Scribd Logo
Upload

Welcome to Scribd!

  • OS Security Features

    Uploaded by

    Mohamed Rasmy
    66 views33 pages
    The document discusses operating system security features such as memory protection, access control, and user authentication. It describes techniques like segmentation and paging that divide programs and memory into smaller pieces to control access and prevent one user from accessing another user's processes or data. The goal is to logically separate users and resources through mechanisms enforced by the operating system.

    Original Description:

    Original Title

    04_Operating_Systems_Security.ppt

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses operating system security features such as memory protection, access control, and user authentication. It describes techniques like segmentation and paging that divide programs and memory into smaller pieces to control access and prevent one user from accessing another user's processes or data. The goal is to logically separate users and resources through mechanisms enforced by the operating system.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    66 views33 pages

    OS Security Features

    Uploaded by

    Mohamed Rasmy
    The document discusses operating system security features such as memory protection, access control, and user authentication. It describes techniques like segmentation and paging that divide programs and memory into smaller pieces to control access and prevent one user from accessing another user's processes or data. The goal is to logically separate users and resources through mechanisms enforced by the operating system.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 33

    Computer Systems Security

    CT013-3.5-3

    Operating Systems Security

    Prepared by: NOR Prepared on: 21-1-2014

    Learning Outcomes
    At the end of this session you should be able to
    explain: Protection features provided by general-purpose
    operating systems: protecting memory, files, and the
    execution environment
    Controlled access to objects
    User authentication

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Goals of an Operating System


    Controlling shared access
    Implementing an interface to allow that access

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Categories of Operating System functions


    Access control
    Identity and credential management
    Information flow
    Audit and integrity protection

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Resource Separation
    Several aspects of computing systems require
    protection
    Memory
    Shared I/O devices (disks, . . . )
    Serially reusable I/O devices (printers, . . . )
    Sharable programs and sub-procedure
    Networks
    Sharable data

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Different Way to Realize Separation


    Goal: keeping one users object separate from other users
    Physical separation:
    Different processes use different physical objects

    Temporal separation:
    Process with different security requirements are executed at

    different

    times
    Logical separation:
    A process cannot access objects outside its permitted domain

    Cryptographic separation:
    Processes conceal their data and computations
    CT013-3.5-3 Computer System Security
    CE00360-3 Computer Systems Security

    Operating System Security

    Different Levels of Protections


    Do not protect
    Sensitive procedure run at separate times

    Isolate
    Each process unaware of the presence of other processes

    Share all or share nothing


    Each object is declared either public (all users) or private (only the owner)

    Share via access limitation


    Access control implemented for a specific user and a specific object

    Share by capabilities
    Sharing depends on owner, object and context of the computation

    Limit use of an object


    Not just the access to the object, but the use of that object
    CT013-3.5-3 Computer System Security
    CE00360-3 Computer Systems Security

    Operating System Security

    Memory and Address Protection


    Goal: prevent one program from affecting the data and
    programs in the memory space of other users
    Different forms of memory protection:
    Fence
    Relocation
    Base/Bounds Registers
    Tagged Architecture
    Segmentation
    Paging
    CT013-3.5-3 Computer System Security
    CE00360-3 Computer Systems Security

    Operating System Security

    Fence

    Predefined memory address: the OS resides on one side and the user on
    the other

    Drawback
    Predefined mount of space assigned to the OS

    Hardware register or fence register


    Contains the address of the end of the OS
    It can be modified
    Check address for each data modification request

    Drawback

    Cannot protect one user from another user

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Fixed Fence

    Operating System Security

    Variable Fence Register

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Relocation
    Think of a program as if it begins at location 0
    Use constant relocation factor to map each address of
    the program to it actual location in memory
    Fence register can be a hardware relocation
    device
    Add its content to each program address
    Use special instruction when a program legitimately
    intends to access a location of the OS

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Base/Bounds Registers
    Base register: variable fence register
    Provides a lower bound (starting address)

    Bounds register: upper address limit


    Each program address forced to stay above the base
    address and below the bounds address
    Context Switch
    When execution change from one users program to
    anothers, OS updates base and bounds registers

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Base/Bounds Registers
    Prevent a user to modify another users program
    A user can accidentally store data on top of programs
    instructions
    Two pairs of base/bounds registers
    One for instructions (code) of the program and the other for
    the data space

    Extra advantage: Ability to split a program into two


    pieces that can be relocated separately

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Base/Bounds Registers

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Two Pairs of Base/Bounds Registers

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Tagged Architecture
    With base/bounds registers, each pair of registers confines
    access to a consecutive range of addresses
    All-or-nothing sharing: either allow to modify all data or prohibits
    access to all data
    Tagged architecture: every word of machine memory has one
    or more extra bits to identify the access right to that word
    Can be set only by privileged instructions
    Bits tested every time an instruction access that location

    Drawback: require fundamental changes to existing OS

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Tagged Architecture

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Segmentation
    Divide program into separate pieces (segments)
    Each segment has a logical unity
    The code of a single procedure
    The data of an array

    Each segment can have different access rights


    The program is seen as a collection of segments
    Each segment has a unique name
    A code within a segment is address with the pair <name,
    offset>
    CT013-3.5-3 Computer System Security
    CE00360-3 Computer Systems Security

    Operating System Security

    Segment Address Table


    OS maintains a table of segment name and their true
    address in memory
    When a program requests <name, offset>, the OS looks up
    name in the table, and add offset to the real memory
    address stored in the table

    If two process share access to the same segment,


    both will have the same segment name and address
    in their segment tables

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Logical and Physical Representation


    of Segments

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Translation of Segment Address

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Hiding Properties of the Segment Table


    User have no way, and have no need to determine the actual
    address associate to each segment
    OS can place/move any segment at any location, even after the
    program begins to execute
    need only update the corresponding entry in the table

    A segment can be removed from main memory, if not used


    OS can check every request to access an address
    A process can access a segment only if its name appear in the process
    segment table

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Segmentation: Security Benefits


    Each address reference is checked for protection
    Different classes of data can be assigned different
    level of protections
    Two or more users can share access to a segment,
    with potentially different access rights
    A user cannot generate an address to an unpermitted
    segment

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Segmentation: Limitations
    Each segment has a specific size
    A program can reference a valid segment, but with an
    invalid offset
    Segment can grow in size during execution
    Cannot check offset during compilation or when a program is
    loaded

    Add current segment length in translation table


    Requires extra time and resources

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Paging
    Program is divided into equal-sized pieces (pages)
    Page size: between 512 and 4096 bytes

    Memory is divided into equal-sized units (page


    frames)
    Each address in a page is specifies with a pair <page,
    offset>
    OS maintains a page table to store user page number
    and their true address in memory

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Page Address Translation

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Paging: Security Benefits


    All pages have the same fixed length
    Fragmentation is not a problem

    An offset beyond the end of the page results in a carry


    on to the next page

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Paging: Limitations
    Change to a program, such as addition of one
    instruction, pushes all subsequent instructions to lower
    address
    no way to establish that all values on a page should
    be protected at the same level (e.g., read-only or
    execute-only)

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Combining Paging with Segmentation


    Paging offer implementation efficiency
    Segmentation offer logical protection characteristics
    Divide the program into logical segments
    Divide each segment into fixed-sized pages

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Paged Segmentation

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    Summary
    This chapter has addressed four topics:
    memory protection
    file protection
    general object access control
    user authentication.

    Memory protection in a multiuser setting has evolved with advances in


    hardware and system design.
    Fences
    base/bounds registers
    tagged architecture
    Paging
    segmentation
    CT013-3.5-3 Computer System Security
    CE00360-3 Computer Systems Security

    Operating System Security

    Reference
    Security in Computing, 4/E
    Charles P. Pfleeger
    Publisher: Prentice Hall
    Pub Date: 2006
    ISBN-10: 0-13-239077-9
    ISBN-13: 978-0-13-239077-4

    CT013-3.5-3 Computer System Security


    CE00360-3 Computer Systems Security

    Operating System Security

    You might also like