Return to book
Review this book
About the author
Introduction
1. Access Control
2. Authentication
3. Biometrics
4. Crypto Engineering
- 4.1. Software Crypto
- 4.2. Hardware Crypto
5. Malware
- 5.1. Virus
- 5.2. Worm
- 5.3. Trojan Horse
- 5.4. Writing Virus
- 5.5. Rootkits
- 5.6. Anti-virus software
- 5.7. Inside popular software
6. Protecting Clients
7. Security and Usability
- 7.1. User Interface (UI)
- 7.2. Passwords
- 7.3. Cognitive Experiment
- 7.4. Insider Attacks
8. Secure Programming
- 8.1. Buffer overflow
  - 8.1.1. Buffer Overflow Protections
  - 8.1.2. Exploit Buffer Overflow
- 8.2. Secure C practice
- 8.3. secure-sensitive program
9. Physical Security
10. (Web Service) Architecture
- 10.1. Contents and Scripts
11. Confinements
- 11.1. chroot
- 11.2. JVM
- 11.3. Network Identity
- 11.4. Virtual Machine
- 11.5. Sandbox
12. Program Structure
- 12.1. Case study: 4.3BSD FTP Daemon
- 12.2. Case study: mailer
- 12.3. Case study: Web Browser
13. Security Analysis
- 13.1. Construction vs. Destruction
- 13.2. Analyze individual programs
- 13.3. Analyze overall system
- 13.4. Software Engineering Code of Ethics
- 13.5. Tools part 1: OS system calls
- 13.6. Tools part 2: fuzzing and more
- 13.7. Reconnaissance
14. The Internet of Things
- 14.1. Embedded Systems (Smart Devices)
- 14.2. Internet of Things Architecture
- 14.3. Case study: Thermostat
15. Logging
- 15.1. Loggin in practice
- 15.2. Log Incidents
- 15.3. Case study: PHP4 web server attack
16. After An Attack
- 16.1. Analyze a hacked system
- 16.2. Deleted Files
- 16.3. Monitor Intrusion
- 16.4. Conclusion
17. System Structure
- 17.1. Case study: build an e-commerce
- 17.2. Network Operation Center
- 17.3. Router Link Weakness
- 17.4. Remote Access
- 17.5. Question: store credit card number in database?
- 17.6. General Principle
18. Exams
- 18.1. Fall 2014 Midterm
- 18.2. Fall 2013 Midterm
- 18.3. Fall 2010 Midterm
- 18.4. Fall 2008 Midterm

Security Architecture and Engineering

Case study: Web Browser

Challenges:

Structural separation of programs
Backwards compatibility
- E.g Windows Vista and IE 6
  
  Windows started to use sandboxing, so browser has less priviledges.

Components of web browser security

User Account Control (UAC)
Mandatory Integrity Control (MIC)
User Interface Priviledge Isolation (UIPI)

User Account Control

Eliminate need to log in as Adminstrator
If you want to perform priviledged action, you need to provide adminstrator's key.

Mandatory Integrity Control

Security design by Microsoft

Process had different levels of priviledges

Low-priviledge process can not write to protected files

Priviledge is inherited

"no write down"

Virtualization

Historically many Microsoft code is old, and designed without much thoughts in security.

Many existing Microsoft code wants to write files: cache, temp files, cookies, history, registry, etc.

Rather than rewrite whole codebase, Microsoft added a layer that virtualizes these function: when you try to write a file with low priviledge, you are writing to a copy of the file, save somewhere, then swap file can replace old file. Pay down tech debt.

Software update (security update) vs. User convenience: don't annoy users!

User Interface Priviledge Isolation

Access control for message passing: prevent low-priviledge process to send message to high-priviledged process.

Microsoft: separate Ineternet Explorer from Windows Explorer(i.e. restored the distinction between net and desktop)

Securing web browser

Firefox runs as one process Chrome and IE 8 use a process per tab.