KEMBAR78
Operating system vulnerability and control | PPT
أحلام انصارى, profile picture
Uploaded byأحلام انصارى
PPT, PDF9,172 views

Operating system vulnerability and control

Vulnerabilities exist in operating systems like Linux, UNIX and Windows. A vulnerability is a weakness that allows an attacker to compromise a system's security. Vulnerabilities occur at the intersection of a system flaw, an attacker's access to the flaw, and their ability to exploit it. Common UNIX vulnerabilities include setuid problems, trojan horses and terminal troubles. Windows is vulnerable to password issues, peer-to-peer file sharing exploits, and Outlook/Outlook Express bugs. Linux has flaws like missing permission checks, uninitialized data, and memory mismanagement. Control is important for operating systems to balance robustness, predictability and efficiency. The trusted computing base (TCB) aims to enforce security by containing all elements

Downloaded 139 times
Operating System Vulnerability and Control (LINUX,UNIX and WINDOWS)
Definition of Vulnerability A Vulnerability is a weakness which allows an attacker to reduce system’s information assurance. A Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. 
UNIX operating system vulnerabilities  Setuid Problems  Trojan Horses  Terminal Troubles
Windows Vulnerabilities  Passwords  Peer-to-peer file sharing  Vulnerabilities in embedded automation features in Microsoft Outlook and Outlook Express that can allow execution of rogue code.
LINUX Vulnerabilities  Missing permission checks  Uninitialized data  Memory mismanagement
Why is Control important in Operating Systems? A key problem facing designers of traditional and embedded operating systems is the question of how to build adaptive software systems that are robust, predictable, and efficient across a range of operating conditions.
Architecture of Control Systems  Modern control systems architectures can be considered analogous to today’s information networks.  It is composed of several phases, including reconnaissance, traffic analysis, profiling of vulnerabilities, launching attacks, escalating privilege, maintaining access, and covering evidence.
Control provided by UNIX OS MAC : Mandatory Access Control DAC : Discretionary Access Control  If both DAC and MAC apply to an object, MAC wins.
What a trusted and secure OS should contain?  Memory protection  Enforce separation  Simplicity  Open design  Complete mediation  Ease of use
How does TCB help in security of OS?  TCB stands for TRUSTRED COMPUTING BASE.  In OS kernel is the lowest-level part, is responsible for various processes like inter- process communication, message passing, and so on.  A Security Kernel is a part of kernel that deals with security.
 Trust implies reliance and the TCB, is everything in the OS that we rely on to enforce security.  If everything outside TCB is subverted, we still have a trusted system.  If anything in TCB is subverted , then the security of the system is broken.
 Example of trusted OS are SCOMP which was developed by Honeywell. It has less than 10,000 loc in its security kernel, and strives for simplicity.  Windows XP has 40,000,000 loc but still has numerous dubious features.
Next Generation Secure Computing Base(NGSCB)  Itis a product by Microsoft.  NGSCB was formerly known as Palladium.  NGSCB is designed to work with a special hardware called as Trusted Computing Group (TCG).  Open systems like PCs offer a poor job of protecting secrets.  NGSCB is called as “a virtual set-top box inside the PC”.
 The TCG is a tamper-resistant hardware, which is installed within the PC as a special hardware.  The tamper-resistant will provide a secure place to store all secrets.  NGSCB/TCG is a general security- enhancing technology, with DRM as one potential application.
Design goals of NGSCB  To provide high assurance.  To provide authentication operation.
NGSCB Feature Groups  Strong process isolation  Sealed storage  Secure path  Attestation
Thus it important to know the various vulnerabilities in OS and control them too.
THANK YOU…..

