Operating system security
- 3. Operating System Overview
• Operating system: collection
of programs that allows user
to operate computer
hardware
• Three layers:
– Inner layer, computer
hardware
– Middle layer, operating
system
– Outer layer, different
software
- 4. Operating System Overview
• Key functions of an operating system:
– Multitasking, multi sharing
– Computer resource management
– Controls the flow of activities
– Provides a user interface
– Administers user actions and accounts
– Runs software utilities and programs
– Enforce security measures
– Schedule jobs
– Provide tools to configure the operating system
and hardware
- 5. The OS Security Environment
• A compromised OS can
compromise a database
environment
• Physically protect the
computer running the OS
(padlocks, chain locks,
guards, cameras)
• Model:
– Bank building (operating
system)
– Safe (database)
– Money (data)
- 6. The Components of an OS Security Environment
• Used as access points
to the database
• Three components:
– Services
– Files
– Memory
- 7. Services
• Main component of operating system security
environment
• Used to gain access to the OS and its features
• Include
– User authentication
– Remote access
– Administration tasks
– Password policies
- 8. Files
• Common threats:
– File permission
– File sharing
• Files must be protected from unauthorized
reading and writing actions
• Data resides in files; protecting files
protects data
- 9. File Permissions
• Read, write, and execute privileges
• In Windows:
– Change permission on the Security tab on a
file’s Properties dialog box
– Allow indicates grant; Deny indicates revoke
- 10. Sharing Files
• Naturally leads to security risks and threats
• Peer-to-peer programs: allow users to share files
over the Internet
• Reasons for blocking file sharing:
– Malicious code
– Adware and spyware
– Privacy and confidentiality
– Pornography
– Copyright issues
- 11. Memory
• Hardware memory available on the system can be
corrupted by badly written software
• Can harm data integrity
• Two options:
– Stop using the program
– Apply a patch (service pack) to fix it
- 12. Authentication
• Authentication:
– Verifies user identity
– Permits access to the operating system
• Physical authentication:
– Allows physical entrance to company property
– Magnetic cards and biometric measures
• Digital authentication: verifies user identity by
digital means
- 13. Authorization
• Process that decides whether users are
permitted to perform the functions they
request
• Authorization is not performed until the
user is authenticated
• Deals with privileges and rights
- 14. User Administration
• Create user accounts
• Set password policies
• Grant privileges to users
• Best practices:
– Use a consistent naming convention
– Always provide a password to an account and
force the user to change it at the first logon
– Protect passwords
– Do not use default passwords
- 15. Vulnerabilities of OS
• Top vulnerabilities to Windows systems:
– Internet Information Services (IIS)
– Microsoft SQL Server (MSSQL)
– Windows Authentication
– Internet Explorer (IE)
– Windows Remote Access Services
– Microsoft Data Access Components (MDAC)
– Windows Scripting Host (WSH)
– Microsoft Outlook and Outlook Express
– Windows Peer-to-Peer File Sharing (P2P)
– Simple Network Management Protocol (SNMP)
- 16. NIST Approach Phases
• Planning
• Installation
• Configuration
• Update
• Maintenance
• Consider the OS layered model, each layer
needs to be properly secured, and it may be
attack from layers bellow
- 17. OS Layered Model
User Space
Services / Hypervisor
System Calls
Device Drivers / Hardware Abstraction Layer (HAL)
Kernel / BIOS
Instruction Set Architecture
Hardware
Physical World
- 18. Hardening the OS
• Default OS configurations are for ease of use
• Measures have to be done at all stages
– Installing and patching
– Configuring
• Remove unnecessary applications, services and protocols
• Users, groups, controls and privileges
– Install additional software (anti-virus, firewall, intrusion
detection system, etc.)
– Test Security
- 19. Installing and Patching
• Installation
– Machines should not connect to network until secured
• However removable media may be infected as well
– Limited network (firewall) is acceptable, ideally:
• No inbound connections
• Only out to certain key sites
– Install only required services and drivers (from trusted sources)
– Set up automatic updates (only if update time is not an issue)
• Booting
– Protect BIOS changes with password
– Disable some bootable media
– Cryptographic hard drives? Pros and Cons
- 21. Remove Unnecessary Support
• Software have vulnerabilities, hence more software
= more vulnerabilities
• Better to not install it at all
– Uninstallers sometimes fail to clean all dependency
– Disabled software may be enabled by an attacker upon
control acquisition
�� Disabling can be done via msconfig command
(Windows), yast or equivalent (Linux) or Control
Panel (Windows / Linux)
- 22. Configure Authentication
• Define user types and privileges
– Admin (ideally only temporary)
– Normal
– Limited
• Authentication
– Force default password change
– Password definition
– Password lifespan
• Remove or disable old accounts
• Allow for remote connections?
- 23. Additional Security and Testing
• Anti-virus
• Firewalls, IDS, IPS
• White list
– If attackers manage to install a program what will
happen?
• Run some test cases which attempt to break
security (stress testing), good hackers make a
lot of money here
- 24. Application Security
• Configure applications properly
• Use encryption when possible as seen earlier
– For storing
– For transmit (SSH connections)
• Limit privileges as with users
– Remember what we have said about security in Android,
Blackberry, and iPhone
• Applications may provide backdoors if not
configured properly
- 25. Maintenance
• Now that system is set, keep it secure
• This involves
– Monitoring and analyzing logging information
– Performing regular backups
– Recovering from security compromises
– Regular testing of security
– Patch, update, and revise critical software
- 26. Logging
• Keep a record of important events in the
computer
• Problems
– Need to make sure to have enough space
– Manual analysis is hard, so these logs should
contain a format such that a program (e.g. in
Perl) can parse messages
- 27. Data Backup
• Backup is the act of creating copies of information
such that it may be recovered
• Archive is to keep these backups for a long period of
time in order to meet some legal aspects
• Should the backup be kept online or offline?
– Online makes easier access, faster recover
– Offline is more secure, harder to recover
– Why not both?: Users should keep their own offline
backups, in case online backup gets removed
• Data may be lost accidentally (hardware failures,
human mistake) or intentionally
- 28. Windows Security
• Use automatic updates specially for
– Windows
– Adobe Acrobat Reader and Flash Plugin
– Java
• Users are defined with a Security ID (SID) and
information such as passwords may be stored at
Security Account Manager (SAM)
• System restore
• User Account Control to treat users with admin only
as admin when required, otherwise as normal
(Vista and later)
- 29. Windows Registry
• Hard to maintain
• Easy to access
• May use a specific application hiding complex
information from administrator
• May use regedit to see everything
– Useful to have an application that queues and
monitors registry changes, such that they need to
get approved before proceeding
- 30. Other Windows Security
• Anti-virus
• Anti-spyware
• Personal firewall
• Encrypting File Systems
– Local Security Policy
• BitLocker: full disk encryption with AES
• More on Control Panel System Security
• Microsoft Baseline Security Analyzer
– Checks for minimal recommended requirements in a system
– Its free
– Shavlik NetChk Limited for legacy
- 31. Virtualization
• Virtualization: defines an isomorphism that maps a
virtual guest system to a physical host
• Adds another degree of freedom by enabling
multiple resource managers and controlled sharing.
– Adds a level of indirection
• Can virtualize a single resource (DRAM, Disks) or an
entire system (machine).
– may create one or more virtual objects.
• Virtual Machine: Add virtualization layer which
transforms the physical machine into the desired
virtual architecture.
- 32. Some Virtual Machines
• Oracle VirtualBox
• Microsoft Virtual PC (formerly Virtual PC)
• VMware
• Xen Hypervisor
• Parallel Desktop (popular on MAC)