29.1 lecture 29 security i based on the silberschatz & galvin’s slides and stallings’ slides
TRANSCRIPT
29.1
Lecture 29Security I
Based on the Silberschatz & Galvin’s slides
And Stallings’ slides
29.2
Security
• The Security Problem
• Authentication
• Program Threats
29.3
The Security Problem
• Security must consider external environment of the system, and protect it from:
– unauthorized access.
– malicious modification or destruction
– accidental introduction of inconsistency.
• Easier to protect against accidental than malicious misuse.
29.4
Types of Threats
• Interruption
– an asset of the system is destroyed of becomes unavailable or unusable
– Examples destruction of hardware (hard disk) cutting of a communication line disabling the file management system
29.5
Types of Threats
• Interception
– an unauthorized party gains access to an asset
– Examples wiretapping to capture data in a network illicit copying of files or programs
29.6
Types of Threats
• Modification
– an unauthorized party not only gains access but tampers with an asset
– Examples changing values in a data file altering a program so that it performs differently modifying the content of messages being transmitted in a network
29.7
Types of Threats
• Fabrication
– an unauthorized party inserts counterfeit objects into the system
– Examples insertion of spurious messages in a network addition of records to a file
29.8
Authentication
• User identity most often established through passwords, can be considered a special case of either keys or capabilities.
• Passwords must be kept secret.
– Frequent change of passwords.
– Use of “non-guessable” passwords.
– Log all invalid access attempts.
29.9
Techniques for Learning Passwords
• Try default password used with standard accounts shipped with computer
• Exhaustively try all short passwords
• Try words in dictionary or a list of likely passwords
• Collect information about users and use these items as passwords`4
29.10
Observed Password Lengths
Length Number Fraction of Total
1 55 .004
2 87 .006
3 212 .02
4 449 .03
5 1262 .09
6 3035 .22
7 2917 .21
8 5772 .42
Purdue University. 54 machines. 7000 user accounts
29.11
Techniques for Learning Passwords
• Try user’s phone numbers, social security numbers, and room numbers
• Try license plate numbers
• Use a Trojan horse to bypass restrictions on access
• Tap the line between a remote user and the host system
29.12
Password Cracked from a Sample Set of 13,797 Accounts [KLEI90]
Type of Password Search Number Percentage of
Size of Matches Passw. Match
User/account name 130 368 2.7%
Common names 2239 548 4.0%
Female names 4280 161 1.2%
Phrases and patterns 933 253 1.8%
System dictionary 19683 1027 7.4%
Machine names 9018 132 1.0%
29.13
Effectiveness of guessing(W. Stallings)
• Personal information
• Words from various dictionaries (60000 words)
• Various permutations of words from the dictionaries)
• Capitalization permutations
Test with 3 million words
Thinking Machine
Time to encrypt all these words: under one hour
Success rate: 25%
29.14
Password Selection Strategies
• Computer generated passwords
– users have difficulty remembering them
– need to write it down
– have history of poor acceptance
• Eliminate guessable passwords while allowing the user to select a password that is memorable
29.15
Password Selection Strategies
• Reactive password checking strategy
– system periodically runs its own password cracker to find guessable passwords
– system cancels passwords that are guessed and notifies user
– consumes resources to do this
– hacker can use this on their own machine with a copy of the password file
29.16
Password Selection Strategies
• Proactive password checker
– the system checks at the time of selection if the password is allowable
– with guidance from the system users can select memorable passwords that are difficult to guess
29.17
Program Threats(Needs Host Programs)
• Trojan Horse
– Useful program (example a game) that contains hidden code that when invoked performs some unwanted or harmful function
– can be used to accomplish functions indirectly that an unauthorized user could not accomplish directly
user may set file permission so everyone has access
29.18
Program Threats(Needs Host Programs)
• Trap Door
– Entry point into a program that allows someone who is aware of trapdoor to gain access
– used by programmers to debug and test programs avoids necessary setup and authentication method to activate program if something wrong with
authentication procedure
29.19
Program Threats(Needs Host Programs)
• Logic Bomb
– Logic embedded in a computer program that checks for a certain set of conditions to be present on the system
presence or absence of certain files particular day of the week particular user running application
– When these conditions are met, it executes some function resulting in unauthorized actions