Mercurial Mercurial > hg > sen-material / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
slides/slides04.tex
changeset 243 dd94cbf9eba7
parent 241 07e4d8f64ca8
child 244 9fc6ec22ad82 
--- a/slides/slides04.tex	Tue Oct 14 06:21:07 2014 +0100
+++ b/slides/slides04.tex	Tue Oct 14 12:21:10 2014 +0100
@@ -39,6 +39,28 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
+\frametitle{Survey: Thanks!}
+\small
+
+\begin{itemize}
+\item ``Would be good, if you provide more detailed explanations. I feel 
+your slides are not as structured as they could be.''
+\item Please consider reference book chapters to cover core subject
+areas.''\pause
+\item ``The homework questions don't come directly from the 
+slides. So must go look things up.''
+\item ``Could you please put the homework answers online, perhaps
+just before the exam. That's late enough where we should have done
+it and if not, we're screwed already then.''
+\item ``Could you provide a brief basic answers to sheets for reference
+and not to be relied on.''
+\end{itemize}
+  
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
 
 \begin{center}
 \includegraphics[scale=0.45]{../pics/trainwreck.jpg}\\
@@ -56,7 +78,7 @@
 As a proof-of-concept, the following URL allows 
 attackers to control the return value saved on 
 the stack (the vulnerability is triggered when
-executing "/usr/sbin/widget"):
+executing \pcode{"/usr/sbin/widget"}):
 
 \begin{center}\footnotesize 
 \pcode{curl http://<target ip>/post_login.xml?hash=AAA...AAABBBB}
@@ -71,10 +93,10 @@
 \begin{tabular}{@{}ll}
 Discovery date: & 06/03/2013\\
 Release date:   & 02/08/2013
-\end{tabular}
+\end{tabular}\bigskip
 
 
-
+\footnotesize
 \hfill\url{http://roberto.greyhats.it/advisories/20130801-dlink-dir645.txt} 
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
@@ -93,7 +115,7 @@
 
 You will laugh: it is 
 
-\begin{center}
+\begin{center}\large
 \pcode{xmlset_roodkcableoj28840ybtide}
 \end{center}
 \end{quote}\bigskip\bigskip
@@ -119,7 +141,7 @@
 \begin{itemize}
 \item Put an executable file named \pcode{update} with non-root owner in /tmp (not
 mounted noexec, obviously)
-\item Run chkrootkit (as uid 0)
+\item Run chkrootkit (as uid \pcode{0})
 \end{itemize}
 
 Result: The file \pcode{/tmp/update} will be executed as root, thus effectively
@@ -142,13 +164,16 @@
 
 \begin{itemize}
 \item access control provided by the OS
-\item authenticate principals (login)
-\item mediate access to files, ports, processes according to \alert{roles} (user ids)\\
-\item roles get attached with privileges\bigskip\\%
+\item authenticate principals
+\item mediate access to files, ports, processes etc according to
+  \alert{roles} (user ids)\\
+\item roles get attached with privileges\bigskip\\
+
 \hspace{8mm}
 \begin{bubble}[8cm]
 \alert{principle of least privilege:}\\
-users and programs should only have as much privilege as they need 
+users and programs should only have as much privilege as they need to
+accomplish a task
 \end{bubble}
 \end{itemize}
 
@@ -194,7 +219,7 @@
 
 \item non-root users are not allowed to change the UID --- would break 
 access control
-\item but needed for example for \texttt{passwd}
+\item but needed for example for accessing \texttt{passwd}
 \end{itemize}
 
 \end{frame}
@@ -205,11 +230,11 @@
 \frametitle{Setuid and Setgid}
 
 The solution is that Unix file permissions are 9 + \underline{2 Bits}:
-\alert{Setuid} and \alert{Setgid} Bits
+\alert{Setuid} and \alert{Setgid} bits
 
 \begin{itemize}
 \item When a file with setuid is executed, the resulting process will
-  assume the UID given to the owner of the file.
+  assume the UID given to the \underline{owner} of the file.
 \item This enables users to create processes as root (or another
   user).\bigskip
 
@@ -225,19 +250,17 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
-\frametitle{Access Control}
+\frametitle{\Large Discretionary Access Control}
 
 \begin{itemize}
-\item \bl{Discretionary Access Control:}\mbox{}\medskip\\
+\item Access to objects (files, directories, devices, etc.) is
+permitted based on user identity. Each object is owned by a
+user. Owners can specify freely (at their discretion) how they want to
+share their objects with other users, by specifying which other users
+can have which form of access to their objects.\medskip
 
