BIE-UKB Lecture 07 Notes: Operating Systems Security

Operating System Definition

• A.S. Tannenbaum - classical definition:
  • the software that runs in kernel/privileged mode (not always true et all!)
  • provides application programs with a clean abstract set of resources instead of the messy hardware ones
  • manages hardware resources - a resource manager
  • OS is an “Extended Machine”
• filesystem model, user rights, virtual memory, processes, multitasking …
• Driver - device-specific code interface for OS

Firmware

• SW closely coupled with HW
• loosely-defined
• Could be used as a part of a botnet
• Firmware vulnerability allows obtaining persistence for malicious software

Hypervisor

• according to the classical definition it is a (lightweight) OS - but NOT a “Complete” OS!
• HW abstraction & and full isolation of virtual machines

Hardware

• Cold-Boot
  • enabled by the Dram cell nature
• HW Trojans, supply-chain reliability/trustworthy
• Kill-switches
• Meltdown and Spectre
• Huawei/ZTE case in US/CZ - suspect legal environment in China
• Spectre and Meltdown:
  • https://www.youtube.com/watch?v=bs0xswK0eZk
  • https://www.youtube.com/watch?v=q3-xCvzBjGs

OS Security Rulea/Hardening

• Patch Management
  • Updates could break something
  • Necessary features could be removed
  • DMZ-first updates
  • Least-privilege
• Disable unused services and close unused ports
• SecureBoot
• Disc Encryption