Trusted OS and Appl i cat i on Secur i ty

Trusted OS and

Application Security

Utku ÜnalSolution ConsultantHP Consulting

standard OS offers

reliability

performance

availability

flexibility

scalability

but lacks security

Firewalls cannot detect and block security attacks that are “embedded” in unauthorized code unless the code has been anticipated

OS Security does contain damage to applications from these programs

OS Security complements firewalls that the organization already has in place

mail server

browser

web server

mail server

web server

browserDatabaseFile

ServiceNetwork Management

PointCastShockWav

eapplication

code

Firewall

Why firewalls are not enough?

summary of Application & OS Security issues

so what can you do?

Immature E-commerce applications rushed to market in “Internet time” put the back-end at risk

Off the shelf Unix & NT do not provide sufficient risk reduction for Web front-ends

Web servers, if compromised, can provide an easy conduit into your intranet and mission-critical applications

• Linux was run on 41.8% of non-Microsoft sites ran Linux

• January 2001 saw the first Linux “worm” – ramen

• adore and lion followed• worms may deface your site

and/or do other damage

so, you are concerned about security and

reliability?

hp secure OS software for Linux and

VirtualVaultare the solutions

hp OS security proven protection

• deployed by over 130 of the world’s largest banks

• protected one customer from over 300,000 break-in attempts in one week

• winner of Secure Computing “Best General Security Product” for three years

• BITS certified – met strict criteria for financial institutions

• passed rigorous tests from private organizations and government entities

• hp - the first major vendor involved in Linux development and introduction

hp secure OS softwaresecurity/strengthof mechanisms

increase -- ease of use/administration, performance, compatibility – decrease

WindowsHP-UX, Linux

HP-UX C2

hp secure Linux

HP-UX Bastille C2

trusted systems

VirtualVault

HP Webenforcer

layered systems

base systems

• isolates customers and applications

• locks down system features• audits all system activities• provides file system protection• eases security administration• protects from most common

attacks

• a secure platform based on Red Hat Linux

• flexible tools to configure security

• applications to manage security

• a wide range of services and support

what is it?

what are the benefits?• provides triple-layer security

TM

– prevents attacks – protects against attacks in

progress– contains any damage

• protects a server from being:– attacked– compromised– used by others

• maintains availability

what does it do?

hp secure linux

how does it work?• an easy to use secure

server platform that protects key server components

• armors standard red hat linux server with multiple layers of security

• includes prevention, containment and detection

• includes OS and application layer

internalsystems

internet

web browser

data

sealedcompartments

Apache

hp secure Linux

applications

• containment• file system

protection• system

configuration lockdown

• auditing• secure

administration mode

review of major features

• Least privilege mechanism

eliminates the “super-user” root

function• Programs run only with specific

privileges needed for task• Discrete set of privileges for OS

system call actions • No inheritance of "power" between

programs--no Trojan

partitioned web runtime• Webserver and Intranet applications in separate compartments

• Applications and their resources partitioned into classes - cannot interfere with each other

• Trusted Gateway provides secure communication between the inside and outside compartments

trusted os

• Commercial version of a trusted, military-grade operating system

• Securely integrated, industry-leading Web server

• Strictly partitioned Web runtime environment

• “Vaulted” Java Virtual Machine, CGI’s and application gateways

what is it? virtualvault

OUTSIDE INSIDE

SYSTEM_HI

SYSTEM

WEB Server

JVM

VIRTUALVAULT

cgi

application

Event Monitoring

DamageControl

HTML Pages

Java Servlets

Scripts & binaries

Back-end Application Server

Gateway

Clients from Internet(Web browsers)

how does it work?

Trusted Operating System Eliminates privileged “root” user access Applications run with minimum privileges Blocks the hijacking of privileges by unauthorized code

Strictly Partitioned WebRuntime Environment

Protects all application files Segregates client-serving front-end from back-end

business applications Strictly controls all cross-compartment communications Prevents unauthorized modification of Web content

Securely IntegratedWeb Server

Uses iPlanet Web Server, C2Net Apache, others Uses minimum operating system privileges Access to Web applications is strictly controlled Supports 128-bit authentication, and encryption

review of major features