Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
47 Cards in this Set
- Front
- Back
|
System Architecture
|
-formal tool to design comp. systems in a manner that ensures the stakeholders' concerns are addressed
-Different views, represented by system components and relationships -functionality, performance, interoperability, security |
|
|
ISO/IEC 42010:2007
|
-How system arch. frameworks and their description languages are to be used
|
|
|
CPU control unit
|
-timing of the execution of instructions and data
|
|
|
ALU
|
performs mathematical functions and logical operations
|
|
|
Memory managers, protection mechanisms
|
-base(beginning) and limit(ending) addressing
-Address space layout randomization -data execution prevention |
|
|
OS addressing memory schemes
|
-Absolute(hardware)
-logical(indexed) -relative(indexed addresses, including offsets) |
|
|
Buffer overflow vulnerabilities
|
Counter: bounds checking
|
|
|
Garbage collector
|
software tool that releases unused memory segments to help prevent "memory starvation"
|
|
|
Processor families
|
Work within different microarchitectures to execute specific instruction sets
|
|
|
Monolithic OS
|
-old
-all code in kernel mode layer -components communicated in ad hoc manner |
|
|
OS architectures
|
-monolithic
-microkernel -hybrid kernel |
|
|
Mode transition
|
-user to kernel mode
|
|
|
Ringed Architecture
|
-lower rings = more trusted
-vice versa |
|
|
OS processes
|
-executed in privileged or supervisor mode
-applications user mode "problem state" |
|
|
Virtual storage(swap, paging)
|
-Combines RAM and secondary storage, so the system seems to have a larger bank of memory
|
|
|
Security mechanisms
|
-more complex=less assurance
|
|
|
TCB
|
collection of system components that enforce the security policy directly and protect the system
-Within the security perimeter -hardware, software, firmware |
|
|
Security perimeter
|
-imaginary boundary
-trusted inside, untrusted outside |
|
|
Reference monitor
|
-abstract machine
-Ensures subjects have Access rights b4 accessing objects -mediates access |
|
|
Security Kernel
|
-isolate processes carrying out the reference monitor concept
-tamperproof -invoked on each access attempt -small enough to be properly tested |
|
|
Process isolation
|
-through segmented memory addressing
-encapsulation of objects -time multiplexing of shared resources -naming distinctions -virtual mapping -multiple processes can run concurrently and the processes will not interfere with each other or affect each others memory segments. |
|
|
Level of security
|
How well it enforces security policy
|
|
|
Multi-level security system
|
-processes data at different classifications
-users w/ different security levels can use the system |
|
|
Data hiding
|
-Processes work at differing security levels
-communicate only through secure APIs -Encapsulation |
|
|
Security Model
|
-maps abstract goals fo a security policy to computer system terms and concepts
-Gives security policy structure and provides a framework for systems |
|
|
Closed system
|
-proprietary
|
|
|
open system
|
-interoperability
|
|
|
Bell-LaPadula
|
-Confidentiality
-simple security rule = no read up -*-property rule = no write down -strong * property rule = R/W at same security level -Gov./military |
|
|
Biba
|
-integrity
-No write up -No read down -Commercial sector -only 1 integrity goal: prevent unauth'd users from making mods. |
|
|
Clark-Wilson
|
-integrity
-Commercial sector -Access only through applications -provisions for separations of duties and requires auditing tasks in software -all 3 integrity goals: unauth'd users from making mods; prevent authorized users from improper mods; maintain internal and external consistency |
|
|
State-machine model
|
-Different states a system can enter
-Start in secure state -if shutdown and fails securely, will never end up in an insecure state |
|
|
Lattice model
|
upper bound and lower bound of authroized access for subjects
|
|
|
Info Flow security model
|
-does not permit data to flow to an object in an insecure manner
|
|
|
Dedicated Security mode
|
-1 level of data classification
-All users must have this clearance level |
|
|
Trust
|
-system uses all of its protection mechanisms properly to proce3ss sensitive data for many types of users.
-Assurance level of this trust |
|
|
Orange Book/ TCSEC
|
-evaluate systems built mainly for govennment
-Standalone systems -Rating= combination of Functionality/Assurance |
|
|
Rainbow Series
|
-Evaluate networking and other security bases
|
|
|
ITSEC
|
-Assurance/functionality of a systems protection mechanisms separately
|
|
|
Common Criteria
|
-globally recognized
-combines TCSEC, ITSEC, CTCPEC, and Federal Criteria -protection profiles, security targets, and ratings(EAL1 to EAL7) -provide assurance ratings for TOE(targets of evaluation) -based off of ISO/IEC15408 |
|
|
Certification
|
-Technical eval of a system/product and its components
|
|
|
Accreditation
|
-Mgmts formal approval and acceptance of the system provided by a system
|
|
|
ISO/IEC15408
|
Basis for eval of security properties of products under CC
|
|
|
Covert channel
|
-unintended communication path
-transfers data in a way that violates security policy |
|
|
Covert timing channel
|
enables a process to relay info to another process by modulating its use of system resources
|
|
|
Covert storage channel
|
enables a process to write data to storage so another process can read it
|
|
|
Maintenance Hook
|
developed by programmer into app for quick maintenance
-bypasses normal AC -should be removed b4 production |
|
|
TOC/TOU
|
time of check/time of use
-asynchronous attacks |
