Skill Set Name: OS Security

Topics Level Sub topics Skill Category No Code Share comment
OS Security Concepts I

Understanding security threats and attacks on operating systems.
Understanding basic concepts on operating system security
Understanding related criteria on secure operating system
Understanding OS security related criteria
 


  • Understanding OS Security threats and attacks
    • virus & worms
    • Trojan horse
    • buffer overflow
    • logic bomb
    • covert channel
  • Understanding basic OS security concepts
    • reference monitor
    • trusted computing base
    • security function & security assurance
  • Understanding OS security related criteria
    • TCSEC
    • CC
    • Other criteria
7-3-1-I
OS Security Mechanisms I

Understanding basic security mechanisms in trusted operating systems, including identification & authentication, discretionary & mandatory access control, integrity protection, least privilege management, trusted path, trusted recovery, covert channel, object reuse, audit and so on.


  • Understanding basic security mechanisms in trusted operating systems, including:
    • identification & authentication
    • discretionary & mandatory access control
    • integrity protection
    • least privilege management
    • trusted path
    • trusted recovery
    • covert channel
    • object reuse
    • audit
       
7-3-2-I
OS Security Mechanisms II

Knowing how to use current security mechanisms in Linux systems.


  • Knowing how to use user identification and authentication commands and related files
    • Commands, e.g. useradd, userdel, usermod, password …
    • Files, e.g. /etc/passwd, etc/shadow, …
  • Knowing how to use discretionary access control commands
    • 9 bit mechanism, e.g. chmod, chown, … commands
    • ACL (Access Control List) mechanism, e.g. setfacl, chfacl, getfacl,… commands
  • Knowing how to use audit and log services and files, e.g. syslogd… , /etc/syslog.conf, ...
  • Knowing how to use network security related services and files, e.g. /etc/xinetd.d, /etc/services … , etc/hosts.allow, etc/hosts.deny, …
     
7-3-2-II
OS Security Models II

Understanding typical and practical security models in Linux systems


  • Understanding multilevel security policy and confidentiality model
    • Bell-LaPadula Model
    • Understanding integrity protection policy and integrity models
    • Biba
    • Clark-Wilson
  • Understanding multi-policy security and neutral security models
    • RBAC (Role Based Access Control)
    • UCON (Usage Control)
    • TE/DTE (Type Enforcement/Domain and Type Enforcement)
    • Chinese Wall
  • Understanding MAC (mandatory access control)
  • Other security models (selected)
    • Information flow
    • Non-interference
       
7-3-3-II
Linux Security Module-LSM II

Understanding flask security architecture and LSM framework


  • Knowing the structure of Linux security module and hook functions
    • Opaque security fields such as void *security
    • Calls to security hook functions
    • Security system call such as sys_security()
    • Registering security modules
    • Capabilities
  • Understanding what LSM can and cannot do.
     
7-3-4-II
Linux Security Module-LSM III

Knowing how to design and implement security mechanisms in Linux.


  • Knowing how to implement security mechanisms with LSM framework in Linux
    • DTE Linux
      • DTE Policy
      • DTE Implementation
      • How to use
    • POSIX.1e Capabilities
      • Capability Definition
      • Capability Implementation
      • How to use
         
7-3-4-III
SELinux II

Understanding SELinux MAC security policies and policy language


  • Understanding the Configurable policies in SELinux
    • Type Enforcement (TE)
    • Role Based Access Control (RBAC)
    • Multi Level Security (MLS) and Multi Category Security (MCS)
  • Understanding flask security architecture
    • Object manager
    • Security server
  • Understanding what SELinux can and cannot do.
  • Understanding and knowing how to use SELinux policy language
    • Ability to enforce confidentiality and integrity guarantees.
    • Ability to confine flawed and malicious applications.

 

7-3-5-II
SELinux III

Knowing how to use the policy language, related security management and policy analysis tools. Knowing SELinux Security architecture and implementation.


  • Knowing the SELinux architecture and implementation
    • Flask architecture SHARED CODE 7-3-3-I
    • SELinux LSM Module
      • Data structures
      • Hook Functions
      • Security system calls
      • Module registering
  • Knowing how to use SELinux management and policy analysis tools
    • checkpolicy
    • libselinux
    • libsemanage
    • libsepol
    • policycoreutils

 

7-3-5-III
Various implementations II

Understanding characteristics of various implementations.


  • SMACK
  • TOMOYO Linux
  • AppArmor
  • grsecurity
     
7-3-6-II