1 / 16

Secure Operating Systems

Secure Operating Systems. Lesson 2: OS Fundamentals. Security. Very informally, protecting us for Bad Things™ More formally: Confidentiality Integrity Availability It is VERY hard for an application to be secure if the OS it is running on doesn’t help this. What OS Do. Four levels:

clark
Télécharger la présentation

Secure Operating Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Secure Operating Systems Lesson 2: OS Fundamentals

  2. Security • Very informally, protecting us for Bad Things™ • More formally: • Confidentiality • Integrity • Availability • It is VERY hard for an application to be secure if the OS it is running on doesn’t help this

  3. What OS Do • Four levels: • Hardware • OS • Applications • Users • OS is the program most intimately involved with the hardware • Borders of the OS hard to define… Minesweeper?

  4. Computer Systems Organization • Parts: • CPU • Main memory • IO (disk controller) • USB • Graphics adapter • Connected by a bus (or two…) • The OS helps all this work together

  5. Computer Systems Architecture • Lots of different architectures • Von Neumann • Single Process • Multiprocessor • Symmetric/asymmetric multiprocessing • Multicore • Clustered systems

  6. OS Structure • Multiprogramming • Doing more than one thing • Helps drive up CPU utilization • Time sharing/multitasking • Processes, and threads, and… • Swapping, virtual memory

  7. Operating System Operations • Most modern OS are interrupt drive • A trap or exception drives control from the user process to the OS • This leads to “dual mode operation” • Must be able to tell the difference between user code and the OS code • Implemented with a “mode bit” • Often called User mode and Kernel mode

  8. Privilege • The OS wants to be sure it can always regain control • Need a timer – has to have hardware force the control change • Some instructions should also only be callable from kernel (system) mode • Example: timer management

  9. Process Management • OS needs to schedule processes and threads • Create and delete processes • Suspend and resume processes • Ideally, allow for process synchronizationand process communication • These can get iffy with respect to security

  10. Memory Management • Managing physical memory is a nightmare • Is memory executable? • Virtual addresses v. Physical • OS must track who is using what • Often the implementation depends on the hardware support

  11. Protection and Security • Protection: any mechanism that controls access to something (typically, a resource) • Security: slightly more subtle. Things can be technically working, but still insecure (think: lost password) • Will consider UIDs a lot, and permissions… also capabilities

  12. Special Purpose Systems • Real time systems • Handhelds • Distributed

  13. Open and Closed Source • Different design methodologies • Classically, Windows versus Linux – lots of tradeoffs here, you could do a whole class on it

  14. Assignment • Make sure you can access the SVN • Read Chapter 1 of OSC • Make sure you have a Gentoo Linux VM and a Windows XP 32-bit VM up and running (unless you want to experiment on live machines)

  15. Questions & Comments • What do you want to know?

More Related