********************************************** Chapter 14: System Protection and Security ********************************************** Goals of Protection =================== Protection ensures that processes do not interfere with each other or with the OS. Main goals: - **Confidentiality** – Prevent unauthorized access to information. - **Integrity** – Prevent unauthorized modification of data or resources. - **Availability** – Ensure authorized users can access resources. - **Safety** – Prevent actions that could cause harm or system failure. Protection mechanisms define controlled access to resources such as files, memory, CPUs, and devices. Domain of Protection ==================== A **domain** is a set of access rights. A process runs within a specific domain. - **Access Rights:** pairs, such as ``(file1, read)``. - **Static Domains:** Domains assigned at process creation and do not change. - **Dynamic Domains:** Processes may switch domains (e.g., using system calls or capabilities). Domain structures: - **User Mode vs Kernel Mode** Basic dual-domain separation. - **Role-Based Domains** Administrators, users, services. - **Capability Lists and Tickets** Unforgeable tokens that grant specific rights. Access Matrix ============= The **access matrix** formalizes protection by specifying: - **Rows:** Subjects (users, processes, domains) - **Columns:** Objects (files, devices, memory) - **Entries:** Access rights (read, write, execute) Example: +----------+------------+------------+ | | File A | Printer | +==========+============+============+ | User 1 | read/write | use | +----------+------------+------------+ | User 2 | read | - | +----------+------------+------------+ Implementation Techniques: - **Access Control Lists (ACLs)** Column-based; used by many OSes (Windows, Unix permissions). - **Capability Lists** Row-based; each subject holds a list of allowed accesses. - **Lock-and-Key Mechanisms** Objects have locks; domains hold keys to unlock them. System and Network Security Threats =================================== Systems face threats from internal and external adversaries. Types of threats: Malware ------- - **Viruses** – Attach to executable files; require host. - **Worms** – Self-replicating over networks. - **Trojan Horses** – Malicious code disguised as legitimate software. - **Ransomware** – Encrypts user data and demands payment. Attack Techniques ----------------- - **Phishing / Social Engineering** Tricks users into exposing credentials. - **Password Attacks** Brute force, dictionary attacks, credential stuffing. - **Privilege Escalation** Exploiting vulnerabilities to gain higher permissions. - **Man-in-the-Middle (MitM)** Intercepting network communications. - **Denial of Service (DoS/DDoS)** Overloading systems to make them unavailable. Network Security Measures ------------------------- - **Encryption (TLS, HTTPS)** Protects data in transit. - **Firewalls and Packet Filters** Restrict network traffic. - **Intrusion Detection/Prevention Systems (IDS/IPS)** Monitor for malicious patterns. - **Authentication** Passwords, multi-factor authentication, biometric systems. - **Patching and Hardening** Keeping systems updated and minimizing attack surface.