-\small Access to objects (files, directories, devices, etc.) is permitted 
-based on user identity. Each object is owned by a user. Owners can 
-specify freely (at their discretion) how they want to share their objects 
-with other users, by specifying which other users can have which 
-form of access to their objects.\medskip
-
-Discretionary access control is implemented on any multi-user OS 
-(Unix, Windows NT, etc.).
+\item Discretionary access control is implemented on any modern multi-user
+OS (Unix, Windows NT, etc.).
 \end{itemize}
 
 \end{frame}
@@ -245,20 +268,19 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
-\frametitle{Access Control}
+\frametitle{\Large Mandatory Access Control}
 
 \begin{itemize}
-\item \bl{Mandatory Access Control:}\mbox{}\medskip\\
+\item Access to objects is controlled by a system-wide policy, for
+  example to prevent certain flows of information. In some forms, the
+  system maintains security labels for both objects and subjects
+  (processes, users) based on which access is granted or
+  denied. Labels can change as the result of an access. Security
+  policies are enforced without the cooperation of users or
+  programs.\medskip
 
-\small Access to objects is controlled by a system-wide policy, for example 
-to prevent certain flows of information. In some forms, the system maintains 
-security labels for both objects and subjects (processes, users), based on 
-which access is granted or denied. Labels can change as the result of an 
-access. Security policies are enforced without the cooperation of users or 
-application programs.\medskip
-
-This is implemented today in special military operating system versions
-(SELinux).
+\item This is implemented in banking or military operating system 
+  versions (SELinux).
 \end{itemize}
 
 \end{frame}
@@ -268,15 +290,15 @@
 \begin{frame}[c]
 \frametitle{\Large Discretionary Access Control}
 
-In its most generic form usually given by an Access Control Matrix 
-of the form
+In its most generic form usually given by an \alert{Access Control
+  Matrix} of the form
 
 \begin{center}
 \begin{tabular}{r|c|c|c}
-                 & /mail/jane & edit.exe & sendmail \\\hline
+                 & /mail/jane & edit.exe & postfix \\\hline
 jane          & r, w & r, x & r, x\\\hline
 john          & $\varnothing$ & r, w, x&  r, x\\\hline
-sendmail  & a & $\varnothing$ &  r, x\\
+postfix  & a & $\varnothing$ &  r, x\\
 \end{tabular}
 \end{center}
 
@@ -288,13 +310,13 @@
 \begin{frame}[c]
 \small
 
-\lstinputlisting[numbers=none,xleftmargin=-6mm]{lst}
+\lstinputlisting[language={},numbers=none,xleftmargin=-6mm]{lst}
 
 
 \begin{center}
-\begin{tabular}{ll}
-Members of group staff: & ping, bob, emma\\ 
-Members of group students: & emma\\
+\begin{tabular}{@{\hspace{-24mm}}ll}
+members of group staff: & ping, bob, emma\\ 
+members of group students: & emma\\
 \end{tabular}
 \end{center}
 
@@ -321,11 +343,11 @@
   by system policies.
 
 \item Mandatory access control mechanisms are aimed in particular at
-  preventing policy violations by untrusted application software,
-  which typically have at least the same access privileges as the
-  invoking user.\medskip
+  preventing policy violations by untrusted programs, which typically
+  have at least the same access privileges as the invoking
+  user.\medskip\pause
 
-Simple example: Air Gap Security. Uses completely separate network
+Simple example: Air Gap Security. Uses a completely separate network
 and computer hardware for different application classes.
 \end{itemize}
 
@@ -335,7 +357,8 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
-\frametitle{The Bell/LaPadula Model}
+\frametitle{The Bell-LaPadula Model}
+\small
 
 \begin{itemize}
 \item Formal policy model for mandatory access control in a military
@@ -617,6 +640,25 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{\Large Cryptographic Protocol Failures}
+
+Ross Anderson and Roger Needham wrote:\bigskip
+
+\begin{quote}\rm
+A lot of the recorded frauds were the result of this kind of blunder,
+or from management negligence pure and simple. \alert{However, there
+  have been a significant number of cases where the designers
+  protected the right things, used cryptographic algorithms which were
+  not broken, and yet found that their systems were still successfully
+  attacked.}
+\end{quote}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
 \frametitle{Authentication Protocols}
sen-material