高级操作系统高级操作系统 (5).pdf

.第 1 讲：Advanced OS Overview第五节：Tendency of OS Reliability陈渝(清华大学)第 1 讲2020 年 2 月 15 日1/9TendencyPerformanceReliabilityCorrectness.DefinitionReliability:from IEEE definitionThe ability of a system or component to perform its required functionsunder stated conditions for a specified period of timeUsually stronger than simply availability:means that the system is not only“up”,but also working correctlyIncludes availability,security,fault tolerance/durabilityMust make sure data survives when system crashes,disk crashes,etc.DefinitionReliability:from IEEE definitionThe ability of a system or component to perform its required functionsunder stated conditions for a specified period of timeUsually stronger than simply availability:means that the system is not only“up”,but also working correctlyIncludes availability,security,fault tolerance/durabilityMust make sure data survives when system crashes,disk crashes,etc.History of Security ProblemOriginally,there was no security/safety problemLater,there was a problem,but nobody caredNow,there are increasing problems,and people are beginning to care.Threat AnalysisWhat are we trying to protect?(and why?)What are the vulnerabilities of those assets?Who might（accidently）exploit a vulnerability?How can we prevent a specific threat?How much is it worth to us to prevent it?.Threat AnalysisWhat are we trying to protect?(and why?)What are the vulnerabilities of those assets?Who might（accidently）exploit a vulnerability?How can we prevent a specific threat?How much is it worth to us to prevent it?.Threat AnalysisWhat are we trying to protect?(and why?)What are the vulnerabilities of those assets?Who might（accidently）exploit a vulnerability?How can we prevent a specific threat?How much is it worth to us to prevent it?.Threat AnalysisWhat are we trying to protect?(and why?)What are the vulnerabilities of those assets?Who might（accidently）exploit a vulnerability?How can we prevent a specific threat?How much is it worth to us to prevent it?.Threat AnalysisWhat are we trying to protect?(and why?)What are the vulnerabilities of those assets?Who might（accidently）exploit a vulnerability?How can we prevent a specific threat?How much is it worth to us to prevent it?.Threat AnalysisWhat are we trying to protect?(and why?)What are the vulnerabilities of those assets?Who might（accidently）exploit a vulnerability?How can we prevent a specific threat?How much is it worth to us to prevent it?.The Core Technical ProblemControlling access to machine and data resourcesControlling the way access rights are passed from holder to holderperson to personprogram to programPreventing maliciousness and errors from subverting the controls.System Security Technology.Current Status对当前 Android 漏洞的理解Sematic Vulnerability 越来越多数据泄漏漏洞的威胁越来越大.Current Status对当前 Linux Kernel 漏洞的理解Linux 漏洞有扩大化的趋势但发现 Linux 漏洞难度加大.