BIE-UKB Lecture 07 Notes: Operating Systems Security
Operating System Definition
- A.S. Tannenbaum - classical definition:
- the software that runs in kernel/privileged mode (not always true et all!)
- provides application programs with a clean abstract set of resources instead of the messy hardware ones
- manages hardware resources - a resource manager
- OS is an “Extended Machine”
- filesystem model, user rights, virtual memory, processes, multitasking …
- Driver - device-specific code interface for OS
Firmware
- SW closely coupled with HW
- loosely-defined
- Could be used as a part of a botnet
- Firmware vulnerability allows obtaining persistence for malicious software
Hypervisor
- according to the classical definition it is a (lightweight) OS - but NOT a “Complete” OS!
- HW abstraction & and full isolation of virtual machines
Hardware
- Cold-Boot
- enabled by the Dram cell nature
- HW Trojans, supply-chain reliability/trustworthy
- Kill-switches
- Meltdown and Spectre
- Huawei/ZTE case in US/CZ - suspect legal environment in China
- Spectre and Meltdown:
- https://www.youtube.com/watch?v=bs0xswK0eZk
- https://www.youtube.com/watch?v=q3-xCvzBjGs
OS Security Rulea/Hardening
- Patch Management
- Updates could break something
- Necessary features could be removed
- DMZ-first updates
- Least-privilege
- Disable unused services and close unused ports
- SecureBoot
- Disc Encryption