Enhanced Security Models For Operating Systems A Cryptographic

Enhanced Security Models For Operating Systems: A Cryptographic Approach Presented by Gopi Krishna V

Contents �Introduction �Security features of Trusted system �Problems with Trusted systems �Vaults Model �Protection Mechanism �Advantages of Vault �Conclusion

Introduction Computer Security problem: �Earlier, many approaches have been tried in order to provide security in use of computing resources, but we have only limited success. �Why is this situation actually getting worse? Reason: Increased use of distributed computing resources across insecure networks and unpredicted run time interactions cause hard to detect security flaws. �Many operating system security features developed earlier, which have largely been ignored in the contemporary systems

Introduction Importance of Host Security: �Protection mechanisms can be easily bypassed if an attacker can gain access to the layer below that where the protection mechanism resides. �Not only developing secure network protocols but also provision of sufficiently secure operating system.

Introduction Importance of Host Security: �Protection mechanisms can be easily bypassed if an attacker can gain access to the layer below that where protection mechanism resides. �Not only developing secure network protocols but also provision of sufficiently secure operating system. �For sufficient secure foundation , lets have a look at Trusted Systems.

Security features of Trusted System �Trusted systems are identified by two key features for the provision of strong security. § Mandatory Security § Trusted path

Security features of Trusted System Mandatory security: �Nowadays, the majority of systems use Discretionary access control (DAC) where each user determines security policy. �However, Mandatory Access control(MAC) involves a “security administrator” who determines security policy. Trusted path: �It is a mechanism, where a user can interact directly with security-critical system components in an authenticated manner that cannot be imitated by malicious software.

Problems with trusted systems Problems: �Documenting, developing, deploying and testing are significant costs.

Vaults Model �Incorporating cryptography into the security infrastructure by operating system kernel. �This infrastructure can be separated into two types. � Repository parts(Vaults). � protection mechanisms.

Vaults Model Vaults: �A vault is simply a data structure holding sensitive data to which the security kernel carefully controls access according to a small set of simple, pre-defined rules. �Five different types of vaults � User vaults � Global Private Vault (GPRIV) � Global Public Vault(GPUV) � Escrow Vault � Fundamental Vault

Vaults Model User Vaults: �Each user on the system has their own vault, where user can store data virtually and retrieved whenever user required. Global Private Vault(GPRIV): �GPRIV is the system-wide equivalent of the user vaults. Only the system kernel is able to directly access GPRIV. Global public vaults(GPUV): �GPUV is opposite to GPRIV in that it holds values that must be accessible by all users on the system as required.

Vaults Model Escrow vaults: �It is similar to GPRIV vault. �It is used to hold keys for protected objects such that they can be retrieved if required by the Security administrator. Fundamental Vaults: �The fundamental vaults are used to hold the keys for encrypting the other four vaults.

Protection Mechanism File Protection: � Protection of file system objects is one of the key security functions of any OS. � Vaults provide protection to both read and write operations. Read and Write protection: � Now a days, cryptographic file systems only provide confidentiality. Writing into encrypted file is difficult. � Vaults provide file protection keys, where it can provide confidentiality and integrity. � Message Authentication code(MAC) used to access write permission Ticket and File sharing: � Tickets grant permissions to select users and to access objects using a token. � Owner of the object creates protections(read/write), where token and key are generated and stored in the GPRIV.

Protection Mechanism Trusted Fingerprinting: �Under Vault architecture, System administrator uses fingerprinting to protect themselves against threats. �Two types of fingerprinting: � Global Fingerprinting � Local Finger printing

Protection mechanism Global Fingerprinting: �Global fingerprinting stores all authorized users’ finger print in GPUB. �Whenever any user tries to execute a program file, the kernel checks the particular user fingerprint in GPUB. If it matches the fingerprint, it allows the execution. �There are three main advantages � It will check integrity of the program at the time of execution. � It removes the dependency static integrity checker on unsecured components. � It prevents users from running modified program.

Protection Mechanism Local fingerprinting: �It provides the security to individual user. �Vaults allow individual users to accumulate fingerprints of the software. �It provides own security needs in their vault. �This means, it allows a user to implement their own policy.

Protection Mechanism Dual TCB and Extensible Trusted Path: �Trusted Computing Base(TCB) collection of components responsible for enforcing security policy. �Dual TCB �Global TCB �Local TCB � Global TCB handles components in system security with fingerprints in GPUB. � Local TCB handles components of individual user fingerprint in their own vault.

Advantages of Vault Strong security : �Vaults provide a strong security baseline similar to mandatory security features in trusted system. �Vaults implements Trusted finger print mechanism. Flexible and Intuitive security: �Providing more flexibility by offering own security as needed. �The dual TCB prevents undetected modifications of the program

Advantages of vaults Advantages over conventional system: �It provides shield to users to get protected from maliciously modified trusted code. Security advantages of Cryptography: �It eliminates the complexity and easily tested.

Conclusion �Vaults provide a significant usability advantage, in that users no longer need to manage and memorize a large number of passwords and keys.

n a Th u o y k