Page 297 - DCAP103_Principle of operating system
P. 297
Principles of Operating Systems
Notes In computer security, mandatory access control (MAC) refers to a type of
access control by which the operating system constrains the ability of a
subject or initiator to access or generally perform some sort of operation on
an object or target.
9.1.5 Cryptographic Access Control
The advent of International Networking spread the security concerns outside the usual realm
of the operating system, to the data that was moving to and from the system over the network.
The ability to mimic a valid data packet meant that data could be changed enroute simply by
rerouting the valid packet, and replacing it with an invalid packet. As a result, security had to
be spread not only to the local system, but also to all critical correspondence between systems.
At first such mechanisms were implemented by sending digests of the original data as part of
the data stream, under the assumption that a changed packet would not fit the original digest.
However it was found that digests were not cryptographically secure and could be fooled
into thinking that data was valid when it was not. As well, sending data in clear meant that
someone in an intervening system could read the packet with a packet sniffer, and learn what
the information was.
The idea when this was determined became to cryptographically protect the data, which would
at least, it was hoped, slow down the reading of the mail, and cryptographically secure the
digest, so that it could not be fooled as easily.
9.2 Security Problem
Even casually computer savvy users these days know about beware of security threats on the
Internet. They know that the online universe is a crawl with computer viruses, worms, Trojan
horses and other malicious bits of code, and if they are prudent, they have equipped their
computers with up-to-date anti-virus and firewall software for repelling these invaders. They
are leery of unsolicited e-mail attachments, and careful about the websites they visit. They have
probably heard about (or experienced) “denial of service” attacks in which malicious hackers
direct thousands of computers to bombard a company’s servers with requests to shut them
down. They probably even know not to fall for “phishing” scams in which hyperlinks take users
to phony sites posing as legitimate banks and credit card companies for the purpose of stealing
passwords and account information.
What few in the public realize, however, is that the Internet is vulnerable to much deeper levels
of fraud-ones that exploit fundamental security gaps in the network protocols themselves. These
attacks, often called “pharming,” are all but impossible for individuals to guard against or even
detect. They represent a growing threat to personal, corporate and national security that the
federal government needs to address urgently.
Consider, for example, the defenselessness of the domain name system (DNS), the Internet’s
version of “411 information”. When you type a “www.” style name into your browser software,
the browser converts it into an IP address, a string of digits that is the equivalent to a phone
number. It gets the IP address by contacting a local name server, typically operated by your
Internet service provider. Unlike telephone numbers, however, which are often valid for several
years, IP addresses change frequently and so the IP address comes with an expiration date,
known as a “time to live” (or TTL). On the Internet, TTLs are typically measured in seconds,
hours or days, even if the associated IP address does not change that often. If a local name server
receives a request for an “expired” DNS name, it in turn queries a hierarchy of other servers,
keying its request to two 16-bit identification codes—one for a transaction ID and other for a
port number. Unfortunately, the port number is often predictable, and so it becomes possible
for a cyberthief to produce a likely match to both codes by generating a relatively small number
of answers (say 65,536).
290 LOVELY PROFESSIONAL UNIVERSITY
