Domain 3, Security architectures, designs, solution elements Flashcards
Modes of Operation (security)
Way of an operating system to work at certiain levels of security.
Dedicated Mode
System contains objects of only one classification label. All subs must have clearance at least as high as the object
System High mode
contains mixed object levels. All subs must have clearance equal to the highest object classification.
Compartmented mode
Ass subs have necessary clearance, but also are required to get formal access approval. Need to know. Compartmented information better allows for need to know access.
Multilevel mode
Contains mixed object classes. The Reference Monitor controlls access between subjects and objects. Ensures subjects can only access info at their level.
Orange book
TCSEC, first security standard. Most concepts still in use today.
TCSEC
Trusted Comp System Evaluation Criteria
Orange Book - Divisions
D- lowest
C
B
A - highest
Classes
i.e. C1, C2, A1, A2. Higher is more secure
TNI/Red book
Trusted Network INterpretation. Uses orange book concepts to apply to networks.
ITSEC
Information tech security evaluation criteria
ITSEC
first successful internation eval model
ITSEC Assurance ratings
E0 - E6
ITSEC Functionality rating
F-C1, F-c2, F-b1, F-b2, F-b3
International Common Criterai
replaces ITSEC and TCSEC. Designed to evaluate commercial and govt systems.
Common Criteria ToE
Target of evaluation. System or product being evaluated
Common Criteria ST
Security Target. Documentation that describes the ToE, including sec requirements and operational env.
Protective Profile
unique set of sec. reqs for a specific category of products (i.e. firewall, end user pc, intrusion detect.)
Eval Assurance Levvel
EAL = score of the tested product or system
EAL Levels
EAL1 through EAL7
EAL1
Functionally tested
EAL2
Structurally tested
EAL3
Methodically tested and checked
EAL4
methodically designed, tested, and and checked
EAL5
semi formally designed and tested
EAL6
semi formally verified, designed, and tested
EAL7
Formally verified, designed, and tested.
Layering
separates hardware and software functionality into tiers
Example sec. architecture layers
- Hardware
- Kernel and drivers
- OS
- Apps
Abstraction
Hides unnecessary details from the user.
Sec. domains
list of objects a subject is allowed to access. Erros between domains don’t affect each other.
Kernel Mode
sec. domain. where the kernel lives. allows low level access to memory, cpu, disk, etc.
User mode
sec. domain where users live.
Ring model
CPU Hardware layering that separates and protects domains.
Rings in the ring model
0 - kernel
1 - OS components not fitting in ring 0
2 - Device drivers
3 - User apps
System Call
Method for a process to communicate between rings.
Hypervisor ring
HV lives in ring 0
Open and closed systems
Open - windows, linux
Closed - MAC-OS
Sec Hardware Architecture
Focuses on applying CIA to physical components of a computer.
System Unit
Computer case
Motherboard
holds cpu, memory, firmware (bios), and connects to peripherals.
Computer Bus
primary comms channel on a computer system.
Northbridge
in system with two busses,
AKA MCH Memory control unit
connects CPU, RAM, and video cards.
Southbridge
ICH - input/output controller hub
southbridge
Connects to input output peripherals
CPU
- doi
ALU
subsystem of CPU. performas math processes. fed instructions by the Control unit
CU
subsystem of CPU. Acts as traffic cop for running processes.
Process steps
- fetch inst.
- decode inst.
- execute instruction
- write result
Fetch and Execute
CPU runs only one process at a time. Takes full clock cycle for one process.
pipelining.
way for CPU to work through multiple instructions at once.
i.e. at the same time:
- Fetching instruction 4
- decoding instruction 3
- executing instruction 2
- writing instruction 1.
interrupts
Asynchronus event - causes CPU to stop what it’s doing, do another process, then resume the task it was previously in the middle of.
Process
Executable program and its’ associated data loaded and running in memory.
HWP
Heavy weight process AKA task.
Thread
a child process started from another ‘parent’ process. LWP.
LWP
light weight process - thread
Threads can ______ Memory
share.
Process states
New, ready, running, blocked, terminate
Process State - New
process is being created
Process State - Ready
process waiting execution by cpu
Process State - running
process is being executed
Process State - blocked
waiting for I/O
Process State - terminate
Process is completed
Multitasking
Allows cpu to run multiple tasks at once.
Multiprocessing
Runs multiple processes on multiple CPUs
SMP
Symmetric Multiprocessing - uses one OS for all CPUs
AMP
asymmetric multiprocessing. Uses one OS per CPU
CISC
Complex instruc. set computer
uses large set of complex machine language instructions
RISC
Reduced instruct. set computer
uses reduced set of simpler machine language instructions.
Direct Memory addressing
Address is based off of physical memory location.
Indirect memory addressing
address based off of memory reference
register direct addressing
register directly references memory location
register indirect addressing
register references another register memory location
Memory protection
Prevents one process from affecting the CIA of another process. Requirement for secure multi-user systems.
Process isolation
logical control that prevents a process from interfering with another process
Hardware segmentation
Further isolates processes by assigning them physically separate memory locations.
Virtual memory
provides virtual mapping between apps and system memory.
Swapping
uses virtual memory to move contants to/form primary memory and secondary memory.
BIOS
basic input/output system
WORM Storage
write once read many (CDs, DVDs, Tapes)
Trusted platform module
module that adds further security to a system. typically connected straight to Mobo
DEP
Data Execution Prevention - attempts to prevent code execution in memory locaations that are not predefined to have executable content.
ASLR
Address space location randomization
randomizes the location of instruction sets between different machines. This makes it more difficult to execute attacks.
Monolithic Kernel
Compilied into one static executable and the entire kernel runs in supervisor mode. runs in ring 0
Microkernels
these are modular. Kernel functions are split up into modules. Modules often operate in ring 3.
Reference monitor
mediates access between all subjects and objects.
Linux and Unix file permissions
R -read
W - write
X - execute
Linux permisson levels
owner
group
world
Microsoft PErmissions
Read Write Read and Execute Modify Full Control
priveleged programs
UNIX and linux only. Program that has root access to a very specific set of file.s
Example - a user doesn’t have access to the password file.
The password program does though. So a user can change their own password with the passwd program.
Virtualization sec. issues
Multi guest on one host
If host is compromised, potentially so are all vms
IAAS
infrastructure as a service. i.e. linux server hosting, windows OS hosting. Phone system hosting.
PAAS
Platform as a service. Web service hosting.
SAAS
software as a service - webmail.
Grid computing
computers all over the world working together to process some goal/information.
Large scale parallel data system
Not sure how this is different from grid computing
Peer to peer
bittorrent, napster,
Thin client
PC without CPU or Memory. share centralized compute resources.
Diskless workstation.
uses network storage
Thin client apps
Use a web browser as a universal client.
