Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Observations on Operating System Security Vulnerabilities
Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.ORCID-id: 0000-0003-0778-4736
2000 (engelsk)Licentiatavhandling, monografi (Annet vitenskapelig)
Abstract [en]

This thesis presents research on computer security vulnerabilities in general-purpose operating systems. The objective is to investigate intrusions in such systems in order to find and model the underlying generic weaknesses, i.e., weaknesses that would be applicable to many different systems. An attempt is made to create a conceptual basis for the generic modeling of vulnerabilities, addressing security concepts, definitions, and terminology. The investigation of intrusions is based on empirical data collected from three different systems, UNIX, Novell NetWare, and Windows NT. The UNIX and Novell NetWare data were generated from a number of practical intrusion experiments with Masters students, while the Windows NT data resulted from a security analysis that we performed ourselves. This analysis showed that Windows NT, initially thought to be quite secure, still displayed a significant number of vulnerabilities. A comparison with earlier UNIX analyses indicates that the security differences between the systems are related more to factors such as time on market and security-by-obscurity than to inherent security performance. A different approach was taken with the Novell NetWare system. Here, the initial experiments showed quite poor security behavior and we have investigated the security evolution as later versions of the system have been released and have reached the conclusion that, even though some effort has been made to improve security, no significant difference has been achieved, primarily due to backward compatibility requirements. In summary, the work performed here represents a further step towards a full understanding of the generic weaknesses and vulnerabilities that impair commercially available operating systems. This understanding is essential to our aspiration to make these systems secure, or at least sufficiently secure. It is expected that this work, when fully accomplished, will comprise a powerful basis for improving the security of operating systems, at least to the extent that research results are taken into consideration by software developers and manufacturers

sted, utgiver, år, opplag, sider
Göteborg, Sweden, 2000.
Serie
Department of Computer Engineering, Chalmers University of Technology
Emneord [en]
computer security, operating system, vulnerability, intrusion, experiment, modeling, analysis
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-21959OAI: oai:DiVA.org:kau-21959DiVA, id: diva2:595635
Tilgjengelig fra: 2013-01-21 Laget: 2013-01-21 Sist oppdatert: 2018-01-11

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

http://www.cs.kau.se/~stefan/publications/Lic00/full_text.pdf

Personposter BETA

Lindskog, Stefan

Søk i DiVA

Av forfatter/redaktør
Lindskog, Stefan
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 66 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf