Abstract image of a woman sitting on books and studying on a laptop

Ch15,secu..

Download as PPTX, PDF
E
eman37aseb

The document discusses security issues and threats in operating systems. It covers several topics: 1) Security must consider threats from outside the system and protect system resources from intruders attempting to breach security. 2) Common security violations include breaches of confidentiality, integrity, availability, and denial of service attacks. 3) Effective security requires measures at the physical, human, operating system, and network levels as the system is only as secure as its weakest link.

EducationTechnology
1 of 18
Downloaded 41 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Chapter 15: Security
The Security Problem ļ® Security must consider external environment of the system, and protect the system resources ļ® Intruders (crackers) attempt to breach security ļ® Threat is potential security violation ļ® Attack is attempt to breach security ļ® Attack can be accidental or malicious ļ® Easier to protect against accidental than malicious misuse Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.2 Silberschatz, Galvin and Gagne Ā©2005
Security Violations ļ® Categories ļ¬ Breach of confidentiality ļ¬ Breach of integrity ļ¬ Breach of availability ļ¬ Theft of service ļ¬ Denial of service ļ® Methods ļ¬ Masquerading (breach authentication) ļ¬ Replay attack ļ€“ Message modification ļ¬ Man-in-the-middle attack ļ¬ Session hijacking Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.3 Silberschatz, Galvin and Gagne Ā©2005
Standard Security Attacks Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.4 Silberschatz, Galvin and Gagne Ā©2005
Security Measure Levels ļ® Security must occur at four levels to be effective: ļ¬ Physical ļ¬ Human ļ€“ Avoid social engineering, phishing, dumpster diving ļ¬ Operating System ļ¬ Network ļ® Security is as week as the weakest chain Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.5 Silberschatz, Galvin and Gagne Ā©2005
Program Threats ļ® Trojan Horse ļ¬ Code segment that misuses its environment ļ¬ Exploits mechanisms for allowing programs written by users to be executed by other users ļ¬ Spyware, pop-up browser windows, covert channels ļ® Trap Door ļ¬ Specific user identifier or password that circumvents normal security procedures ļ¬ Could be included in a compiler ļ® Logic Bomb ļ¬ Program that initiates a security incident under certain circumstances ļ® Stack and Buffer Overflow ļ¬ Exploits a bug in a program (overflow either the stack or memory buffers) Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.6 Silberschatz, Galvin and Gagne Ā©2005
Program Threats (Cont.) ļ® Viruses ļ¬ Code fragment embedded in legitimate program ļ¬ Very specific to CPU architecture, operating system, applications ļ¬ Usually borne via email or as a macro ļ€“ Visual Basic Macro to reformat hard drive Sub AutoOpen() Dim oFS Set oFS = CreateObject(ā€™ā€™Scripting.FileSystemObjectā€™ā€™) vs = Shell(ā€™ā€™c:command.com /k format c:ā€™ā€™,vbHide) End Sub Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.7 Silberschatz, Galvin and Gagne Ā©2005
Program Threats (Cont.) ļ® Virus dropper inserts virus onto the system ļ® Many categories of viruses, literally many thousands of viruses ļ¬ File ļ¬ Boot ļ¬ Macro ļ¬ Source code ļ¬ Polymorphic ļ¬ Encrypted ļ¬ Stealth ļ¬ Tunneling ļ¬ Multipartite ļ¬ Armored Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.8 Silberschatz, Galvin and Gagne Ā©2005
A Boot-sector Computer Virus Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.9 Silberschatz, Galvin and Gagne Ā©2005
System and Network Threats ļ® Worms ā€“ use spawn mechanism; standalone program ļ® Internet worm ļ¬ Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs ļ¬ Grappling hook program uploaded main worm program ļ® Port scanning ļ¬ Automated attempt to connect to a range of ports on one or a range of IP addresses ļ® Denial of Service ļ¬ Overload the targeted computer preventing it from doing any useful work ļ¬ Distributed denial-of-service (DDOS) come from multiple sites at once Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.10 Silberschatz, Galvin and Gagne Ā©2005
Cryptography as a Security Tool ļ® Broadest security tool available ļ¬ Source and destination of messages cannot be trusted without cryptography ļ¬ Means to constrain potential senders (sources) and / or receivers (destinations) of messages ļ® Based on secrets (keys) Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.11 Silberschatz, Galvin and Gagne Ā©2005
Encryption ļ® Encryption algorithm consists of ļ¬ Set of K keys ļ¬ Set of M Messages ļ¬ Set of C ciphertexts (encrypted messages) ļ¬ A function E : K ā†’ (Mā†’C). That is, for each k K, E(k) is a function for generating ciphertexts from messages. ļ€“ Both E and E(k) for any k should be efficiently computable functions. ļ¬ A function D : K ā†’ (C ā†’ M). That is, for each k K, D(k) is a function for generating messages from ciphertexts. ļ€“ Both D and D(k) for any k should be efficiently computable functions. ļ® An encryption algorithm must provide this essential property: Given a ciphertext c C, a computer can compute m such that E(k)(m) = c only if it possesses D(k). ļ¬ Thus, a computer holding D(k) can decrypt ciphertexts to the plaintexts used to produce them, but a computer not holding D(k) cannot decrypt ciphertexts. ļ¬ Since ciphertexts are generally exposed (for example, sent on the network), it is important that it be infeasible to derive D(k) from the ciphertexts Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.12 Silberschatz, Galvin and Gagne Ā©2005
Symmetric Encryption ļ® Same key used to encrypt and decrypt ļ¬ E(k) can be derived from D(k), and vice versa ļ® DES is most commonly used symmetric block-encryption algorithm (created by US Govt) ļ¬ Encrypts a block of data at a time ļ® Triple-DES considered more secure ļ® Advanced Encryption Standard (AES), twofish up and coming ļ® RC4 is most common symmetric stream cipher, but known to have vulnerabilities ļ¬ Encrypts/decrypts a stream of bytes (i.e wireless transmission) ļ¬ Key is a input to psuedo-random-bit generator ļ€“ Generates an infinite keystream Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.13 Silberschatz, Galvin and Gagne Ā©2005
Asymmetric Encryption ļ® Public-key encryption based on each user having two keys: ļ¬ public key ā€“ published key used to encrypt data ļ¬ private key ā€“ key known only to individual user used to decrypt data ļ® Must be an encryption scheme that can be made public without making it easy to figure out the decryption scheme ļ¬ Most common is RSA block cipher ļ¬ Efficient algorithm for testing whether or not a number is prime ļ¬ No efficient algorithm is know for finding the prime factors of a number Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.14 Silberschatz, Galvin and Gagne Ā©2005
Cryptography (Cont.) ļ® Note symmetric cryptography based on transformations, asymmetric based on mathematical functions ļ¬ Asymmetric much more compute intensive ļ¬ Typically not used for bulk data encryption Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.15 Silberschatz, Galvin and Gagne Ā©2005
Authentication ļ® Constraining set of potential senders of a message ļ¬ Complementary and sometimes redundant to encryption ļ¬ Also can prove message unmodified ļ® Algorithm components ļ¬ A set K of keys ļ¬ A set M of messages ļ¬ A set A of authenticators ļ¬ A function S : K ā†’ (Mā†’ A) ļ€“ That is, for each k K, S(k) is a function for generating authenticators from messages ļ€“ Both S and S(k) for any k should be efficiently computable functions ļ¬ A function V : K ā†’ (MƗ Aā†’ {true, false}). That is, for each k K, V(k) is a function for verifying authenticators on messages ļ€“ Both V and V(k) for any k should be efficiently computable functions Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.16 Silberschatz, Galvin and Gagne Ā©2005
Digital Certificates ļ® Proof of who or what owns a public key ļ® Public key digitally signed a trusted party ļ® Trusted party receives proof of identification from entity and certifies that public key belongs to entity ļ® Certificate authority are trusted party ā€“ their public keys included with web browser distributions ļ¬ They vouch for other authorities via digitally signing their keys, and so on Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.17 Silberschatz, Galvin and Gagne Ā©2005
User Authentication ļ® Crucial to identify user correctly, as protection systems depend on user ID ļ® User identity most often established through passwords, can be considered a special case of either keys or capabilities ļ¬ Also can include something user has and /or a user attribute ļ® Passwords must be kept secret ļ¬ Frequent change of passwords ļ¬ Use of ā€œnon-guessableā€ passwords ļ¬ Log all invalid access attempts ļ® Passwords may also either be encrypted or allowed to be used only once Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.18 Silberschatz, Galvin and Gagne Ā©2005

More Related Content

PDF
Cryptographic Key Reliable Lifetimes - Bounding the Risk of Key Exposure in t...
a001
Ā 
PDF
VESPA- Multi-Layered Self-Protection for Cloud Resources, OW2con'12, Paris
OW2
Ā 
DOC
Network intrusi detection system
Duwinowo NT
Ā 
PDF
Total Defense Product Information
Zeeshan Humayun
Ā 
PDF
Intrusion Alert Correlation
amiable_indian
Ā 
PPT
Finding Diversity In Remote Code Injection Exploits
amiable_indian
Ā 
PPT
Mc Afee And Georgia State University Taking Aim At Network Intruders With I...
Tammy Clark
Ā 
PPT
CCNA Security - Chapter 7
Irsandi Hasan
Ā 
Cryptographic Key Reliable Lifetimes - Bounding the Risk of Key Exposure in t...
a001
Ā 
VESPA- Multi-Layered Self-Protection for Cloud Resources, OW2con'12, Paris
OW2
Ā 
Network intrusi detection system
Duwinowo NT
Ā 
Total Defense Product Information
Zeeshan Humayun
Ā 
Intrusion Alert Correlation
amiable_indian
Ā 
Finding Diversity In Remote Code Injection Exploits
amiable_indian
Ā 
Mc Afee And Georgia State University Taking Aim At Network Intruders With I...
Tammy Clark
Ā 
CCNA Security - Chapter 7
Irsandi Hasan
Ā 

What's hot (7)

PPT
Day1
Jai4uk
Ā 
PDF
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Kuniyasu Suzaki
Ā 
PPT
Day3
Jai4uk
Ā 
PDF
[AsiaCCS2019] A Pilot Study on Consumer IoT Device Vulnerability Disclosure a...
Asuka Nakajima
Ā 
PDF
Defending The Castle Rwsp
jmoquendo
Ā 
PDF
Introduction to DevOps and DevOpsSec with Secure Design by Prof.Krerk (Chulal...
iotcloudserve_tein
Ā 
PDF
Automated defense from rootkit attacks
UltraUploader
Ā 
Day1
Jai4uk
Ā 
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Kuniyasu Suzaki
Ā 
Day3
Jai4uk
Ā 
[AsiaCCS2019] A Pilot Study on Consumer IoT Device Vulnerability Disclosure a...
Asuka Nakajima
Ā 
Defending The Castle Rwsp
jmoquendo
Ā 
Introduction to DevOps and DevOpsSec with Secure Design by Prof.Krerk (Chulal...
iotcloudserve_tein
Ā 
Automated defense from rootkit attacks
UltraUploader
Ā 
Ad

Similar to Ch15,secu.. (20)

PDF
Ch14 security
Welly Dian Astika
Ā 
PPT
15.Security
Senthil Kanth
Ā 
PPT
Operating system security Chapter 15(Security Slides)
moiza354
Ā 
PPTX
Security & threats Presentation => (Presenter: Komal Mehfooz)
Komal Mehfooz
Ā 
PPTX
presentation_security_1510578971_320573.pptx
AadityaRauniyar1
Ā 
PPT
Ns
Deepenti123
Ā 
PDF
Ch15 security
Syaiful Ahdan
Ā 
PPTX
CHAPTER 7 - Operating system Security.pptx
AnithaSakthivel3
Ā 
PDF
ch15.pdf
Sami Mughal
Ā 
PPT
Firewalls (Distributed computing)
Sri Prasanna
Ā 
PPT
Security communication
Say Shyong
Ā 
PDF
Operating System : Ch20 security
Syaiful Ahdan
Ā 
PPTX
Security and ethics
Argie242424
Ā 
PPT
Software security
Roman Oliynykov
Ā 
PPT
COMPUTER SECURITY
Kak Yong
Ā 
PDF
Information systems security(1)
Sandeep Agarwal
Ā 
PPT
Security R U Totally Secure !
trendy updates
Ā 
PPTX
System Security
Reddhi Basu
Ā 
PPT
Security topic in OS from Galvin book chp 14
rajinooka
Ā 
PPTX
system Security
Gaurav Mishra
Ā 
Ch14 security
Welly Dian Astika
Ā 
15.Security
Senthil Kanth
Ā 
Operating system security Chapter 15(Security Slides)
moiza354
Ā 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Komal Mehfooz
Ā 
presentation_security_1510578971_320573.pptx
AadityaRauniyar1
Ā 
Ns
Deepenti123
Ā 
Ch15 security
Syaiful Ahdan
Ā 
CHAPTER 7 - Operating system Security.pptx
AnithaSakthivel3
Ā 
ch15.pdf
Sami Mughal
Ā 
Firewalls (Distributed computing)
Sri Prasanna
Ā 
Security communication
Say Shyong
Ā 
Operating System : Ch20 security
Syaiful Ahdan
Ā 
Security and ethics
Argie242424
Ā 
Software security
Roman Oliynykov
Ā 
COMPUTER SECURITY
Kak Yong
Ā 
Information systems security(1)
Sandeep Agarwal
Ā 
Security R U Totally Secure !
trendy updates
Ā 
System Security
Reddhi Basu
Ā 
Security topic in OS from Galvin book chp 14
rajinooka
Ā 
system Security
Gaurav Mishra
Ā 
Ad

Recently uploaded (20)

PDF
Environmental Education MCQ BD2EE - Share Source.pdf
Dr Raja Mohammed T
Ā 
PDF
My India Quiz Book_20210205121199924.pdf
AtandraDey2
Ā 
PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
Ā 
PPTX
Whatā€™s under the hood: Parsing standardized learning content for AI
Rustici Software
Ā 
PPTX
Module on health assessment of CHN. pptx
GurdeepSingh626704
Ā 
PPTX
B.Sc. DS Unit 2 Software Engineering.pptx
Dr. Pallawi Bulakh
Ā 
PDF
MBA _Common_ 2nd year Syllabus _2021-22_.pdf
DrAnubha4
Ā 
PPTX
DRUGS USED FOR HORMONAL DISORDER, SUPPLIMENTATION, CONTRACEPTION, & MEDICAL T...
SaravananKumar545925
Ā 
PDF
semiconductor packaging in vlsi design fab
KarpoorasundariK
Ā 
PDF
Ī¤ĪÆĪ¼Ī±Ī¹ĪæĻ‚ ĪµĪÆĪ½Ī±Ī¹ Ļ†Ī¹Ī»ĪæĻƒĪæĻ†Ī¹ĪŗĻŒĻ‚ Ī“Ī¹Ī¬Ī»ĪæĪ³ĪæĻ‚ Ļ„ĪæĻ… Ī Ī»Ī¬Ļ„Ļ‰Ī½Ī±
iliaskessaris
Ā 
PPTX
A powerpoint presentation on the Revised K-10 Science Shaping Paper
JericEstaco2
Ā 
PDF
LEARNERS WITH ADDITIONAL NEEDS ProfEd Topic
Johnlloyd489543
Ā 
PDF
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
Ā 
PPTX
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
Ā 
PDF
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
Ā 
PDF
Climate and Adaptation MCQs class 7 from chatgpt
AkashDTejwani
Ā 
PDF
Empowerment Technology for Senior High School Guide
solthereseamericandr
Ā 
PPTX
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
Ā 
PDF
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
Ā 
PDF
HVAC Specification 2024 according to central public works department
amitrobanipl
Ā 
Environmental Education MCQ BD2EE - Share Source.pdf
Dr Raja Mohammed T
Ā 
My India Quiz Book_20210205121199924.pdf
AtandraDey2
Ā 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
Ā 
Whatā€™s under the hood: Parsing standardized learning content for AI
Rustici Software
Ā 
Module on health assessment of CHN. pptx
GurdeepSingh626704
Ā 
B.Sc. DS Unit 2 Software Engineering.pptx
Dr. Pallawi Bulakh
Ā 
MBA _Common_ 2nd year Syllabus _2021-22_.pdf
DrAnubha4
Ā 
DRUGS USED FOR HORMONAL DISORDER, SUPPLIMENTATION, CONTRACEPTION, & MEDICAL T...
SaravananKumar545925
Ā 
semiconductor packaging in vlsi design fab
KarpoorasundariK
Ā 
Ī¤ĪÆĪ¼Ī±Ī¹ĪæĻ‚ ĪµĪÆĪ½Ī±Ī¹ Ļ†Ī¹Ī»ĪæĻƒĪæĻ†Ī¹ĪŗĻŒĻ‚ Ī“Ī¹Ī¬Ī»ĪæĪ³ĪæĻ‚ Ļ„ĪæĻ… Ī Ī»Ī¬Ļ„Ļ‰Ī½Ī±
iliaskessaris
Ā 
A powerpoint presentation on the Revised K-10 Science Shaping Paper
JericEstaco2
Ā 
LEARNERS WITH ADDITIONAL NEEDS ProfEd Topic
Johnlloyd489543
Ā 
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
Ā 
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
Ā 
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
Ā 
Climate and Adaptation MCQs class 7 from chatgpt
AkashDTejwani
Ā 
Empowerment Technology for Senior High School Guide
solthereseamericandr
Ā 
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
Ā 
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
Ā 
HVAC Specification 2024 according to central public works department
amitrobanipl
Ā 

Ch15,secu..

  • 2. The Security Problem ļ® Security must consider external environment of the system, and protect the system resources ļ® Intruders (crackers) attempt to breach security ļ® Threat is potential security violation ļ® Attack is attempt to breach security ļ® Attack can be accidental or malicious ļ® Easier to protect against accidental than malicious misuse Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.2 Silberschatz, Galvin and Gagne Ā©2005
  • 3. Security Violations ļ® Categories ļ¬ Breach of confidentiality ļ¬ Breach of integrity ļ¬ Breach of availability ļ¬ Theft of service ļ¬ Denial of service ļ® Methods ļ¬ Masquerading (breach authentication) ļ¬ Replay attack ļ€“ Message modification ļ¬ Man-in-the-middle attack ļ¬ Session hijacking Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.3 Silberschatz, Galvin and Gagne Ā©2005
  • 4. Standard Security Attacks Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.4 Silberschatz, Galvin and Gagne Ā©2005
  • 5. Security Measure Levels ļ® Security must occur at four levels to be effective: ļ¬ Physical ļ¬ Human ļ€“ Avoid social engineering, phishing, dumpster diving ļ¬ Operating System ļ¬ Network ļ® Security is as week as the weakest chain Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.5 Silberschatz, Galvin and Gagne Ā©2005
  • 6. Program Threats ļ® Trojan Horse ļ¬ Code segment that misuses its environment ļ¬ Exploits mechanisms for allowing programs written by users to be executed by other users ļ¬ Spyware, pop-up browser windows, covert channels ļ® Trap Door ļ¬ Specific user identifier or password that circumvents normal security procedures ļ¬ Could be included in a compiler ļ® Logic Bomb ļ¬ Program that initiates a security incident under certain circumstances ļ® Stack and Buffer Overflow ļ¬ Exploits a bug in a program (overflow either the stack or memory buffers) Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.6 Silberschatz, Galvin and Gagne Ā©2005
  • 7. Program Threats (Cont.) ļ® Viruses ļ¬ Code fragment embedded in legitimate program ļ¬ Very specific to CPU architecture, operating system, applications ļ¬ Usually borne via email or as a macro ļ€“ Visual Basic Macro to reformat hard drive Sub AutoOpen() Dim oFS Set oFS = CreateObject(ā€™ā€™Scripting.FileSystemObjectā€™ā€™) vs = Shell(ā€™ā€™c:command.com /k format c:ā€™ā€™,vbHide) End Sub Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.7 Silberschatz, Galvin and Gagne Ā©2005
  • 8. Program Threats (Cont.) ļ® Virus dropper inserts virus onto the system ļ® Many categories of viruses, literally many thousands of viruses ļ¬ File ļ¬ Boot ļ¬ Macro ļ¬ Source code ļ¬ Polymorphic ļ¬ Encrypted ļ¬ Stealth ļ¬ Tunneling ļ¬ Multipartite ļ¬ Armored Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.8 Silberschatz, Galvin and Gagne Ā©2005
  • 9. A Boot-sector Computer Virus Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.9 Silberschatz, Galvin and Gagne Ā©2005
  • 10. System and Network Threats ļ® Worms ā€“ use spawn mechanism; standalone program ļ® Internet worm ļ¬ Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs ļ¬ Grappling hook program uploaded main worm program ļ® Port scanning ļ¬ Automated attempt to connect to a range of ports on one or a range of IP addresses ļ® Denial of Service ļ¬ Overload the targeted computer preventing it from doing any useful work ļ¬ Distributed denial-of-service (DDOS) come from multiple sites at once Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.10 Silberschatz, Galvin and Gagne Ā©2005
  • 11. Cryptography as a Security Tool ļ® Broadest security tool available ļ¬ Source and destination of messages cannot be trusted without cryptography ļ¬ Means to constrain potential senders (sources) and / or receivers (destinations) of messages ļ® Based on secrets (keys) Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.11 Silberschatz, Galvin and Gagne Ā©2005
  • 12. Encryption ļ® Encryption algorithm consists of ļ¬ Set of K keys ļ¬ Set of M Messages ļ¬ Set of C ciphertexts (encrypted messages) ļ¬ A function E : K ā†’ (Mā†’C). That is, for each k K, E(k) is a function for generating ciphertexts from messages. ļ€“ Both E and E(k) for any k should be efficiently computable functions. ļ¬ A function D : K ā†’ (C ā†’ M). That is, for each k K, D(k) is a function for generating messages from ciphertexts. ļ€“ Both D and D(k) for any k should be efficiently computable functions. ļ® An encryption algorithm must provide this essential property: Given a ciphertext c C, a computer can compute m such that E(k)(m) = c only if it possesses D(k). ļ¬ Thus, a computer holding D(k) can decrypt ciphertexts to the plaintexts used to produce them, but a computer not holding D(k) cannot decrypt ciphertexts. ļ¬ Since ciphertexts are generally exposed (for example, sent on the network), it is important that it be infeasible to derive D(k) from the ciphertexts Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.12 Silberschatz, Galvin and Gagne Ā©2005
  • 13. Symmetric Encryption ļ® Same key used to encrypt and decrypt ļ¬ E(k) can be derived from D(k), and vice versa ļ® DES is most commonly used symmetric block-encryption algorithm (created by US Govt) ļ¬ Encrypts a block of data at a time ļ® Triple-DES considered more secure ļ® Advanced Encryption Standard (AES), twofish up and coming ļ® RC4 is most common symmetric stream cipher, but known to have vulnerabilities ļ¬ Encrypts/decrypts a stream of bytes (i.e wireless transmission) ļ¬ Key is a input to psuedo-random-bit generator ļ€“ Generates an infinite keystream Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.13 Silberschatz, Galvin and Gagne Ā©2005
  • 14. Asymmetric Encryption ļ® Public-key encryption based on each user having two keys: ļ¬ public key ā€“ published key used to encrypt data ļ¬ private key ā€“ key known only to individual user used to decrypt data ļ® Must be an encryption scheme that can be made public without making it easy to figure out the decryption scheme ļ¬ Most common is RSA block cipher ļ¬ Efficient algorithm for testing whether or not a number is prime ļ¬ No efficient algorithm is know for finding the prime factors of a number Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.14 Silberschatz, Galvin and Gagne Ā©2005
  • 15. Cryptography (Cont.) ļ® Note symmetric cryptography based on transformations, asymmetric based on mathematical functions ļ¬ Asymmetric much more compute intensive ļ¬ Typically not used for bulk data encryption Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.15 Silberschatz, Galvin and Gagne Ā©2005
  • 16. Authentication ļ® Constraining set of potential senders of a message ļ¬ Complementary and sometimes redundant to encryption ļ¬ Also can prove message unmodified ļ® Algorithm components ļ¬ A set K of keys ļ¬ A set M of messages ļ¬ A set A of authenticators ļ¬ A function S : K ā†’ (Mā†’ A) ļ€“ That is, for each k K, S(k) is a function for generating authenticators from messages ļ€“ Both S and S(k) for any k should be efficiently computable functions ļ¬ A function V : K ā†’ (MƗ Aā†’ {true, false}). That is, for each k K, V(k) is a function for verifying authenticators on messages ļ€“ Both V and V(k) for any k should be efficiently computable functions Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.16 Silberschatz, Galvin and Gagne Ā©2005
  • 17. Digital Certificates ļ® Proof of who or what owns a public key ļ® Public key digitally signed a trusted party ļ® Trusted party receives proof of identification from entity and certifies that public key belongs to entity ļ® Certificate authority are trusted party ā€“ their public keys included with web browser distributions ļ¬ They vouch for other authorities via digitally signing their keys, and so on Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.17 Silberschatz, Galvin and Gagne Ā©2005
  • 18. User Authentication ļ® Crucial to identify user correctly, as protection systems depend on user ID ļ® User identity most often established through passwords, can be considered a special case of either keys or capabilities ļ¬ Also can include something user has and /or a user attribute ļ® Passwords must be kept secret ļ¬ Frequent change of passwords ļ¬ Use of ā€œnon-guessableā€ passwords ļ¬ Log all invalid access attempts ļ® Passwords may also either be encrypted or allowed to be used only once Operating System Concepts ā€“ 7th Edition, Jan 10, 2005 15.18 Silberschatz, Galvin and Gagne Ā©2005