31436 Systems Software and Networks 31510 Operating Systems Lecture 9 Week 13

1
31436 Systems Software and Networks31510
Operating SystemsLecture 9 (Week 13)

• Protection

2
Outline

• Introduction
• Security Requirements
• Memory Protection
• User-Oriented Access Control
• Data-Oriented Access Control

3
Introduction

• The ability to share resources introduces the
  need for protection
• User needs to protect his own data and other
  peoples data
• System needs protection from malicious access
• Use of a system or part of a system must be
  restricted to authorized people
• Resources must not be accidentally or
  deliberately misused or damaged

4
Security Requirements

• Confidentiality
• Requires information in a computer system only be
  accessible for reading by authorized parties
• Integrity
• Assets can be modified by authorized parties only
• Availability
• Assets be available to authorized parties
• Authenticity
• Requires that a computer system be able to verify
  the identity of a user

5
Protection of Memory

• One way to protect memory is the separation of
  the memory space of various processes
• If a segment or a page is not to be shared, its
  entry in page of segment table is not to be
  duplicated
• If sharing is allowed, the same page or segment
  will appear in more than one table

6
User-Oriented Access Control

• The most common technique is user log on
• Requires both a user identifier (ID) and a
  password
• User can log on a system only if his ID is known
  to the system and password is correct

7
Protection by User IDs

• ID determines whether the user is authorized to
  gain access to a system
• ID determines the privileges accorded to the user
• ID is used for discretionary access control
• A user may grant permission to files to others by
  ID

8
Password Protection

• Deny opponent access to password file
• Password encryption
• Eliminate guessable passwords
• Provide with guidelines for password selection
• Use computer-generated passwords
• Periodically find guessable passwords
• Use proactive password checker

9
Data-Oriented Access Control

• Associated with each user, there can be a user
  profile that specifies permissible operations and
  file accesses
• Operating system enforces these rules
• Database management system controls access to
  specific records or portions of records
• A general model of access control is access
  matrix

10
Elements of Access Matrix

• Subject
• An entity capable of accessing objects, e.g.,
  process, user and application
• Object
• Anything to which access is controlled, e.g.,
  files, programs and segments of memory
• Access rights
• The way in which an object is accessed by a
  subject, e.g., read, write and execute

11
Example of Access Matrix
12
Implementation of Access Matrix

• The access matrix can be decomposed by columns or
  by rows
• Decomposition by columns yields access control
  lists (ACL)
• Decomposition by rows yields capability tickets

13
Access Control List

• For each object, an ACL gives users and their
  permitted access rights
• The lists may include individual users as well as
  groups of users

14
Capability Tickets

• Specify authorized objects and operations for a
  user
• Each user has a number of tickets, which
• may be transferable
• must be unforgeable
• may be held by OS

15
Readings

• Stallings, Operating Systems (4th Edition),
• Chapter 15 15.1-15.3