley ATT formed
  Unix Support Group (USG)
• Berkeley released BSD 4.2 ( Unix 5.0 need
  licensing they worked around )
• Unix War
• BSD- 4.2 over Unix 5.0- Non university user
  is Sun Microsystems SunOS
• DEC sold Ultrix( variation of Unix)
• NeXT computer sold machine BSD based
• SVR4 versus OSF/1-
• ATT released System V Release 4 ( SVR4)
• 1988 7 companies ( Apollo, DEC, HP IBM, three
  European companies ) formed OSF (Open Software
  Foundation)
• 1993 ATT sold USL( Unix System Laboratories) to
  Novell
• Fight is still going on

23
Free Unix

• ATT did not want to distribute code unable to
  do research with students
• FSF and GNU Free Software Foundation- Richard
  Stallman was Master programmer for MIT got mad
  started FSF and started project GNU GNUs Not
  Unix! Emacs gcc ( free c compiler)
• Minix- Andrew S. Tanenbaum created his own
  version of Unix for teaching and research called
  Minix for IBM PC AT but did not get popular
• Xinu- Purdue Professor Douglas E. Comer around
  1978 designed for Embedded System--- However Xinu
  is not Unix

24
Free Unix- Continue

• Linux-
• 1991- Finnish CS student Linus Torvalds created
  free version of Unix better use of every day
  distributed Stallmans GPL( General Public
  License)
• NetBSD, FreeBSD, and OpenBSD- different version
  of Berkeley BSD
• Businesses Adopt Unix- companies started to use
  Unix against Microsoft Monopolistic
• Linux get popular
• Second Generation of Unix
• Future of Unix
• http//www.robotwisdom.com/linux/timeline.html

25
Security and Unix

• Dennis Ritchie said It was not design from the
  start to be secure. It was designed with the
  necessary characteristics to make security
  serviceable
• Unix- multiuser- multitasking
• Unix is more secure than any other OS
• Expectations- less threatening than the one
  they face today
• Software Quality-large portion of Unix written
  by student/research lab not tested
• Security was a serious issue

26
Failed P1003.1e/2c Unix Security Standard

• 1994 - Portable Operating System Interface
  (POSIX)
• IEEE Standard
• Access control list (ACLs)- specifies individuals
  or groups of individuals could be given or denied
  access to specific files
• Data labeling allowed classified and
  confidential data to be labeled as such
• Mandatory access control individual unable to
  override certain security decision made by
  administrator
• Capabilities
• Standardizing auditing and logging
• 1997 withdrawn and committee disbaned

27
Access Control

• 1974- Lampson designed Access control model
• Unix - read (reading from a file r ), write(
  writing to a file w), execute( execute a program
  /file e)
• Windows NT- read, write, execute, delete, change
  permission, change ownership

Reference monitor
Object
Subject
Access Request
28
Conclusion

• Majority Unix system used by single-user
  workstations
• Unix is fundamentally secure
• Keeping Unix system secure can be a lot of work