COMP 3000 Operating Systems
Security and Additional OS Topics (part 2)
Lianying Zhao
Keep It Simple!
• Minimizing TCB size
• Naturally, OS is part of the TCB for most* applications
• Features are the enemy of security
• Another direction: Microkernels
• Offloading and distributing (not avoiding) functions • Minix
COMP 3000 (Winter 2021) 2
Reference Monitor
• Where access control policies are enforced: reference validation • Non-bypassable: ideally, a single point of enforcement
COMP 3000 (Winter 2021) 3
Authentication
• Purpose: to prove that you are whom you claim to be • Authentication factors:
• What you know
• Knowledge: passwords, passphrases, PIN, etc.
• What you have
• Possession: hardware tokens like smart card, SecurID, etc.
• What you are
• Inherence: biometrics like fingerprint, face, iris, voice, etc.
• Password guessing • Dictionary attacks
• Multi-factor authentication (e.g., 2FA)
COMP 3000 (Winter 2021) 4
Security Topics Mentioned
• Various OS abstractions
• /etc/shadow
• -rw-r—– 1 root shadow: access control (a) • $6$RisKsKctyO2IxDeS$sH…: cryptography (c)
• Kernel space vs. user space (a)
• User privileges, e.g., root (a)
• /usr/bin/login (a + c)
• File permission bits (a)
• Memory access violation: segmentation fault (a)
• ASLR (a + c)
COMP 3000 (Winter 2021) 5
Security Topics Mentioned
• Discretionary access control (DAC) • Owner-based (i.e., subject)
• Transferrable if owner wants to
• Mandatory access control (MAC)
• Fine-grained rules/policies defined by admin
• Owner cannot control access to resources he/she owns
COMP 3000 (Winter 2021) 6