Security Environment and Program Threats in OS Security

Security Environment

Security Problem

• Security must consider external environment of the system, and protect the system resources.
• Intruders (crackers) attempt to breach security.
• Threat is potential security violation.
• Attack is attempt to breach security.
• Attack can be accidental or malicious.
• Easier to protect against accidental than malicious misuse.

Intruders

• Snooping by insiders
• Determined attempt to make money
• Casual prying by nontechnical users
• Commercial or military espionage

Accidental Data Loss

• Hardware or Software error

            - CPU malfunction
            - Disk crash
            - Program bugs

• Human errors

           - Data entry
           - Wrong tape mounted

• Acts of God

           - Fires
           - Earthquakes
           - Wars


Program Threats

• Trojan Horse

         - Code segment that misuses its environment
         - Exploits mechanisms for allowing programs written by users to be executed by other users.
         - Spyware, pop-up browser windows, convert channels

• Trap Door

         - Specific user identifier or password that circumvents normal security procedures.
         - Could be included in a compiler.

• Logic Bomp

          - Program that initiates a security incident under certain circumstances

• Stack and Buffer Overflow

          - Exploits a bug in a program (overflow either the stack or memory buffers)

• Viruses

         - Code fragment embedded in legitimate program
         - Very specific to CPU architecture, operating system, applications
         - Usually borne via email or as a macro
              * Visual Basic Macro to reformat hard drive
                     Sub AutoOpen( )
                      Dim oFS
                         set oFS = CreateObject("Scripting.FileSystemObject")
                           vs = Shell("c:command.com/kformat  c:" ,vbHide)
                                End Sub