Explain the difference between a program and a process. What information makes up the process state?
Program is a group of instructions; process is a running program
The process state will include the program’s RAM contents, program counter, and other related data being used inside the CPU.
Explain what happens
when the CPU switches from
one process to another. SWITCHING PROCESS
- Save the program counter for the stopped process
- Save other CPU data from stopped process
- Locate the “saved state”
- Load the saved CPU data
- Load the program counter with the starting process’ program counter
Three major components of the
I/O management
- file management: hard drives & mass storage
- user interface management: keyboards & GUIs
- network protocols - connect to other computers
What is a worm? What was the intended goal of the Morris worm? What was its
actual effect?
A worm is a form of malware.
The worm was designed to infect each computer once, the restricting code didn’t work.
Each computer was infected hundreds of times and became unusable
attack case study contents
- overview: summarizes the attack
- perpetrator: brief description of threat agent
- attack scenario: as described previously
- risk management: how preattack risk management steps affected the attack’s outcome
- references: consolidated list including those from the attack scenario
what is open design principle
we open our systems for third-party analysis to help ensure their effectiveness
what is kerckhoff’s principle
rely on changeable secret, but make the rest of the design public and open to review
How does a computer maintain its Chain of Control
- start the computer using BIOS that maintains our security policy
- if the software we start can start otehr software, then the other software either:
- complies with the security policy, or
- is constrained from violating the policy via access restrictions or other mechanisms
Identify the basic hardware features a CPU must have in order to reliably protect processes from one another.
program modes
ram protection
Identify the basic hardware features an OS must have in order to reliably protect processes from one another.
program dispatcher
memory manager
user identities
two program modes
kernel or supervisor mode
- for highly privileged OS programs with full CPU access; allows full access to RAM
- dangerous!
user mode
- for most programs and all applications
- CPU blocks any attempt to use kernel mode instructions
OS Security features:
- processes must take turns
- processes are assigned different parts of RAM
- processes can’t damage other areas of RAM
- user-oriented interface and access controls
difference of requirements and control
requirements say what we want for protection
controls say what we get
Describe the format and contents of an access matrix
a way to specify access permissions
- rows for resources or ram
- columns for active entities or processes
Security plan contains the details
- list of assets
- full risk assessment
- prioritized list of risks
- security requirements
- implementation
