Access Control

Question 1

What are the 3 fundamental categories of security techniques?

Answer 1

proactive, real-time, reactive

Question 2

What 3 entities underlie the design of secure computer systems?

Answer 2

reference monitor, reference validation mechanism, trusted computing base

Question 3

What are the principals of a reference monitor?

Answer 3

the users

Question 4

what is a capability?

Answer 4

communicable, unforgeable token of authority

Question 5

how do we enforce policies?

Answer 5

reference monitor implemented as controls

Question 6

Where should you put access control mechanisms?

Answer 6

everywhere

Question 7

what are the 3 reference monitor placement types?

Answer 7

stacked, sandbox, embedded

Question 8

What is the stacked placement type? Give an example.

Answer 8

Where the RM is part of the interface between user space and OS.
example: all modern OS

Question 9

What is the sandbox placement type? Give an example.

Answer 9

the program is executed in an RM-controlled environment.

example: interpreted language (Java)

Question 10

What is the embedded placement type? Give an example.

Answer 10

the RM is a subcomponent of the program.

example: SQL engine

Question 11

what are some reasons for a hardware-near security kernel?

Answer 11

• all mechanisms can be compromised from the layer below
• the lower the level, the harder to bypass
• the lower the level, the simpler the code
• hardware offers best performance for specialized checks
• higher level of assurance with smaller overhead

Question 12

What are the 4 categories for requirements for OS security/

Answer 12

• execution domains
• process separation
• memory protection
• input/output controls

Question 13

OS is both ___?___ and ___?___

Answer 13

arbitrator of access requests

object of access control

Question 14

should users ever be able to modify the OS?

Answer 14

no

Question 15

what is the classic distinction?

Answer 15

user mode vs supervisor mode

Question 16

what are the principles of the multics protection rings?

Answer 16

each ring has access to itself, and all rings outside of itself, but no ring has access to rings inside itself. So ring 0 has access to everything.

Question 17

what is TOCTOU?

Answer 17

Time-of-check time-of-use

Question 18

What are the 2 steps to a TOCTOU attack?

Answer 18

1. adversary prepares benign parameters and invokes the call gate
2. while that call is processed, the adversary modifies parameters to something malicious

Question 19

what are interrupts used for?

Answer 19

controlled invocation

Question 20

what can be used to implement system calls?

Answer 20

software-invoked interrupts

Question 21

What are 3 examples of malicious use of interrupt redirection?

Answer 21

keyboard logging, virus spreading, network manipulation

Question 22

what is the memory hierarchy of modern computing systems?

Answer 22

logical memory, segmentation unit, linear memory, paging unit, physical memory

Question 23

describe logical memory

Answer 23

environment of processes, is what assembler instructions refer to.

Question 24

describe linear memory

Answer 24

flat addressing model, each byte is one address.

address span reflects register size.

Question 25

describe physical memory

Answer 25

silicon-produced memory cells, addressed by wires

Question 26

what is a segement?

Answer 26

continuous memory area of arbitrary length

Question 27

what is a page?

Answer 27

memory slice of fixed size (standard 4kb)

Question 28

what is a local descriptor table (LDT)?

Answer 28

a memory table containing memory segment descriptors

Question 29

what is the difference between LDTs and GDTs?

Answer 29

every task/thread can have its own LDT

Question 30

What is segmentation?

Answer 30

memory division into logical units

Question 31

What is paging?

Answer 31

memory division into physical units