System Architecture - 3 main components
CPU � Central Processing UnitStorage devices � includes both long and short-term storage, such as memory and diskPeripherals � includes both input and output devices, such as keyboards and printer
ALU
Arithmetic Logic Unit - Performs mathematical and logical operations on the CPU ("brain of the CPU")
registerGeneral RegistersSpecial Registers
Temporary storage locationGeneral Registers - Hold variables and temporary results from ALU (scratch pad)Special Registers - dedicated registers hold information .. program counter, stack pointer, and program status word (PSW)
Control Unit
manages and synchronizes the system while different applications are running. Overseas instruction sets, fetches the code, interprets the coed (Traffic cop).
Program Counter Register
Contains the memory address of the next instruction to be fetched (secretary and boss)
Stack
Memory segment the process can read from and write to .. cafeteria trays ("last in, first off)
PSW
Program status word - holds condition bits. user mode (problem state) - for application instructionsprivileged mod (kernal or supervisor mode) - for operating system instructions
Address bus
A hardwired connection to the RAM chips in the system and the individual I/O devices (Cd-rom, USB, hard drive)
Data bus
The circuitry associated with the memory or I/O device recognizes the address the CPU sent down the address bus and instructs the memory or device to read the requested data and put it on the data bus.
Multi-Processing - Symmetric
The processors are handed work as needed.
Multi-processing - Assymetric
Dedicated processor for sensitive application. All other commands (other applications and operating system) are sent to other CPUs.
Processor evaluation
Microns - width of smallest wire on CPU chip Clock Speed - Speed at which it can execute instructionsData Width - The amount of data the ALU can accept and processMIPS - millions of instructions per second
mult-programming
More than one process can be loaded into memory at a time
multitasking Cooperative multitasking Preemptive multitasking
Cooperative - required the processes to voluntarily release resources they were using. If the application was the written correctly, the application would not give up resources.Preemptive - Operating system controls how long a procss can use a resource
Process Table
One entry per process. Records process state, stack pointer, memory allocation, program counter and status of open files in use.
Interruptsmaskablenon-maskable
When a device or process needs to communicate with CPU it waits for the interrupt to be called.Maskable - assigned to an interrupt event that is not very important and the program continues to process (ignores interrupt)Non-maskable Interrupts - can never be overridden by an application because the event that has the type of interrupt is critical
Thread
Individual instruction set and the dat that must be worked on by the CPU.
MultiprogrammingMultitaskingMultithreadingMultiprocessing
Multiprogramming - an OS can load more than one program in memory at one timeMultitasking - an OS can handle requests form several different processes and loaded into memory at the same timeMultithreading - An application has the ability to run multiple threads simultaneously.Multiprocessing - a computer has more than one CPU
Time multiplexing
Allows processes to use the same resources
Memory Manager
RelocationProtectionSharingLogical OrganizationPhysical Organization
base registerlimit register
base register - contains the beginning address that was assigned to teh processlimit register - contains the ending address
RAM
Random Access Memory - Temporary data storage facility where data and program instructions can temporarily be held and altered
DRAM
Dynamic RAM - Data being held in RAM memory cells are 'dynamically' being refreshed. (If not the charge w/in the capacitor would go out and you would lose the data).
SRAM
Static RAM - Does not use capacitors, uses transistors which can keep a charge. Because of this it is faster, but takes up more space on the RAMP chip. SRAM is more expensive and is used on the CPU chip. DRAM is cheaper and is used in the RAM chip.
SDRAM
Synchronous DRAM - Synchronizes itself with the system's CPU and RAM input and output - timing of the memory activities are synchronized - increases the sped of transmitting and executing data.
EDO DRAM
Extended Data Out DRAM - Faster than DRAM because DRAM can access only one block of data at a time. EDO DRAM can capture the next block of data while the first block is being processed. (look ahead feature)
BEDO DRAM
Burst EDO DRAM - works like EDO DRAM, but can send more data at one burst. It reads an send up to four memory addresses in a small number of clock cycles.
DDR SDRAM
Instead of carrying out one operation per clock cycle, can carry out two operations per clock cycle. Twice the throughput of SDRAM.
ROM
Read-only memory - nonvolatile memory type - when the power is turned off the data is still held in data chips.
PROM
Programmable Read Only Memory - Form of ROM that can be modified after it has been manufactured. Can only be programmed one time. The instructions are "burned int" PROM using specialized PROM programmer device.
EPROM
Erasable and programmable read-only memory - can be erased, modified, and upgraded.
Flash Memory
Solid-state technology, used more as a hard-drive than as memory
Cache memory
Type of memory that is used for high-speed writing and reading activities.
Memory MappingAbsolute AddressesLogical AddressesRelative Addresses
Absolute addresses - physical memory addresses that the CPU useslogical addresses - Indexed memory addresses that a software usesrelative address - Based on a known address with an offset value applied.
Operating System Protection Rings
Privileged state in the center ring. (Privileged mode). Less access in out rings for other applications (User Mode).
Monolithic Operating System Architecture
Made up of procedures that can be called upon (big mess, MS DOS). All kernal activity performed in privileged mode.
Layered Operating System Architecture
Seperates system functionality into an hierarchy (Layer 0, 1, 2, 3, etc), THE, VAX, VMS, Unix
execution Domain
A process in a privileged domain needs to be able to execute its instructions and process data without being interrupted by other processes
Programmed I/O
CPU send data to an I/O device adn polls the device to see if it is ready to accept more data. This wastes CPU time.