More Related Content

PDF
CNIT 127 Ch 1: Before you Begin
bySam Bowne
 
PPTX
Definition of cloud computing
byGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
PDF
Introduction IDS
byHitesh Mohapatra
 
PPTX
Chapter 15
byAli Broumandnia
 
DOCX
21CSB02T UNIT 1 NOTES. FOR WEB APPLICATION SECURITY VERTICAL COURSES
byRajkumars275092
 
PPTX
Mandatory access control for information security
byAjit Dadresa
 
PDF
IDS Evasion Techniques
byTudor Damian
 
PPTX
kerberos
bysameer farooq
 
CNIT 127 Ch 1: Before you Begin
bySam Bowne
 
Definition of cloud computing
byGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
Introduction IDS
byHitesh Mohapatra
 
Chapter 15
byAli Broumandnia
 
21CSB02T UNIT 1 NOTES. FOR WEB APPLICATION SECURITY VERTICAL COURSES
byRajkumars275092
 
Mandatory access control for information security
byAjit Dadresa
 
IDS Evasion Techniques
byTudor Damian
 
kerberos
bysameer farooq
 

What's hot

PPTX
Cloud security Presentation
byAjay p
 
PPTX
Backup and recovery
bydhawal mehta
 
DOCX
The CIA Triad - Assurance on Information Security
byBharath Rao
 
PPTX
NIST CyberSecurity Framework: An Overview
byTandhy Simanjuntak
 
PPTX
Datacenter overview
byHeather Brotherton
 
PPT
Cloud Computing Security Challenges
byYateesh Yadav
 
PDF
Introduction to Cloud Security
bySusanne Tedrick
 
PPT
Virtualization.ppt
byvishal choudhary
 
PDF
A brief history of cloud computing
byOneserve
 
PPTX
Cloud Computing Security
byNinh Nguyen
 
PPTX
Network security
byquest university nawabshah
 
PPTX
Storage Virtualization
byMehul Jariwala
 
DOCX
Distributed system Tanenbaum chapter 1,2,3,4 notes
bySAhammedShakil
 
PPTX
NIST Cloud Computing Reference Architecture
byThanakrit Lersmethasakul
 
PDF
Lecture5 virtualization
byhktripathy
 
PDF
Cloud Security: A New Perspective
byWen-Pai Lu
 
PPTX
Data security in cloud computing
byPrince Chandu
 
PPTX
Cloud security
byNiharika Varshney
 
PPTX
Operating system security
byRamesh Ogania
 
PDF
Network Security Fundamentals
byRahmat Suhatman
 
Cloud security Presentation
byAjay p
 
Backup and recovery
bydhawal mehta
 
The CIA Triad - Assurance on Information Security
byBharath Rao
 
NIST CyberSecurity Framework: An Overview
byTandhy Simanjuntak
 
Datacenter overview
byHeather Brotherton
 
Cloud Computing Security Challenges
byYateesh Yadav
 
Introduction to Cloud Security
bySusanne Tedrick
 
Virtualization.ppt
byvishal choudhary
 
A brief history of cloud computing
byOneserve
 
Cloud Computing Security
byNinh Nguyen
 
Network security
byquest university nawabshah
 
Storage Virtualization
byMehul Jariwala
 
Distributed system Tanenbaum chapter 1,2,3,4 notes
bySAhammedShakil
 
NIST Cloud Computing Reference Architecture
byThanakrit Lersmethasakul
 
Lecture5 virtualization
byhktripathy
 
Cloud Security: A New Perspective
byWen-Pai Lu
 
Data security in cloud computing
byPrince Chandu
 
Cloud security
byNiharika Varshney
 
Operating system security
byRamesh Ogania
 
Network Security Fundamentals
byRahmat Suhatman
 

Similar to Operating system vulnerability and control

PDF
Your First Guide to "secure Linux"
byToshiharu Harada, Ph.D
 
PPTX
22-Trusted Systems, Trusted Systems Functions-13-02-2025.pptx
bywhello732
 
PPTX
System Security Sem 2(Module 1).pptx
byrahulkumarcscsf21
 
PPT
OS Security 2009
byDeborah Obasogie
 
PDF
Ch14 security
byWelly Dian Astika
 
PDF
Object Oriented Secure Modeling using SELinux Trusted Operating System
byEswar Publications
 
PPTX
Operating System & Application Security
bySunipa Bera
 
PDF
Linux Kernel Security Overview - KCA 2009
byJames Morris
 
PPT
OS_Ch19
bySupriya Shrivastava
 
PPT
Ch19 OS
byC.U
 
PPT
OSCh19
byJoe Christensen
 
DOCX
Reference Article1st published in May 2015doi 10.1049etr.docx
bylorent8
 
PDF
Remote security with Red Hat Enterprise Linux
byGiuseppe Paterno'
 
