8. OS Security Boundaries - notes for the examination.pdf
(
4356 KB
)
Pobierz
W
c
Security
Boundaries
Security
Boundaries
Introduction
Microsoft’s
Trustworthy Computing was
launched in 2002 to ensure the security,
confidentiality and reliability of data processing
The initiative defined
the concept of a
Windows security boundary.
Security
Boundaries
Introduction
To qualify as a system security boundary,
a
system element has to meet the following
requirements:
•
The element must be security-critical: it
has to be worth protecting
•
The policy defining its operation must be
specified clearly
•
Even if the policy does not have to cover
every possible data transfer method, every
boundary violation possibility must be
defined and evaluated
Security
Boundaries
Introduction
Security boundaries are costly:
•
They hinder a program’s operation and
may reduce the functionality of a system
•
All boundary violations are considered
equivalent to detecting a system
vulnerability
There are
fewer security boundaries in
Windows than it would seem
Policies
Code, Data
Code, Data
Three core and
earliest security boundaries
Computer
The role of this
security boundary, the
physical computer, is to:
•
Control the starting and running of
programs whose source is not the
computer itself (files from LAN, WAN and
the Internet)
•
Control all data sent and received by the
programs
It does not offer protection from local
attacks
Internet, WAN, LAN
IE,
Services
Computer
Plik z chomika:
art.w
Inne pliki z tego folderu:
1. Operating systems security - introduction.mp4
(49226 KB)
1. Operating systems security - introduction.vtt
(9 KB)
10. EXERCISE Vulnerability attacks.mp4
(48754 KB)
10. EXERCISE Vulnerability attacks.vtt
(9 KB)
11. EXERCISE Identifying suspicious processes.mp4
(30693 KB)
Inne foldery tego chomika:
1. IT Security Trends
10. Risk Management
11. Defence in Depth
12. Disaster Recovery
13. Application Security
Zgłoś jeśli
naruszono regulamin