Operating

System
Security
Recall… Abstract View of
Program
Operating System Security

Computer are rarely used in isolation

o Usually connected to some kind of network, Internet
etc.
Networked computers
o ensure secure operation in networked environment

New threat?
o Attackers coming from the network.
o Network-facing programs on computers may be buggy.
o Users may be hurt via online communication.

Security mechanisms
o Authentication; Access Control
o Secure Communication (using cryptography)
o Logging & Auditing
o Intrusion Prevention and Detection
Mobile Operating System Security

Mobile computing devices:

Mobile Operating System Security

Mobile computing devices:

New threat?
o Apps (programs) may be malicious.
o More tightly connected with personal life of
the user e.g. personal health and banking
apps.
Security mechanisms?
o Isolation of each app.
o Users assess risks of apps.
o Risk communication.

Google Play Protect

https://support.google.com/googleplay/answe
r/2812853?hl=en
Operating
System
Hardening
Operating Systems’ Risks
Vulnerability, Exploit, Patch…
Operating Systems Hardening

• The idea of OS hardening is to minimize a computer's exposure to current and

future threats by fully configuring the operating system and removing
unnecessary applications.
• Updates in Windows
• Patch Management System in Linux/Unix

• Basic steps
oInstall and patch the operating system
oHarden and configure the operating system to adequately address the
indentified security needs of the system by:
 Removing unnecessary services, applications, and protocols
 Configuring users, groups, and permissions
 Configuring resource controls
oInstall and configure additional security controls, such as anti-virus, host-based
firewalls, and intrusion detection system (IDS)
oTest the security of the basic operating system to ensure that the steps taken
adequately address its security needs
 Remove
Unnecessary
Services,
Applications, •When performing the initial installation
Protocols the supplied defaults should not be used
oDefault configuration is set to
maximize ease of use and
functionality rather than security

If fewer software packages are available

oIf additional packages are needed
later they can be installed when
to run the risk is reduced they are required
System planning process should identify
what is actually required for a given
system
 •System planning process should
consider:
Configure Users, oCategories of users on the system
Groups, and oPrivileges they have
Authentication oTypes of information they can
access
oHow and where they are defined
and authenticated

•Default accounts included as part of

the system installation should be
Not all users with access to a system secured
will have the same access to all data
and resources on that system oThose that are not required should
be either removed or disabled
Elevated privileges should be
restricted to only those users that
oPolicies that apply to authentication
credentials configured
require them, and then only when
they are needed to perform a task
 Install
Configure
Additional
Resource
Security
Controls
Controls

Once the users and groups are

defined, appropriate permissions can •Further security possible by
be set on data and resources installing and configuring additional
security tools:
Many of the security hardening guides oAnti-virus software
provide lists of recommended changes oHost-based firewalls
to the default access configuration oIDS or IPS software
oApplication white-listing
 •There are programs specifically
designed to:
Test the System oReview a system to ensure that a
system meets the basic security
Security requirements
oScan for known vulnerabilities and
poor configuration practices

•Should be done following the initial

hardening of the system

•Repeated periodically as part of the

•Final step in the process of initially security maintenance process
securing the base operating system
is security testing
•Goal:
oEnsure the previous security
configuration steps are correctly
implemented
oIdentify any possible
vulnerabilities
 Security
Maintenance
Security Maintenance

Process of maintaining security is continuous

Security maintenance includes:
oMonitoring and analyzing logging information
oPerforming regular backups
oRecovering from security compromises
oRegularly testing system security
oUsing appropriate software maintenance processes to patch and update all
critical software
Logging
Logging
In the event of a system
Key is to ensure you capture
Can only inform you about breach or failure, system
the correct data and then
bad things that have already administrators can more
appropriately monitor and
happened quickly identify what
analyze this data
happened

Generates significant volumes

of information and it is
Information can be generated Range of data acquired should important that sufficient
by the system, network and be determined during the space is allocated for them
applications system planning stage • automatic log rotation

Automated analysis is
preferred
Data Backup
and Archive
Data Backup and Archive
Performing Needs and
regular backups Backup Archive policy relating
of data is a to backup and
critical control archive should
that assists with The process of be determined
The process of
maintaining the making copies
retaining copies
during the
of data over
integrity of the of data at extended system
system and user regular periods of time
intervals in order to meet planning stage
data legal and
operational
May be legal or requirements to
operational access past data
Kept online or
requirements
offline
for the
retention of
data

Stored locally
or transported
to a remote
Example: Attack on an Australian site
• Trade-offs include
hosting provider in early 2011 ease of
implementation and
cost versus greater
security and
robustness against
different threats
Linux/Unix
Security
Linux/Unix Security

Patch Management
oKeeping security patches up to date is a widely recognized and critical control
for maintaining security
o Debian based distribution e.g. Ubuntu…include apt-get
o RPM… Redhat based distribution e.g. Fedora…include up2date or yum
• Application and service configuration
o Most commonly implemented using separate text files for each application and service
o Generally located either in the /etc directory or in the installation tree for a specific application
oIndividual user configurations that can override the system defaults are
located in hidden “dot” files in each user’s home directory
oMost important changes needed to improve system security are to disable
services and applications that are not required
Linux/Unix Security

Users, groups, and permissions

oAccess is specified as granting read, write, and execute permissions to each
of owner, group, and others for each resource
o These are set using the chmod command.
Linux/Unix Security

oGuides recommend changing the access permissions for critical directories

and files

oLocal exploit
 Software vulnerability that can be exploited by an attacker to gain elevated
privileges
oRemote exploit
 Software vulnerability in a network server that could be triggered by a
remote attacker
Windows
Security
Windows Security

Patch management Users administration and access controls

• Systems implement discretionary access
• “Windows Update” and “Windows
controls resources
Server Update Service” assist with
• Vista and later systems also include
regular maintenance and should be
mandatory integrity controls (MIC)
used
• Objects are labeled as being of low,
• Third party applications also provide medium, high, or system integrity level
automatic update support • System ensures the subject’s integrity is
equal or higher than the object’s level

Mandatory Integrity Control (MIC) provides a

mechanism for controlling access to
securable objects. This mechanism is in
addition to discretionary access control and
evaluates access before access checks
against an object's discretionary access
control list (DACL) are evaluated
 Mandatory Integrity Control (MIC) provides a
mechanism for controlling access to

Windows Security securable objects. This mechanism is in

addition to discretionary access control and
evaluates access before access checks
against an object's discretionary access
control list (DACL) are evaluated

MANDATORY INTEGRITY DISCRETIONARY ACCESS

CONTROL (MIC) CONTROL LIST (DACL)
MicEnum Tool, Mandatory
Integrity Control Enumerator
Resources
Admin/Owner

Users
Windows Security

Application and service configuration

• Much of the configuration

information is centralized in the
Registry

• Forms a database of keys and values

that may be queried and interpreted by
applications

• Registry keys can be directly

modified using the “Registry
Editor”

• More useful for making bulk changes

Windows Security
Other security controls
• Essential that anti-virus, anti-spyware, personal firewall, and
other malware and attack detection and handling software
packages are installed and configured
• Current generation Windows systems include basic firewall and
malware countermeasure capabilities
• Important to ensure the set of products in use are compatible

Windows systems also support a range of cryptographic

functions:
• Encrypting files and directories using the Encrypting File System
(EFS)
• Full-disk encryption with AES using BitLocker