Lecture 24: May 21, 2021

Reading:text, §16.4, 23
Due: Homework 4, due May 24; Lab 3, due May 26

1. MULTICS ring mechanism
   1. Rings, gates, ring-crossing faults
   2. Used for both data and procedures; rights are REWA
      (b₁, b₂) access bracket—can access freely; (b₃, b₄) call bracket—can call segment through gate; so if a’s access bracket is (32, 35) and its call bracket is (35, 39), then assuming permission mode (REWA) allows access, a procedure in:
      rings 0–31: can access a, but ring-crossing fault occurs
      rings 32–35: can access a, no ring-crossing fault
      rings 36–39: can access a, provided a valid gate is used as an entry point
      rings 40–63: cannot access a
   3. If the procedure is accessing a data segment d, no call bracket allowed; given the above, assuming permission mode (REWA) allows access, a procedure in:
      rings 0–32: can access d
      rings 33–35: can access d, but cannot write to it (W or A)
      rings 36–63: cannot access d

2. Malware, malicious logic

3. Trojan horse
   1. Rootkits
   2. Propagating Trojan horses

4. Computer virus
   1. Infection vectors: boot sector, executable

Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu

ECS 153, Computer Security Version of May 24, 2021 at 10:56AM

You can also obtain a PDF version of this.