PDF
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
byJames Morris
 
PPT
3. security architecture and models
by7wounders
 
PDF
wepik-securing-cyber-systems-the-power-of-linux-operating-system-202311210522...
byVishalWaghmare45
 
ODP
Portakal Teknoloji Otc Lyon Part 1
bybora.gungoren
 
PDF
Virtualizacion y sistemas operativos por microsoft. Contempla seguridad
byAJ florez
 
PDF
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
byJames Morris
 
PPT
Security and Linux Security
byRizky Ariestiyansyah
 
Your First Guide to "secure Linux"
byToshiharu Harada, Ph.D
 
22-Trusted Systems, Trusted Systems Functions-13-02-2025.pptx
bywhello732
 
System Security Sem 2(Module 1).pptx
byrahulkumarcscsf21
 
OS Security 2009
byDeborah Obasogie
 
Ch14 security
byWelly Dian Astika
 
Object Oriented Secure Modeling using SELinux Trusted Operating System
byEswar Publications
 
Operating System & Application Security
bySunipa Bera
 
Linux Kernel Security Overview - KCA 2009
byJames Morris
 
OS_Ch19
bySupriya Shrivastava
 
Ch19 OS
byC.U
 
OSCh19
byJoe Christensen
 
Reference Article1st published in May 2015doi 10.1049etr.docx
bylorent8
 
Remote security with Red Hat Enterprise Linux
byGiuseppe Paterno'
 
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
byJames Morris
 
3. security architecture and models
by7wounders
 
wepik-securing-cyber-systems-the-power-of-linux-operating-system-202311210522...
byVishalWaghmare45
 
Portakal Teknoloji Otc Lyon Part 1
bybora.gungoren
 
Virtualizacion y sistemas operativos por microsoft. Contempla seguridad
byAJ florez
 
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
byJames Morris
 
Security and Linux Security
byRizky Ariestiyansyah
 

More from أحلام انصارى

PPTX
An Enhanced Independent Component-Based Human Facial Expression Recognition ...
byأحلام انصارى
 
PPTX
Intention recognition for dynamic role exchange in haptic
byأحلام انصارى
 
PPT
Noise Adaptive Training for Robust Automatic Speech Recognition
byأحلام انصارى
 
PPTX
Human behaviour analysis based on New motion descriptor
byأحلام انصارى
 
PPTX
Recognizing Human-Object Interactions in Still Images by Modeling the Mutual ...
byأحلام انصارى
 
PDF
Multimodal Biometric Human Recognition for Perceptual Human–Computer Interaction
byأحلام انصارى
 
PPTX
Security issues in cloud database
byأحلام انصارى
 
PPTX
Html5 offers 5 times better ways to hijack the website
byأحلام انصارى
 
PPTX
Honey pot in cloud computing
byأحلام انصارى
 
PPT
grid authentication
byأحلام انصارى
 
PPTX
Security As A Service In Cloud(SECaaS)
byأحلام انصارى
 
PPT
Dos presentation by ahlam shakeel
byأحلام انصارى
 
PPTX
Soa
byأحلام انصارى
 
PPTX
Rbac
byأحلام انصارى
 
PPTX
Password craking techniques
byأحلام انصارى
 
PPT
Network ssecurity toolkit
byأحلام انصارى
 
PPTX
Image forgery and security
byأحلام انصارى
 
PPTX
Image based authentication
byأحلام انصارى
 
PPT
Dmz
byأحلام انصارى
 
PPT
Cryptography
byأحلام انصارى
 
An Enhanced Independent Component-Based Human Facial Expression Recognition ...
byأحلام انصارى
 
Intention recognition for dynamic role exchange in haptic
byأحلام انصارى
 
Noise Adaptive Training for Robust Automatic Speech Recognition
byأحلام انصارى
 
Human behaviour analysis based on New motion descriptor
byأحلام انصارى
 
Recognizing Human-Object Interactions in Still Images by Modeling the Mutual ...
byأحلام انصارى
 
Multimodal Biometric Human Recognition for Perceptual Human–Computer Interaction
byأحلام انصارى
 
