Operating Systems

• The OS is the first line of defense against many attacks.
  • This might be debated.
  • Networks might be another first line.
  • People might be another
• But what is very clear, the os performs MANY security functions.
• And because of its centrality and importance it is a target of many attacks.
  • A successful attack against an OS renders the entire system open and vulnerable.
• They start out by pointing out that an OS can be found everywhere.
  • Computers of course.
  • But game machines.
  • Your phone, but that is clearly a computer.
  • Lego Mindstorm Robot
  • GPSR, Camera, specialized consumer devices.
  • Printers, network switches, other utility devices.
  • Your car
    • Watch This
    • The full story is amazing.
  • Or even your implanted medical devices
• Research and Development vs Production
  • A research group would build a insecure device while experimenting.
  • This should be cleaned up in production but usually isn't until someone shows the company that this is a problem.
• What does a OS do? (Cyber security focused)
  • Enforced sharing:
    • Memory, Disk, CPU, Devices
    • Need to be protected, access limited to those using them at a given time.
    • And need to be cleaned when the user stops using them before the next user starts.
  • Inter process Communication and Synchronization
    • Programs transfer data and other information.
    • The operating system facilitates this.
    • And protects the integrity of the communications.
  • Protection of OS Data
    • Like passwords, access lists, ...
  • Fair Service
    • No process starves
  • Interface to hardware
    • EVERYTHING goes through the OS.
    • No two processes can use a printer at the same time.
    • Even time on the CPU is controlled.
  • User Authentication
  • Memory Protection
• If the OS is compromised, all of the above can lead to trouble.
  • IE Everything is vulnerable.
• A brief history of OS
  • NO OS
    • Load the program to run
    • Run the program.
    • Clear memory, repeat
  • Single Users - executives
    • A simple utility really.
    • Designed to assist in loading and linking
  • Multi programming or Shared Use
    • Multi programmed Operating system or (Monitor)
    • Multi user
    • The OS Was in charge.
    • Much security theory was developed in these days.
  • Personal computer era
    • Original personal OSs tended to be designed to be single user, not networked, no sharing.
  • Multitasking
    • The illusion or even reality of multiple processors.
    • Processes , threads, ...