CSCI-UA.9480 Introduction to Computer Security Session 3.3 Systems - - PowerPoint PPT Presentation

csci ua 9480 introduction to computer security
SMART_READER_LITE
LIVE PREVIEW

CSCI-UA.9480 Introduction to Computer Security Session 3.3 Systems - - PowerPoint PPT Presentation

Jan 18, 2023 169 likes •420 views

CSCI-UA.9480 Introduction to Computer Security Session 3.3 Systems Security and Isolation Prof. Nadim Kobeissi Operating 3.3a System Security Basics 2 CSCI-UA.9480: Introduction to Computer Security Nadim Kobeissi Operating systems:

slide-1
SLIDE 1

CSCI-UA.9480 Introduction to Computer Security

Session 3.3

Systems Security and Isolation

  • Prof. Nadim Kobeissi
slide-2
SLIDE 2

Operating System Security Basics

2 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

3.3a

slide-3
SLIDE 3

Operating systems: protection rings.

  • Kernel runs in Ring 0.
  • Device drivers run in Ring 1.
  • Standard libraries run in Ring 2.
  • User programs run in Ring 3.
3 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-4
SLIDE 4

Examples.

4 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi Kernel Standard Library User Programs Device Driver libc
slide-5
SLIDE 5

What’s managed by an operating system?

  • Subjects: Users and processes.
  • Objects and resources: Files (system
integrity), hardware I/O (devices, private data), scheduling, network access…
  • In Linux:
○ /dev: Devices. ○ /etc: Configuration files ○ /usr: Libraries, etc. 5 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-6
SLIDE 6

Principle of least-privilege.

  • Services may need root access:
○ OpenSSH. ○ Apache, NGINX, Lighttpd… ○ Crond ○ Sendmail, Postfix
  • Minesweeper does not.
6 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-7
SLIDE 7

POSIX permissions model.

7 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
  • First letter: special mode operator.
○ d: Directory. ○ l: Symbolic link. ○ s: setuid/setguid. ○ t: sticky bit.
slide-8
SLIDE 8

POSIX permissions model.

8 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
  • First three letters: owner permissions.
  • Second three letters: group permissions.
  • Third three letters: public permissions.
  • Also represented using numbers:
○ 4: read. ○ 2: write. ○ 1: execute. ○
  • rwxrw-r-- = 764.
slide-9
SLIDE 9

Test your knowledge!

9 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

What does the permission code 600 represent?

slide-10
SLIDE 10

Test your knowledge!

10 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

What does the permission code 600 represent? Only the owner may read or write, but not execute. Group and public can do nothing. (-rw-------).

slide-11
SLIDE 11

Isolation in operating systems.

11 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
  • Chroot: Limits file system view.
  • FreeBSD jails, Linux containers:
○ Limit network access. ○ Limit file system, device access…
  • Virtualization.
slide-12
SLIDE 12

Intel Trusted Platform Module (TPM).

12 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-13
SLIDE 13

Intel Trusted Execution.

13 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-14
SLIDE 14

Intel Software Guard Extensions (SGX).

14 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-15
SLIDE 15

Case Study: Apple T2 Chip

15 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

3.3b

slide-16
SLIDE 16

Apple T2 Chip: Secure Enclave Component.

16 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi Secure enclave:
  • Self-contained, independent computer with
its own ”jurisdiction”.
  • Encrypted memory.
  • Hardware-based true random number
generator.
  • Even of system kernel/CPU is compromised,
Secure Enclave maintains integrity.
  • Resistant to reverse engineering/forensic
analysis.
slide-17
SLIDE 17

Apple T2 Chip: Secure Enclave Component.

17 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
  • Design benefits:
  • Hardware lock dependent on user
events/password entry.
  • Secure key wiping.
  • Brute force attack protection.
  • Fingerprint data stored inside Secure
Enclave, not visible to actual device.
  • Can hardware-disconnect microphone.
  • Encryption keys never exposed to CPU!
slide-18
SLIDE 18

Apple T2 Chip: Core Concepts.

18 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
  • File encryption engine built into the DMA
path between flash storage and main system memory. ○ DMA: Direct Memory Access (access RAM without going through CPU.)
  • Each Mac has a unique UID and AES keys
baked in at the factory. ○ Secure enclave design prohibits key extraction. ○ Keys generated within secure enclave.
slide-19
SLIDE 19

AES-XTS: Used only for disk encryption.

19 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi Goal: prevent targeted malleability (easier in other modes such as CBC, CTR.)
slide-20
SLIDE 20

Apple Secure Boot.

20 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi
slide-21
SLIDE 21

Test your knowledge!

21 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

Can you think of any daily use applications with keys that macOS would benefit from storing inside T2/Secure Enclave?

slide-22
SLIDE 22

Test your knowledge!

22 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

Can you think of any daily use applications with keys that macOS would benefit from storing inside T2/Secure Enclave?

slide-23
SLIDE 23

Test your knowledge!

23 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

Can you think of any daily use applications with keys that macOS would benefit from storing inside T2/Secure Enclave?

File encryption with APFS Long-term keys for encrypted calls Long-term keys For secure messaging Code signing keys
slide-24
SLIDE 24

Next time: Mobile Security

24 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

3.4