HomeSkill Set Definitions

Skill Set Name: OS Security

Topics Level Sub topics Skill Category No Code Share comment
OS Security Concepts I

Understanding security threats and attacks on operating systems.
Understanding basic concepts on operating system security
Understanding related criteria on secure operating system
Understanding OS security related criteria
 

Attacks on the Web
Outline of network security
Simplified classification of network attack methods
Unauthorized access techniques by exploiting TCP
Virus characteristics and antivirus measures
  • Understanding OS Security threats and attacks
    • virus & worms
    • Trojan horse
    • buffer overflow
    • logic bomb
    • covert channel
  • Understanding basic OS security concepts
    • reference monitor
    • trusted computing base
    • security function & security assurance
  • Understanding OS security related criteria
    • TCSEC
    • CC
    • Other criteria
 7-3-1-I
OS Security Mechanisms I

Understanding basic security mechanisms in trusted operating systems, including identification & authentication, discretionary & mandatory access control, integrity protection, least privilege management, trusted path, trusted recovery, covert channel, object reuse, audit and so on.

OS Security Concepts
  • Understanding basic security mechanisms in trusted operating systems, including:
    • identification & authentication
    • discretionary & mandatory access control
    • integrity protection
    • least privilege management
    • trusted path
    • trusted recovery
    • covert channel
    • object reuse
    • audit
       
 7-3-2-I
OS Security Mechanisms II

Knowing how to use current security mechanisms in Linux systems.

OS Security Concepts
  • Knowing how to use user identification and authentication commands and related files
    • Commands, e.g. useradd, userdel, usermod, password …
    • Files, e.g. /etc/passwd, etc/shadow, …
  • Knowing how to use discretionary access control commands
    • 9 bit mechanism, e.g. chmod, chown, … commands
    • ACL (Access Control List) mechanism, e.g. setfacl, chfacl, getfacl,… commands
  • Knowing how to use audit and log services and files, e.g. syslogd… , /etc/syslog.conf, ...
  • Knowing how to use network security related services and files, e.g. /etc/xinetd.d, /etc/services … , etc/hosts.allow, etc/hosts.deny, …
     
 7-3-2-II
OS Security Models II

Understanding typical and practical security models in Linux systems

  • Understanding multilevel security policy and confidentiality model
    • Bell-LaPadula Model
    • Understanding integrity protection policy and integrity models
    • Biba
    • Clark-Wilson
  • Understanding multi-policy security and neutral security models
    • RBAC (Role Based Access Control)
    • UCON (Usage Control)
    • TE/DTE (Type Enforcement/Domain and Type Enforcement)
    • Chinese Wall
  • Understanding MAC (mandatory access control)
  • Other security models (selected)
    • Information flow
    • Non-interference
       
 7-3-3-II
Linux Security Module-LSM II

Understanding flask security architecture and LSM framework

  • Knowing the structure of Linux security module and hook functions
    • Opaque security fields such as void *security
    • Calls to security hook functions
    • Security system call such as sys_security()
    • Registering security modules
    • Capabilities
  • Understanding what LSM can and cannot do.
     
 7-3-4-II
Linux Security Module-LSM III

Knowing how to design and implement security mechanisms in Linux.

  • Knowing how to implement security mechanisms with LSM framework in Linux
    • DTE Linux
      • DTE Policy
      • DTE Implementation
      • How to use
    • POSIX.1e Capabilities
      • Capability Definition
      • Capability Implementation
      • How to use
         
 7-3-4-III
SELinux III

Knowing how to use the policy language, related security management and policy analysis tools. Knowing SELinux Security architecture and implementation.

  • Knowing the SELinux architecture and implementation
    • Flask architecture SHARED CODE 7-3-3-I
    • SELinux LSM Module
      • Data structures
      • Hook Functions
      • Security system calls
      • Module registering
  • Knowing how to use SELinux management and policy analysis tools
    • checkpolicy
    • libselinux
    • libsemanage
    • libsepol
    • policycoreutils

 

 7-3-5-III
SELinux II

Understanding SELinux MAC security policies and policy language

Linux Security Module-LSM
Linux Security Module-LSM
OS Security Models
  • Understanding the Configurable policies in SELinux
    • Type Enforcement (TE)
    • Role Based Access Control (RBAC)
    • Multi Level Security (MLS) and Multi Category Security (MCS)
  • Understanding flask security architecture
    • Object manager
    • Security server
  • Understanding what SELinux can and cannot do.
  • Understanding and knowing how to use SELinux policy language
    • Ability to enforce confidentiality and integrity guarantees.
    • Ability to confine flawed and malicious applications.

 

 7-3-5-II
Various implementations II

Understanding characteristics of various implementations.

  • SMACK
  • TOMOYO Linux
  • AppArmor
  • grsecurity
     
 7-3-6-II