Upload
dugguz
View
216
Download
0
Embed Size (px)
Citation preview
8/9/2019 16 OS Security Issues
1/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
1
REAL TIME OPERATING SYSTEMS
Lesson-24:
OS SECURITY ISSUESOS SECURITY ISSUES
8/9/2019 16 OS Security Issues
2/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
2
1. Important Security Functions1. Important Security Functions
8/9/2019 16 OS Security Issues
3/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
3
Protection MechanismProtection Mechanism
OS should provide protection mechanisms
and implement a system administrator (s)
defined security
8/9/2019 16 OS Security Issues
4/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
4
Flexibility to of changeFlexibility to of change
when needed to fulfill the need
requirements of all the processes.
For example, a process has control of 32
memory blocks at an instance and the OS
configured the system accordingly. t
Later when more processes are created, this
can be reconfigured.
8/9/2019 16 OS Security Issues
5/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
5
Controlled resource sharingControlled resource sharing
Controlling read and write of the resources
and parameters by user processes.
For example, some resources write only for
a process and some read only for a set of
processes
Another example, memory buffer to which
one process writes at an instant till thatbuffer is emptied by other process
8/9/2019 16 OS Security Issues
6/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
6
Confinement MechanismConfinement Mechanism
Mechanism that restricts sharing of
parameters to a set of processes only .
8/9/2019 16 OS Security Issues
7/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,Inc.
7
Security Policy (Strategy)Security Policy (Strategy)
Rules for authorizing access to the OS,
system and information.
A policy example is that a communication
system may having a policy of peer-to-
peer communication (connection
establishment preceding the data packets
flow).
8/9/2019 16 OS Security Issues
8/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,
Inc.
8
Authentication MechanismAuthentication Mechanism
External authentication mechanism for the userand a mechanism meant to prevent an
application run unless the user registers and the
system administrator (software) authorizes
Internal authentication for the process, and theprocess should not appear (impersonate) as some
like other processes.
User authentication can become difficult if the
user disseminates password passwords or otherauthentication methods
8/9/2019 16 OS Security Issues
9/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,
Inc.
9
AAuthorizationuthorization
User or process (s) allowed to use the
system resources as per the security policy
8/9/2019 16 OS Security Issues
10/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,
Inc.
10
EncryptionEncryption
A tool to change information to make it
unusable by any other user or process unless
without the appropriate key is used for
deciphering it.
8/9/2019 16 OS Security Issues
11/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,
Inc.
11
SummarySummary
8/9/2019 16 OS Security Issues
12/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,
Inc.
12
We learntWe learnt
OS security issues are importantconsiderations.
Protection of memory and resources from
any unauthorized and without explicitauthorization write into the PCB or
resource, or mix up of accesses of one by
another, becomes imperative from an OS
security and protection mechanism
8/9/2019 16 OS Security Issues
13/13
2008Chapter-8 L24: "Embedded Systems - Architecture,
Programming and Design" , Raj Kamal, Publs.: McGraw-Hill,
Inc.
13
End of Lesson 24 of Chapter 8End of Lesson 24 of Chapter 8