29.1

Lecture 29Security I

Based on the Silberschatz & Galvin’s slides

And Stallings’ slides

29.2

Security

• The Security Problem

• Authentication

• Program Threats

29.3

The Security Problem

• Security must consider external environment of the system, and protect it from:

– unauthorized access.

– malicious modification or destruction

– accidental introduction of inconsistency.

• Easier to protect against accidental than malicious misuse.

29.4

Types of Threats

• Interruption

– an asset of the system is destroyed of becomes unavailable or unusable

– Examples destruction of hardware (hard disk) cutting of a communication line disabling the file management system

29.5

Types of Threats

• Interception

– an unauthorized party gains access to an asset

– Examples wiretapping to capture data in a network illicit copying of files or programs

29.6

Types of Threats

• Modification

– an unauthorized party not only gains access but tampers with an asset

– Examples changing values in a data file altering a program so that it performs differently modifying the content of messages being transmitted in a network

29.7

Types of Threats

• Fabrication

– an unauthorized party inserts counterfeit objects into the system

– Examples insertion of spurious messages in a network addition of records to a file

29.8

Authentication

• User identity most often established through passwords, can be considered a special case of either keys or capabilities.

• Passwords must be kept secret.

– Frequent change of passwords.

– Use of “non-guessable” passwords.

– Log all invalid access attempts.

29.9

Techniques for Learning Passwords

• Try default password used with standard accounts shipped with computer

• Exhaustively try all short passwords

• Try words in dictionary or a list of likely passwords

• Collect information about users and use these items as passwords`4

29.10

Observed Password Lengths

Length Number Fraction of Total

1 55 .004

2 87 .006

3 212 .02

4 449 .03

5 1262 .09

6 3035 .22

7 2917 .21

8 5772 .42

Purdue University. 54 machines. 7000 user accounts

29.11

Techniques for Learning Passwords

• Try user’s phone numbers, social security numbers, and room numbers

• Try license plate numbers

• Use a Trojan horse to bypass restrictions on access

• Tap the line between a remote user and the host system

29.12

Password Cracked from a Sample Set of 13,797 Accounts [KLEI90]

Type of Password Search Number Percentage of

Size of Matches Passw. Match

User/account name 130 368 2.7%

Common names 2239 548 4.0%

Female names 4280 161 1.2%

Phrases and patterns 933 253 1.8%

System dictionary 19683 1027 7.4%

Machine names 9018 132 1.0%

29.13

Effectiveness of guessing(W. Stallings)

• Personal information

• Words from various dictionaries (60000 words)

• Various permutations of words from the dictionaries)

• Capitalization permutations

Test with 3 million words

Thinking Machine

Time to encrypt all these words: under one hour

Success rate: 25%

29.14

Password Selection Strategies

• Computer generated passwords

– users have difficulty remembering them

– need to write it down

– have history of poor acceptance

• Eliminate guessable passwords while allowing the user to select a password that is memorable

29.15

Password Selection Strategies

• Reactive password checking strategy

– system periodically runs its own password cracker to find guessable passwords

– system cancels passwords that are guessed and notifies user

– consumes resources to do this

– hacker can use this on their own machine with a copy of the password file

29.16

Password Selection Strategies

• Proactive password checker

– the system checks at the time of selection if the password is allowable

– with guidance from the system users can select memorable passwords that are difficult to guess

29.17

Program Threats(Needs Host Programs)

• Trojan Horse

– Useful program (example a game) that contains hidden code that when invoked performs some unwanted or harmful function

– can be used to accomplish functions indirectly that an unauthorized user could not accomplish directly

user may set file permission so everyone has access

29.18

Program Threats(Needs Host Programs)

• Trap Door

– Entry point into a program that allows someone who is aware of trapdoor to gain access

– used by programmers to debug and test programs avoids necessary setup and authentication method to activate program if something wrong with

authentication procedure

29.19

Program Threats(Needs Host Programs)

• Logic Bomb

– Logic embedded in a computer program that checks for a certain set of conditions to be present on the system

presence or absence of certain files particular day of the week particular user running application

– When these conditions are met, it executes some function resulting in unauthorized actions