New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Computer Security

by: Libby Kuhlman

Computer Security CSE 543

Libby Kuhlman
Penn State
GPA 3.53


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in Computer Science and Engineering

This 0 page Class Notes was uploaded by Libby Kuhlman on Sunday November 1, 2015. The Class Notes belongs to CSE 543 at Pennsylvania State University taught by Staff in Fall. Since its upload, it has received 20 views. For similar materials see /class/233115/cse-543-pennsylvania-state-university in Computer Science and Engineering at Pennsylvania State University.

Similar to CSE 543 at Penn State

Popular in Computer Science and Engineering


Reviews for Computer Security


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 11/01/15
OUHINE Access control matrix ACL capabilities gt Implementation and issues of capabilities aplementation and issues of access llers 39 Lampsori s Access control matrix model 7 Sparse matrix how to store 131911223 column Access Control List dip iri acl obj principal p nger proof row Capabilities chars keys w ops INTUITIVELY 0 Each has its advantages and disadvantages 0 When do ACLs make more sense Given an object What subjects can access it and how Owned objects Eg file management 0 When do capabilities make more sense Given a subject What objects can it access and how Functionalities capabilities of a process object space of a process memory management 7 APPLICATIONS OF CAPABILITIES AND ACLS 0 Capabilities Page table entry File descriptors Passwords Java object reference can t forge because of Java s type safety 0 ACL UniX file or process permissions 1 Pure capabilitybased systems Eg EROS UHU UPenn CAP Cambridge 0 Pure ACL based system 0 Typically hybrid SYSTEM ARCHITECTURE Segmented memory Objects memory segments Descriptors For mapping segments to physical address Can be used as a capability for protection base Unique segment id limit Correlate With segment registers and segment table re llsth mews t nn i l wra m U t fes ir q MEIE News a 54mm e WI E sl39 L 39y praee sanl x ifi39 l 1 1mm in a I 39H mam23mm diestflw m Eii39giIE39I39HP39Ev H w unuqee aegis1er m U 392 ad time we rectum desewpa wvr 613 iirnq rir rf mm Ham TAGGED ARCHITECTURE 0 Capability can be stored anywhere in memory 9 Every word in a memory has an extra bit capability or data 0 Flexibility process can store its capabilities wherever it wants v9 DisadV hardware support search time Eg IBM As400 Assumed m tbz spaper as it s the general raw 39 k 7 PROTECTED MEMORY 0 Place capabilities in memory space readable by user processes but not changeable 0 Efficient if all capabilities for a process are placed together in one or more segments C lists No extra hardware required 3 Eg UniX region table WORKING OF THE SYSTEM szqmz ltd mm 1 Supervisor Wants to schedule e process A 2 It possesses capability for prog A code segment 3 It has capability for camlog of user of A capability segment 7 segment mble 7 loads them in protection Exam m description regs V Starts running process A c5 rm 7 does not clear the registers further capabilities COMPLETE PICTURE 0 Need to authenticate the user running the process Supervisor s 1 Supervisor s authentication process runs Vvagggsgs With the capability for UID table 39383988 space 2 User logs in providing his password 3 If authenticated supervisor does the following i clears the prot desc reg capability for catalog wads the capability for the user s that catalog 7 ma marmom iii Loads the capability of a prog V belonging to the user 5m EDIE wel mhi 2 typically the entry code segment L iv Starts running process DJ 5L1 swung 57m 2r L with wss capah lug F 1 153 Mervs zf39ims39i n Iwuhla mum w zg E El El 3 l39 nh lfy tufu aq har39rl tt 5mm EE39S l39 E 539 I wetszh gr 5 gzrnenl Mn t p h r tar 5 3nger irargmm El minim fair Eii eigh data base aeqmani much fm Snagmarl B H 3quot ail ITEM risu M321 I cam mg 1m in base K segment hams 39zana far seam i DYNAMIC SHARING 0 We need a special communication segment between pairs of users to pass the capability 0 If there are N users 0N2 extra segments 0 Can use a mailbox segment for each receiver Where each sender places the capability 0N Mailbox must be able to associate sender s id With the capability Must be able to associate the receiver s id With ISSUES Users can copy capabilities dynamically thout any constraint There s no control of propagation guilt to review Which users have access segment cation of capabilities is a problem in tagged architecture QUICKFIXES ACCESS CONTROL SYSTEM ramk mg zdm irfeiasf it is gm i r m m i a a f g m 51H mamm V H 19 39 l czsng39m39z mg39 39 39 39 39 39 w it V uh r39mmgeqi fl 4 I id mafaar j ai g r j jg mg mm ua 513 1 1mm CAN GETMESSY Every segment has an access controller Every access requires a lot of memory reads Access controllers may change size dynamically No issues With uncontrolled propagation revocation or reVieW QUICKFIXES 0 When authorized for first time provide a capability for that principal With the access rights to that object Which can be used for subsequent accesses 0 Group the users restrict number of entries E g Unix restricts to three owner group and others 0 Better alternative Hybrid system Capabilities for memory high traffic path Access controllers for secondary storage and file system Eg process uid 9 fopen file name 9 ACL check 9 fd WHO GIIFSAUTHORITYFOR ACCESS 9 Discretionary 391 Self Control 112IIYE1IYUVQ33lill CXISF1CEIIZEEZI11 1DV SI GLQll NKIEF magma ism mean isms wanna BMMa tarl Imsiwrwr rimsgimgrivam a 11mm im b 0 Userdefined Objects a quot ii 0 Protected subsystem 5 Collection of Objects E and processes With eXClusiV f 1 RE E f i i Ei wire r39 f1Eii l s 39 i capab1l1t1es on the ObJGCtS L r I Vii mm warm k on mail Eg UniX kernel Java Ex 3 l 5 39 was Xe sandbox IMPLEMENTING A PROTECTED SUBSYST EM Involves computation across several protection domains gtSWitching of protection domains gtReplacing C lists of one domain With another 6 Implemented as procedure calls The entry procedure of one domain requires the calling domain to have Enter capability Eg Unix system calls IMPLEMENTATION ISSUES 0 To name just a few H i Separation of privilege required for security To access internal structure of an object two capabilities are needed both must allow access Eg setuid in UniX forking in sshd ii Book keeping data of the domains must be preserved activation records and static variables iii Argument passing In UniX When returning from kernel mode it is checked if the calling user has valid rights for the return address Buffer over ow attack CONCLUSION A39Comprehensive overview of information lrotection es the trend at that time and the Us reSearCh directions drastic Change since then we still have V39 issuesz we still have a lot of


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."

Allison Fischer University of Alabama

"I signed up to be an Elite Notetaker with 2 of my sorority sisters this semester. We just posted our notes weekly and were each making over $600 per month. I LOVE StudySoup!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.