Return to book
Review this book
About the author
Introduction
1. Access Control
2. Authentication
3. Biometrics
4. Crypto Engineering
- 4.1. Software Crypto
- 4.2. Hardware Crypto
5. Malware
- 5.1. Virus
- 5.2. Worm
- 5.3. Trojan Horse
- 5.4. Writing Virus
- 5.5. Rootkits
- 5.6. Anti-virus software
- 5.7. Inside popular software
6. Protecting Clients
7. Security and Usability
- 7.1. User Interface (UI)
- 7.2. Passwords
- 7.3. Cognitive Experiment
- 7.4. Insider Attacks
8. Secure Programming
- 8.1. Buffer overflow
  - 8.1.1. Buffer Overflow Protections
  - 8.1.2. Exploit Buffer Overflow
- 8.2. Secure C practice
- 8.3. secure-sensitive program
9. Physical Security
10. (Web Service) Architecture
- 10.1. Contents and Scripts
11. Confinements
- 11.1. chroot
- 11.2. JVM
- 11.3. Network Identity
- 11.4. Virtual Machine
- 11.5. Sandbox
12. Program Structure
- 12.1. Case study: 4.3BSD FTP Daemon
- 12.2. Case study: mailer
- 12.3. Case study: Web Browser
13. Security Analysis
- 13.1. Construction vs. Destruction
- 13.2. Analyze individual programs
- 13.3. Analyze overall system
- 13.4. Software Engineering Code of Ethics
- 13.5. Tools part 1: OS system calls
- 13.6. Tools part 2: fuzzing and more
- 13.7. Reconnaissance
14. The Internet of Things
- 14.1. Embedded Systems (Smart Devices)
- 14.2. Internet of Things Architecture
- 14.3. Case study: Thermostat
15. Logging
- 15.1. Loggin in practice
- 15.2. Log Incidents
- 15.3. Case study: PHP4 web server attack
16. After An Attack
- 16.1. Analyze a hacked system
- 16.2. Deleted Files
- 16.3. Monitor Intrusion
- 16.4. Conclusion
17. System Structure
- 17.1. Case study: build an e-commerce
- 17.2. Network Operation Center
- 17.3. Router Link Weakness
- 17.4. Remote Access
- 17.5. Question: store credit card number in database?
- 17.6. General Principle
18. Exams
- 18.1. Fall 2014 Midterm
- 18.2. Fall 2013 Midterm
- 18.3. Fall 2010 Midterm
- 18.4. Fall 2008 Midterm

Security Architecture and Engineering

Confinements

Why Confinements (Separated Components)

Isolation components to ensure security.

If the machine is compromised, the privileged will be set up against you.

Limit each application to a small subset of the system's resources.

Resources to protect

CPU time

Real and Virtual memory

Disk space

Network Identity

Network Access rights...

Limits of isolation

Trade-off: isolation means more security and more complexity.
"No read up, no write down": communicate IO down using something other than "write". Example: create and delete files in a shared directory.
Covert channels:
1. Prevent leakage of information between a high-security process and a low-security process.
Storage channels:
1. Modulate some share resources: e.g create and delete files in a shared directory
Timing channels:
1. modulate system timing in detectable way.
2. receiver times I/O operations.
Password-checking channel:
1. Old OS checks password byte by byte.
2. It returned a failure indication as soon as a byte didn't match -> the time difference leaks information on which byte of password is guessed correct to $A$ .
Limit covert channels:
1. bandwith-limit, cap the rate at which certain operations can be done.
2. add noise (randomization?)