Security issues in cloud database
byأحلام انصارى
 
Html5 offers 5 times better ways to hijack the website
byأحلام انصارى
 
Honey pot in cloud computing
byأحلام انصارى
 
grid authentication
byأحلام انصارى
 
Security As A Service In Cloud(SECaaS)
byأحلام انصارى
 
Dos presentation by ahlam shakeel
byأحلام انصارى
 
Soa
byأحلام انصارى
 
Rbac
byأحلام انصارى
 
Password craking techniques
byأحلام انصارى
 
Network ssecurity toolkit
byأحلام انصارى
 
Image forgery and security
byأحلام انصارى
 
Image based authentication
byأحلام انصارى
 
Dmz
byأحلام انصارى
 
Cryptography
byأحلام انصارى
 
In this document
Powered by AI

Overview of OS vulnerabilities in UNIX, Windows, and Linux highlighting common issues.

Emphasizes the importance of control in OS design and discusses Mandatory and Discretionary Access Control.

Describes the features of trusted OS, the role of TCB, and examples of trusted systems.

Introduction to NGSCB by Microsoft, its features, goals, and how it enhances security.

Summarizes the need to understand and control vulnerabilities in operating systems.

Operating system vulnerability and control

  • 1.
    Operating System Vulnerability and Control (LINUX,UNIX and WINDOWS)
  • 2.
    Definition of Vulnerability A Vulnerability is a weakness which allows an attacker to reduce system’s information assurance. A Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. 
  • 3.
    UNIX operating system vulnerabilities Setuid Problems  Trojan Horses  Terminal Troubles
  • 4.
    Windows Vulnerabilities  Passwords  Peer-to-peer file sharing  Vulnerabilities in embedded automation features in Microsoft Outlook and Outlook Express that can allow execution of rogue code.
  • 5.
    LINUX Vulnerabilities  Missing permission checks  Uninitialized data  Memory mismanagement
  • 6.
    Why is Controlimportant in Operating Systems? A key problem facing designers of traditional and embedded operating systems is the question of how to build adaptive software systems that are robust, predictable, and efficient across a range of operating conditions.
  • 7.
    Architecture of Control Systems Modern control systems architectures can be considered analogous to today’s information networks.  It is composed of several phases, including reconnaissance, traffic analysis, profiling of vulnerabilities, launching attacks, escalating privilege, maintaining access, and covering evidence.
  • 8.
    Control provided byUNIX OS MAC : Mandatory Access Control DAC : Discretionary Access Control  If both DAC and MAC apply to an object, MAC wins.
  • 9.
    What a trustedand secure OS should contain?  Memory protection  Enforce separation  Simplicity  Open design  Complete mediation  Ease of use
  • 11.
    How does TCBhelp in security of OS?  TCB stands for TRUSTRED COMPUTING BASE.  In OS kernel is the lowest-level part, is responsible for various processes like inter- process communication, message passing, and so on.  A Security Kernel is a part of kernel that deals with security.
  • 12.
     Trust implies reliance and the TCB, is everything in the OS that we rely on to enforce security.  If everything outside TCB is subverted, we still have a trusted system.  If anything in TCB is subverted , then the security of the system is broken.
  • 13.
     Example of trusted OS are SCOMP which was developed by Honeywell. It has less than 10,000 loc in its security kernel, and strives for simplicity.  Windows XP has 40,000,000 loc but still has numerous dubious features.
  • 14.
    Next Generation Secure ComputingBase(NGSCB)  Itis a product by Microsoft.  NGSCB was formerly known as Palladium.  NGSCB is designed to work with a special hardware called as Trusted Computing Group (TCG).  Open systems like PCs offer a poor job of protecting secrets.  NGSCB is called as “a virtual set-top box inside the PC”.
  • 15.
     The TCGis a tamper-resistant hardware, which is installed within the PC as a special hardware.  The tamper-resistant will provide a secure place to store all secrets.  NGSCB/TCG is a general security- enhancing technology, with DRM as one potential application.
  • 16.
    Design goals ofNGSCB  To provide high assurance.  To provide authentication operation.
  • 17.
    NGSCB Feature Groups Strong process isolation  Sealed storage  Secure path  Attestation
  • 18.
    Thus it importantto know the various vulnerabilities in OS and control them too.
  • 19.