Documentos de Académico
Documentos de Profesional
Documentos de Cultura
360
SECURITY ARCHITECTURE &
DESIGN
CC
A.
B.
B.1
B.2 PIC-DSS ISO
C.
D.
D.1
D.2
E.
E.1
E.2
E.3
E.4
E.5
F.
Architecture
Architecture
I/O
, Hardware
CPU
, Firmware
BIOS
Device Firmware
, Software
CPU
I/O
I/O
CPU
CPU
(1) ALU (Arithmetic Logic Unit)
(Accumulator)
(Program Counter)
(Memory Address Register)
(Memory Buffer Register)
(Instruction Register)
CPU
CPU
CPU
CPU
Add
x+y=z
Add
x+y=z
X=3 y=2
X=3 y=2
Z=5
AL
U
CPU
Run/operating state
Application/Problem state
(nonprivileged instructions)
Supervisor state
( Privileged inst
ructions )
Wait state
CPU
Process
,
OS
Thread
Virtual Machine(VM)
(MultiProgramming)
CPU
CPU
, TOC/TOU
CPU ( )
MultiTasking
(Realtime) (Preemptive) (Coope
rative)
Windows 2000, IBM OS/390, Linux.
Multiprocessing
Multiprocessor, 2
CPU
( )
Symmetric Multiprocessing
Asymmetric MultiProcessing
MultiThread
CPU
. ,
( ) .
(PipeLine)
(
)
IF ( Instruction Fetch)
ID ( Instruction Decoding)
EX ( Execution and effective address calcul
ation)
RISC
RISC (Compiler)
RISC CPU
CISC
CPU
(
)
MEMORY
CPU
RAM
RAM: , Cache, (DRAM, SRAM)
ROM
Flash Memory
Cache
CPU
CPU CPU
(cache memory)
CPU CPU
CPU
CPU (
)
CPU L1 CPU
L2 L1 L2 CPU
L1 L2 (RAM)
RAM
Register
Cache
(Dynamic RAM, DRAM)
(Static RAM SRAM)
CPU
DRAM Cache
ROM
MASK ROM
Flash Memory
1984 Fujio Masuoka
(
RAM
MP3
Virtual Memory
( ) (RAM)
CPU
Cache
(DRAM)
Disk Cache
( )
( )
I/O
CPU
I/O
Programmed I/O
Interrupt-Driven I/O
CPU
I/O
DMA CPU
CPU I/O
DMA DM
A
CPU
DMA
CPU
( )
( )
( )
CPU
Firmware
BIOS
BIOS CMOS
CMOS ComplementaryMetalOxideSemiconductor
CMOS
BIOS CMOS
Firmware
MP3
SCSI ...
TCB
TCB ,
TCB
TCB
TCB
TCB
TCB
TCB 4
Process activation
Execution domain switching
Memory protection
I/O I/O operation
Reference Monitor
RM
RM
RM
Security Kernel
TCB
RM
TCB RM
TCB
Protection Ring
(system call)
4
Ring 1
Ring 2
Ring 3
Ring 4
Security Labels
Security Domain
TCB
Security perimete
r
TCB
OS
Process Isolation
Hardware Isolation
TCB
Least Privilege
Hardening
Hardening
hardening
sandbox
(dedicated)
(clearance)
(system high)
(compartmented)
(controlled mode)
/
(Confidentiality Model)
Take-Grant
Integrity Models
Biba
Clark & Wilson
State Machine Model
State
State transition
State transitio
n
secure state model
Bell-LaPadula Biba
,
.
(EAL6)
Bell-LaPadula
1973 David Bell Len LaPadula
Bell-LaPadula
( )
Need to know
(
)
Bell-LaPadula
ds (Discretionary security Pr
operty )
Content Dependent
Context Dependent
BLP
(covert channels)
(secure st
ate transition)
(multilevel security)
Biba
( )
1977 Bell-Lapadula ,
Biba (hierarchi
cal lattice of integrity levels)
Integrity Axioms
read
No read down
write
No write up
(invoke)
Lattice
Lattice BLP
lattice BLP
lattice " " BLP "
"
Clark-Wilson
1987
Constrained Data Item (CDI)
Integrity Verification Procedure (IVP)
Transformation Procedure (TP)
Unconstrained Data Item
Clark-Wilson ( )
Biba lattice Subject/Program
/Object triple Subject
Object Program
well-formed transactions program p
rogram program
separation of duties
Auditing
Clark-Wilson model restricted interface model
3 Biba
Brew and Nash: Chinese Wall,
Chinese Wall
Chinese Wall
Chinese Wall
DAC MAC
DAC MAC
Non-interference Model
(A) (C)
(B)( D) A, C:| B, D
C A D B
- (Take-Grant)
4 access mode(4 )
1 Read
2 Write
3 Take
A take B
A B
4 Grant
grant
A B A
1 2 (inert) /
3 4 (transport)
, Access Matrix
Access Rights
Read write execute
, Subject
Objects
(Discretionary)
( )
replay spoofin
g Kerberos ticket
R W Own
z
R W Own
R W Own
RW
RW
Bell-LaPadula
: (
)
* : (
)
* :
Biba
: (
)
* : (
)
ClarkWilson
ACL
Brewer and
Nash
GrahamDenning
NDA
NDA
NDA
NDA
TCB
reference monitor ker
nel
criteria
Trust Level
Assurance
TCSEC
1970 1985
TCSEC2000 Common Criteria
TCSEC
D (minimal protection)
C (discretionary protection)
C1: Discretionary Security Protection
C2: Controlled Access Protection
B (mandatory protection)
B1: Labeled Security
B2: Structure Protection
B3: Security Domain
A (verified protection)
A1: Verified Design
TCSEC
D1
C1 C2
B1 B2
B3 A1
ITSEC
Information Technology Security Evaluation Criter
ia
TCSEC
TOE(Target of Evaluation )
security target
PDR( )
7 (EAL) 7
CC
IT
TOE(Target of Evaluation)
PP (Protection Profile)
ST( Security Target)
(Function)
(Assurance)
(Component)
(Package)
EAL( Evaluation Assuranc
e Level)
PP
Certification vs Accreditation
, Certification
, Accreditation
Zachman
SABSA
ACL
IT IT
IT IT
,
.
/ (TOC/TOU)
Nonvolatile storage tha
t holds program instruc
tions and retains data
even when power is tu
rned off is known as w
hich type of storage?
Primary
Secondary
Virtual
Real
Which of the following
is a system that has w
ithstood benchmark te
TCB
meet user and evalua
tion requirements?
TCB system
Evaluated system
Trusted system
Security kernel system
Katie has been appointed proj
ect manager of a new build-out
on the 5th floor. Along with the f
acilities, she is responsible for
selecting new hardware across
the board. Her first task is to c
hoose border routers to use on
the Extranet platform. Which e
valuation program would be m
ost suited for this task?
Orange Book
Brown Book
Red Book
Green Book
Red Book
When a system is said t
o be operating in proble
m state what does this
mean
The system is using Ring
s 0 and 1
The system is executing
an application
The system is in a fault st
ate
The system is in ready st
ate
0 1
Which of the following has an incorr
ect definition mapping?
1. Multiprogramming An operating sy
stem can load more than one program
in memory at one time.
2. Multitasking An operating system
can handle requests from several diffe
rent processes loaded into memory at
the same time.
3. Multithreading An application has
the ability to run multiple threads simul
taneously
4. Multiprocessing The computer ha
s more than one CPU
A. All of them
B. None of them
C. 4
D. 3
1 -
2 -
3 -
4 - C
PU
A.
B.
C. 4
D. 3