Interrupt-Driven I/O
The CPU sends a character over to the printer and then goes and works on anothe process request. The printer will send a message that it ready for the next character .. and so on .. The CPU is not waiting for each byte to be printed (programmable I/O) - CPU is wasting time with interrupts
I/O Using DMA
A way of transferring data between I/O devices and the system's memory without the using the CPU. The DMA controller feeds the characters to the printer without bothering the CPU (unmapped I/O.)
Premapped I/O
The CPU sends teh physical memory address of the requesting process to the I/O device, and the I/O device is trusted enough to interact with the contents of the meory directly. The CPU does not control the interaction between teh I/O device and memory.
Fully Mapped I/O
The OS does not fully trust the I/O device. The physical address is not given to the device. The device works purely with logical addresses and works under the security context of the requesting process.
TCB
Trusted Computing Base - total combination of protection mechanisms within the computer system. (hardware, software, and firmware) The system is sure these components will enforce the security policy.
Processes within TCB
Process Activation - activating a process - CPU fills registers with data relating to process( program counter, base and limit addresses, user/prvileged mode) Interupts called upon and process interactes with CPUExecution Domain switching - CPU switches from executing in privileged mode to user modememory protectionI/O protection
reference monitor
abstract machine that mediates all access subjects have to objects, subjects have the necessary access rights .. and to protect the objects from unauthorized access and destructive modification.E.g. Laws = reference monitor
The security kernel
The security kernal is the mechanism tha tactually enforcs the rules of the reference monior concept.The secrurity kernel must 1) isolate processes carrying out the reference monitor concept,2) must be teamperproof3) must be invoked for each access attempt4) msut be small enough to be properly tested
security domain
All othe objects available to a subject
Data hiding
Data hiding occurs when processes work at different layers and have layers of access control between them. Processes need to know how to communicate only with each other's interfaces.
state machine model
deals with the different states a system can enter. If a system starts in a secure state, all transacion sna d and shutdown and fails securely
Lattice Model
lattic model provides an upper bound and lower bound of authorized access for subjects
Information Flow security model
Information Flow security model does not permit data to flow to an object in an insecure manner.
Bell-Lapadula Model
Subject to object model - Objects you are able to accessUsed to provide CONFIDENTIALITYUsed primarily in Military systems3 main rules used and enforced:1) Simple security rule (no read up) - Subject cannot read data at a higher level2) The Star-property rule (no write down) - Subject cannot write data to a lower level3) Strong star property rule - Subject with read/write � only at same level
Biba Security Model
Deals Primarily with INTEGRITYTwo main rules used and enforced1) Star-integrity axiom (no write up) - Subject cannot write data to objects at higher level2) Simple integrity axiom (no read down) - Subject cannot read data from lower level Biba and Bell-LaPadula Model are informational flow models - Concerned with data flowing up or down levels
Clark Wilson Model
Addresses all 3 integrity model goals� Prevent unauthorized users from making modifications� Prevent authorized users from making improper modifications (separation of duties)� Maintain internal/external consistency (well-formed transaction)Dictacts that subjects can only access objects through applicationsclark wilson - it uses access triple, whic is subject-program-object
dedicated security mode
a system has only one level of data classification adn all users must have this level of clearance to be able to use the system.
compartmented and multilevel security modes
enable the system to process data classified at different classification levels
TrustAssurance
Trust - The system uses all of its protection mechanisms properly to process sensitive data for may types of users.Assurance - the level of confidence you have in this trust and that the protection mechanisms behave properly in all circumstances predicably.
The Orange Book/ TCSEC
Trusted Computer System Evaluation Criteria (TCSEC)Developed to evaluate systems built to be used mainly by the milatary. It was expanded to evalueate other types of products. deals maily with stand-alone systems, so a range of books were written to cover many other topics in security. These books are called the rainbow series
ITSEC vs. TCSEC
ITSEC vs. TCSECITSEC evaluations the assurancea dn functionality of a system's protection mechanisms seperately. TCSEC combines the two into one rating.
The Orange book, D
The system provides minimal protection and is used for systems that were evaluated but failed to meet the criteria of higher divisions.
The Orange book, C & C2
deals with discretionary protection (no security labels) C2 requires object reuse protection adn auditing
Orange Book B1 & B2
B1 - first rating that requires security lables. B2 - requries security labels for all subjects and devices, the existence of a trusted path, routine covert channel analysis, and the provision of sepearate administrator functionality
The Common Criteria
The Common Criteria was devleoped to provide globally recognized evaluation criteria and is in use today. It combines sections of the TCSEC, ITSEC, CTCPEC, and the Federal Criteria.Uses protection profiles and ratings from EAL1 to EAL7 (EAL7 - modeled assurance can be mathematically prove)
Security Architecture AttacksCovert Channel - Timing and Storage
Covert Channel - unintended communication path that transfers data in a way that violates the security policy. Timing & storageTiming - enables a process to relay information to another process by modulating its use of system resourcesstorage - enables a process to write data to a storage medium so another process can read it
Security Architecture AttacksA maitenance hook
A maitenance hook is developed to let a programmer into the application quicly for maitenance. This should be removed before the appplciation goes into proedction .. security riskCountermeasures - code review and QA and unit testing
TOC/TOU
Time-of-check/time-of-use. This is a class of asynchronous attacks.Countermeasures - Do not seperate tasks that can have their sequence alteredOS can apply software locks to items - check to see if the user is authorized before it opens a file
Buffer Overflow
I think I know this one