Download Overview of Operating Systems Security Features

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Computer and network surveillance wikipedia , lookup

Password strength wikipedia , lookup

Cryptography wikipedia , lookup

Address space layout randomization wikipedia , lookup

Multilevel security wikipedia , lookup

Distributed firewall wikipedia , lookup

Access control wikipedia , lookup

Airport security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Post-quantum cryptography wikipedia , lookup

Malware wikipedia , lookup

Wireless security wikipedia , lookup

Information security wikipedia , lookup

Security and safety features new to Windows Vista wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Secure multi-party computation wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Computer security wikipedia , lookup

Unix security wikipedia , lookup

3-D Secure wikipedia , lookup

Mobile security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Transcript 
UNCLASSIFIED
Overview of Operating Systems Security Features - LINUX
Introduction A key advantage of LINUX
desktop operating system (OS) is its low cost
and ease of customization to environment
and/or solutions specific requirements, but this
can also present security risks.
A LINUX
desktop that is part of the GC network
environment may be compromised by malicious
software (malware) or other threats that could
spread through GC networks.
Unsecure
installation of the LINUX desktop OS could
either expose stored GC information to
unauthorized personnel or make critical
information unavailable.
For these reasons,
departments should ensure that all LINUX
desktop OS systems are configured and used
securely.
Life Cycle
Security should be addressed in
each phase of an OS’s life cycle: evaluation,
configuration, deployment, management and
decommissioning.
Working Environments
LINUX OS security
controls can vary based on the intended use.
Typical end-uses include: Dedicated Production
GC office desktops (most secure), development
GC Office desktops (moderately secure), and
mobile desktops (least secure) such as
reception desks, conference rooms, and
printing areas.
Authorization
–
Restrict
access
to
administration tools and where possible remove
extra default permissions for services and tools.
Access Control – Restrict access to the
internal firewall system configuration, disallow
remote “root” login, lockdown system accounts,
review enabled service and scheduler security,
and for systems that are running web services,
harden web security.
Confidentiality – Ensure all accounts are
protected
by
a
password
that
meets
departmental security requirements.
Integrity
–
Use
up-to-date
patch
management, ensure systems have anti virus
and malware protection, and disable automatic
downloads.
Availability – Using partitioning software to
create sections of the hard drive allows
administrators to lock down access and enforce
strict lock down on the startup services.
Accountability and Non-Repudiation –Purge
unnecessary accounts, enable logging to start
automatically on boot. Implement secure log
files storage and enable time synchronization
with a secure authorized time source.
Basic Security Recommendations
Identification and Authentication – Current
implementations of Linux are vulnerable
through user passwords. Passwords are stored
in clear text, meaning they are easily
understood by any user that knows the
password file location, and the default
encryption tool for information does not meet
the Government of Canada recommended
encryption requirements. Departments are
recommended to identify and use an alternative
encryption tool that meets or exceeds
Government of Canada requirements.
Security
Profile
Working
Environment
Least Dangerous
(Most Secure)
GC Production
Desktops
Moderately Dangerous
(Moderately Secure)
GC Development
Desktops
More Dangerous
(Less Secure)
Most Dangerous
(Least Secure)
www.cse-cst.gc.ca
[email protected]
613-991-7654
Shared Desktops
Mobile Desktops
CSG-10\L1
Related documents
Operating System Research Worksheet
Operating System Research Worksheet
Center for Counseling and Student Development Web site development:
Center for Counseling and Student Development Web site development:
DEREE COLLEGE SYLLABUS FOR: ITC 2293 OPERATING
DEREE COLLEGE SYLLABUS FOR: ITC 2293 OPERATING
Operating Systems Autumn 2003
Operating Systems Autumn 2003
Linux+ Guide to Linux Certification
Linux+ Guide to Linux Certification
操作系统
操作系统
Overview of Physics Computing
Overview of Physics Computing
Overview of Physics Computing - University of Oxford Department of
Overview of Physics Computing - University of Oxford Department of
rengakrishnan subramanian - Kansas State University
rengakrishnan subramanian - Kansas State University
Answers to Even-numbered Exercises
Answers to Even-numbered Exercises
Linux Overview
Linux Overview
Shin Liu 2/26/2015 Chapter 4 Power Point Answers and Questions 1
Shin Liu 2/26/2015 Chapter 4 Power Point Answers and Questions 1
Operating Systems (OS)
Operating Systems (OS)
Chapter 6
Chapter 6
Operating System
Operating System
Certified Penetration Testing Specialist
Certified Penetration Testing Specialist
Chapter 6 Operating Systems
Chapter 6 Operating Systems
MobiKEY - Route1 Inc
MobiKEY - Route1 Inc
CTI Higher Certificate in Information Systems (Engineering)
CTI Higher Certificate in Information Systems (Engineering)
Introduction to Operating Systems
Introduction to Operating Systems
course outline - Clackamas Community College
course outline - Clackamas Community College
Operating Systems (Linux), 27/10/08
Operating Systems (Linux), 27/10/08