Professional Documents
Culture Documents
UNIT - 2 Notes
UNIT - 2 Notes
UNIT - 2 Notes
1
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
The model uses a layered classification scheme for subjects and a layered
categorization scheme for objects. The classification level of the objects and the
access rights of the subjects determine which subject will have authorized access
to which object. This layered structure forms a lattice for manipulating access.
It implements Mandatory Access Control (MAC) and Discretionary Access
Control (DAC).
2
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
Confinement Principle
The Confinement Principle is the principle of preventing a server from leaking
information that the user of the service considers confidential.
The Confinement Principle deals with preventing a process from taking
disallowed actions.
Consider a client/server the client’s sends a data request to the server, the server
uses the data, performs some function and sends the results (data) back to the
client.
In Confinement Principle access control affects the function of the server in two
ways:
a) Goal of service provider: The server must insure that the resources it access
on behalf of the client include only those resources that the client is
authorised to access.
b) Goal of the service user: The server must insure that it does not reveal the
clients data to any other entity which is not authorised to see the client data.
3
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
3. There are three types of UID defined for a process, which can be
dynamically changed as per the privilege of task.
7. Each user account has a unique UID. The UID O means the super user
(System admin). A user account belongs to multiple groups. Subject are
processes, associated with uid/gid pairs.
4
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
Confinement techniques
Following are the various confinement techniques:
b. The programs that run in this modified environment cannot access the files
outside the designated directory tree. This essentially limits their access to
a directory tree and thus they get the name chroot jail.
c. The idea is that we create a directory tree where we copy or link in all the
system files needed for a process to run.
d. We then use the chroot system call to change the root directory to be at the
base of this new tree and start the process running in that chrooted
environment.
e. Since it cannot actually reference paths outside the modified root, it cannot
maliciously read or write to those locations.
2. Jailkits.
a. Jailkit is a set of utilities to limit user accounts to specific files using chroot
() and or specific commands.
d. It will abort in a secure way if the configuration is not secure, and it will
send useful log messages that explain what is wrong to system log.
5
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
3. FreeBSD jail:
b. It runs on processors such as the Pentium that are compatible with Intel's
x86
e. The need for the FreeBSD jails came from a small shared environment
hosting provider's desire to establish a clean, clear cut separation between
their own services and those of their customers, mainly for security and
ease of administration.
c. This approach brings with it a host of pitfalls for the unwary implementer that
if overlook can allow his tool to be easily circumvented.
6
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
VM based isolation
4. Virtually all operating systems provide a process VM for each one of the
applications running, but the more interesting process VMs are those which
support binaries compiled on a different instruction set.
Rootkit
3) Root refers to the Admin account on Unix and Linux systems, and kit refers
to the software components that implement the tool.
7
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
6) Once a rootkit has been installed, the controller of the rootkit has the ability
to remotely execute files and change system configurations on the host
machine.
7) A rootkit on an infected computer can also access log files and spy on the
legitimate computer owner's usage.
Purpose of rootkits:
2. To avoid detection, they tamper with the system to conceal the presence of
the malware (for example, hide files) and its activities (for example,
running processes).
Examples of rootkits:
Machiavelli: The first rootkit targeting Mac OSX. This rootkit creates
hidden system calls and kernel threads.
8
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
5. The IDS monitors traffic and report its results to an administrator, but
cannot automatically take action to prevent a detected exploit from taking
over the system,
c). In a NIDS, sensors are placed at choke points in the network to monitor,
often in the Demilitarized Zone (DMZ) or at work borders.
d). Sensors capture all network traffic and analyse the content of individual
packets for malicious traffic.
9
BBDITM-054 COMPUTER SYSTEM SECURITY UNIT - 2
b) By using this, we can deploy the Intrusion Detection System with Virtual
Machine Monitoring.
10