MOS_3e_ch9 《现代操作系统》Andreww S.Tanenbaum配套教材ppt.ppt

MODERN OPERATING SYSTEMSThird EditionANDREW S. TANENBAUMChapter 9Security;Figure 9-1. Security goals and threats.;Intruders;Accidental Data Loss;Figure 9-2. Relationship between the plaintext and the ciphertext.;Figure 9-3. (a) Computing a signature block. (b) What the receiver gets.;Figure 9-4. Three protection domains.;Figure 9-5. A protection matrix.;Figure 9-6. A protection matrix with domains as objects.;Figure 9-7. Use of access control lists to manage file access.;Figure 9-8. Two access control lists.;Figure 9-9. When capabilities are used, each process has a capability list.;Figure 9-10. A cryptographically protected capability.;Capabilities (3);Trusted Systems;Figure 9-11. A reference monitor.;Figure 9-12. (a) An authorized state. (b) An unauthorized state.;The Bell-La Padula Model (1);Figure 9-13. The Bell-La Padula multilevel security model.;The Biba Model;Figure 9-14. (a) The client, server, and collaborator processes. (b) The encapsulated server can still leak to the collaborator via covert channels.;Figure 9-15. A covert channel using file locking.;Figure 9-16. (a) Three zebras and a tree. (b) Three zebras, a tree, and the complete text of five plays by William Shakespeare.;Authentication;Figure 9-17. (a) A successful login. (b) Login rejected after name is entered. (c) Login rejected after name and password are typed.;Figure 9-18. How a cracker broke into a U.S. Department of Energy computer at LBL.;Figure 9-19. The use of salt to defeat precomputation of encrypted passwords.;Challenge-Response Authentication;Figure 9-20. Use of a smart card for authentication.;Figure 9-21. A device for measuring finger length.;Figure 9-22. (a) Normal code. (b) Code with a trap door inserted.;Figure 9-23. (a) Correct login screen. (b) Phony login screen.;Exploiting Code Bugs;Figure 9-24. (a) Situation when the main program is running. (b) After the procedure A has been called. (c) Buffer overflow shown in gray.;Figure 9-25. (a) The stack before the attac