OS Vulnerabilities & Control Methods in Linux, Unix & Windows
1. Operating System
Vulnerability and
Control
(LINUX,UNIX and WINDOWS)
2. Definition of Vulnerability
A Vulnerability is a weakness which allows
an attacker to reduce system’s information
assurance.
A Vulnerability is the intersection of three
elements: a system susceptibility or flaw,
attacker access to the flaw, and attacker
capability to exploit the flaw.
4. Windows Vulnerabilities
Passwords
Peer-to-peer file sharing
Vulnerabilities in embedded automation features in
Microsoft Outlook and Outlook Express that can
allow execution of rogue code.
5. LINUX Vulnerabilities
Missing permission checks
Uninitialized data
Memory mismanagement
6. Why is Control important in
Operating Systems?
A key problem facing designers of traditional
and embedded operating systems is the
question of how to build adaptive software
systems that are robust, predictable, and
efficient across a range of operating
conditions.
7. Architecture of Control
Systems
Modern control systems architectures can be
considered analogous to today’s information
networks.
It is composed of several phases, including
reconnaissance, traffic analysis, profiling of
vulnerabilities, launching attacks, escalating
privilege, maintaining access, and covering
evidence.
8. Control provided by UNIX OS
MAC : Mandatory Access
Control
DAC : Discretionary Access
Control
If
both DAC and MAC apply to an object,
MAC wins.
9. What a trusted and secure OS
should contain?
Memory protection
Enforce separation
Simplicity
Open design
Complete mediation
Ease of use
10.
11. How does TCB help in security
of OS?
TCB stands for TRUSTRED COMPUTING
BASE.
In OS kernel is the lowest-level part, is
responsible for various processes like inter-
process communication, message passing,
and so on.
A Security Kernel is a part of kernel that
deals with security.
12. Trust implies reliance and the TCB, is
everything in the OS that we rely on to
enforce security.
If everything outside TCB is subverted, we
still have a trusted system.
If anything in TCB is subverted , then the
security of the system is broken.
13. Example of trusted OS are SCOMP which
was developed by Honeywell. It has less than
10,000 loc in its security kernel, and strives
for simplicity.
Windows XP has 40,000,000 loc but still has
numerous dubious features.
14. Next Generation Secure
Computing Base(NGSCB)
Itis a product by Microsoft.
NGSCB was formerly known as Palladium.
NGSCB is designed to work with a special
hardware called as Trusted Computing Group
(TCG).
Open systems like PCs offer a poor job of
protecting secrets.
NGSCB is called as “a virtual set-top box
inside the PC”.
15. The TCG is a tamper-resistant hardware,
which is installed within the PC as a special
hardware.
The tamper-resistant will provide a secure
place to store all secrets.
NGSCB/TCG is a general security-
enhancing technology, with DRM as one
potential application.
16. Design goals of NGSCB
To provide high assurance.
To provide authentication operation.
17. NGSCB Feature Groups
Strong process isolation
Sealed storage
Secure path
Attestation
18. Thus it important to know the
various vulnerabilities in OS
and control them too.