Security Architecture and Design Chapter 4 Part 2 Pages 319 to 357.
23
Security Architecture and Design Chapter 4 Part 2 Pages 319 to 357
-
Upload
rosemary-caldwell -
Category
Documents
-
view
223 -
download
0
Transcript of Security Architecture and Design Chapter 4 Part 2 Pages 319 to 357.
Security Architecture and Design
Chapter 4Part 2
Pages 319 to 357
Virtual Memory
Virtual Memory
Process Isolation
• Protects processes from each other.• Encapsulated – no other process has access to
another process’ internal code.• Data Hiding – no other process knows how a
process work• Interact with another process through its API
Time Multiplexing
Name Distinction
• Process ID (PID)
RAM
• Dynamic Random Access Memory• Millions of transistors and capacitors• Capacitor stores 1 or 0• 1 = several electrons stored in it• Need to be read and rewritten regularly
Static RAM (SRAM)
• Does not require continuous refreshing• Faster than DRAM• More expensive and smaller capacity• Used for Cache memory
Memory Management
Dynamic Link Libra (DLL)
• Crypt32.dll
Buffer Overflow
Buffer Overflow
Buffer Overflow
char buf[10];gets(buff)
Memory Protection Techniques
• Windows “Address Space Layout Randomization”
• Randomly rearrange key data areas in memory– Starting address of function– Stack address– Libraries
• Prevents attackers guessing through trial and error
Prevent Buffer Overflow
• Use Java or C#• Buffer = new char[10];• Buffer[20] causes an exception to be thrown
Memory Leak
• Languages like C++• Buffer = new int[100];• Delete(buffer);• Can be used for a Denial of Service Attack
(DoS)• Java and C# have garbage collection
I/O Device
• Block devices– Disk– Transfers sectors
• Character devices– Printers, mouse– Stream of characters
I/O
• Handled by the OS device driver• Communicates with the device controller
Interrupts
• OS schedules I/O• I/O with Direct Memory Access• Devices sends an interrupt when I/O is
completed• OS moved process from blocked to waiting• OS schedules next I/O on device
CPU Architecture
• Figure page 343
Ring Architecture
• Figure 4-15 on page 344• OS Kernel– Communicates with I/O devices– Schedules processes– Handles interrupts
• Application Program Interface (API)• Windows only uses Rings 0 and 3• Attack: replace DLL with malicious code
Operating System Architecture
• Monolithic– Figure 4-16 on page 347
• Microkernel Architecture– Figure 4-18 on page 350– Small kernel– Operating systems utilities are invoked in user
mode
Virtual Machines
• Figure 4-21 on page 356• List on pages 356-7
