BASES DE PARTICIPACION

In this topic, the computer and how it manages the systems resources and utilities are discussed. To explain this, the topic is separated into the following points:

• Operating System Software and Utilities • Central Processing Unit (CPU) states • Memory Management Overview • Input/Output Devices

• Storage Devices

2.3.1.1 Operating System Software and Utilities

There are two primary objectives of the operating system; the first is to control the use of the system’s resources which the operating system shared between the users and/or the tasks. The second objective is to present an easy to understand interface of the computer to users or programs.

The following terms are a associated with operating systems:

• Multitasking: Multitasking systems allows the computer to execute more than one computer task at the same time. The operating system keeps track with all these tasks without losing any information related to any one of these tasks.

• Multithreading: is the ability of the program to handle requests from more than one user in the same time; and to handle more than one request by the same user without having to have multiple copies of the software to be running.

• Multiprogramming: a multiprogramming system is the one that allows the execution of two or more programs by the same processor. Most of the operating systems nowadays are support multiprogramming.

• Multiprocessing: is the coordinated processing of two or more programs that running on a computer uses two or more processors. This feature allows the application to be executed by more than one processor in the same time to achieve a fasting processing of the programs.

Vulnerabilities of Operating Systems

Object reuse: The object reuse vulnerability is associated with multiprogramming systems.

So, for security reasons; it is important to avoid storage residues. Storage residues occur when data is left in the memory area that could be used by new processes. A process returning Random Access Memory (RAM) to the operating system can clean the RAM before releasing it. The operating system itself must clean the RAM to prevent storage residue.

Time of check/time of use (TOC/TOU): This vulnerability is associated with

multiprogramming and multiple processors, and it is a type of asynchronous attack. It can occur when a process passes pointers to parameters residing in its virtual memory to the operating system. At the same time, another process, with access to the memory area that contain the parameters, modifies the parameters between the time the operating system checks them and the time they are used.

Maintenance hooks: Maintenance hooks are part of the software code allowing easy

maintenance; they are commonly called trapdoors or backdoors. These hooks form a risk on the software, so they should be removed prior the live implementation of the software (Hansche and others, 2004, P: 82-88).

2.3.1.2 Central Processing Unit (CPU) states

Processing Types

Computers must be designed in a way that they do not disclose information to an unauthorized recipient.

Single State: In single state systems, security administrators approve a processor and

system to handle only one security level at a time.

Multi state: Multi state systems are certified to handle multiple security levels

simultaneously by using specialized security mechanisms, such mechanisms are designed to prevent information from crossing between security levels.

Security Modes

Dedicated Mode: The user in this type of systems needs three requirements:

Each user must have: 1-Security clearance permitting him the access to all information processed by the system, 2-Access approval for all information processed by the system, and 3-Valid need to know for all information processed by the system.

System High Mode: The user in this type of systems also needs three requirements:

Each user must have: 1-Valid security clearance that permits access to all information processed by the system, 2-Access approval for all information processed by the system, and 3-Valid need to know for some information processed by the system.

Compartmented Mode: The user in this type of systems also needs three requirements:

Each user must have: 1-Valid security clearance that permits access to all information processed by the system, 2-Access approval for all information they will have access to on the system, and 3-Valid need to know for all information they will have access to on the system.

Multi level Mode: Following are the characteristics of this type of systems:

Some users do not have a valid security clearance for all information processed by the system.

Each user must have:

1-Access approval for all information they will have access to on the system.

2-Valid need to know for all information they will have access to on the system (Tittel and others, 2003, P: 374-377).

2.3.1.3 Memory Management Overview

There are many types of memory, such types are:

Cache memory: A small amount of very high speed RAM, which holds the instructions

anticipation of the CPU requiring these programs and data. Properly designed caches can significantly reduce the apparent main memory access time and thus, increase the speed of program execution.

Random Access Memory: Memory where locations can be directly addressed and the data

that is stored can be altered. RAM is volatile due to the fact that the data is lost if power is removed from the system.

Programmable Logic Device (PLD): An integrated circuit with connections or internal

logic gates that can be changed through a programming process. Examples of a PLD are a Read Only Memory (ROM), a Programmable Array Logic (PAL) device. This last technology is volatile because the power to the chip must be maintained for the chip to operate.

Read Only Memory (ROM): Non-volatile storage where locations can be directly

addressed. In a basic ROM implementation, data cannot be altered dynamically. Non- volatile storage retains its information even when it loses power. Programs stored on these types of devices are referred to as firmware.

Real or primary memory: The memory directly addressable by the CPU and used for the

storage of instructions and data associated with the program that is being executed. This memory is usually high-speed, RAM.

Secondary memory: This type of memory is a slower memory (such as magnetic disks)

that provides non-volatile storage.

Sequential memory: Memory from which information must be obtained by sequentially

searching from the beginning rather than directly accessing the location. A good example of a sequential memory access is reading information from a magnetic tape.

Virtual memory: This type of memory uses secondary memory in conjunction with

primary memory to present a CPU with a larger, apparent address space of the real memory locations.

Memory protection

Means to prevent one program from accessing and modifying the memory space contents that belong to another program. Memory protection is implemented by the operating system or by hardware mechanisms (Krutz and Vines, 2001, P: 176-178).

2.3.1.4 Input/Output Devices

Monitors: It’s a fact that when you turn monitor off, the data disappears from the screen

and can’t be recovered. However, a technology known as TEMPEST can compromise the security of data displayed on a monitor.

Printers: Printers also may represent a security risk. If printers are shared, users may forget

to retrieve their sensitive printouts, leaving them vulnerable to other users.

Keyboards/Mice: Keyboards, mice, and similar input devices are not immune from security

vulnerabilities either. All of these devices are vulnerable to TEMPEST monitoring. A simple device can be placed inside a keyboard to intercept all of the keystrokes that take place and transmit them to a remote receiver using a radio signal. This has the same effect as TEMPEST monitoring but can be done with much less-expensive gear.

Modems: If they are not configured properly, they can create serious security

vulnerabilities that allow an outsider to bypass all of your perimeter protection mechanisms and directly access your network resources. It also allows insiders to funnel data outside of your organization (Tittel and others, 2003, P: 387-388).

2.3.1.5 Storage Devices

There are many types of storage devices, following are some of these types:

Floppy disk, Hard disk, Zip disk, CD-ROM, Rewritable CD, DVD, Flash memory, and Magnetic tapes. Some of these types can easily be transported and read on other computers, this can increase the risk of losing data if a security controls are not established (Hansche and others, 2004, P: 96-97).