SlideShare une entreprise Scribd logo

Controlling The Core

Télécharger en tant que DOCX, PDF
D
Dennis Pierce

- Computer security still relies on usernames and passwords for authentication and user/group IDs for authorization, leaving systems vulnerable to attackers who gain administrator-level access. - Privileged Identity Management (PIM) systems like CA Privileged Identity Manager were introduced to control administrator access by granting privileged access only according to predefined protocols. - CA Privileged Identity Manager uses kernel-level call intercepts and two-factor user identification to block even root-level access compromises, ensuring that only the original logged in user can access their private data, even if another user gains root/administrator access.

1  sur  3
Controlling the Core Regardlessof whetheranapplicationsolutionsuiteishostedonpremise,inthe cloudorsome combinationof the two,someone somewhere still needstoaccessserverspace toperformthe basic functionsof installation,configuration,andmaintenance. Of course incloudspace thismay be somebodyelse’sproblemwhile inonpremisespace the responsibility maybe squarelyonyour shoulders. Computersecurityhasnotchangedmuch inthe past generationsof hardware spinningandoperating systemre-inventing. The currentaccessmodel still usesthe same authenticationcomponentsof somethingyouare,somethingyou have,orsomethingyouknow withthe mostbasicandeasiest offeringbeingausername andpassword combination. Onthe authorizationfrontwe still have userand groupID’s for UNIX and a plethoraof fine-grainedpre-definedaccessrightsforMicrosoftWindows. While the standardtriedandtrue residentsecuritysystemsare quite goodforblocking aberrantaccess at most levels,everyoperatingsystemhasone securityhole thatisthe holygrail of rogue access. On UNIX thisisroot and onMicrosoft WindowsthisisAdministrator. Sure,the namescanchange to protectthe innocent(renamingAdministrator,forexample) butonce kernel-levelaccesshasbeen attainedthenthe worldisthe infiltrator’soystertobe consumedslowlyandwithsavor. In the not toodistantpast,wavesof technologieswereintroducedtoauditthe activityof keyplayers. It was believedthatif one couldreviewwhathappenedduringamaliciouseventthenthe exposure could be mitigatedsomewhattorecoverassetsandpreventfuture failures. Recordingactivityisaverygood wayto watch the good guysdo goodthingsfor compliance auditability,butitdoesnothingtoprevent the trulymaliciousadministratorfromjustplaincopyingorwipinganentire system. Simplyput, auditingisakinto watching a videoof your100 inch televisionwalkoutyourfrontdoorwithabsolutely no powerto blockthe exit. To counterthe audit-onlymodel andbringascopedlimitationtosensitive accountaccess,CA Privileged IdentityManager(PIM) wasintroduced. The termPIMhas seenseveral iterationsfromSharedAccount Management(SAM) toPrivilegedAccessManagement (PAM) andbackto PIM. But,while the acronyms have changed,the concepthas remainedthe same. Basically,grantuberaccessto those usersthat require suchaccessbut control the grantingto a pre-definedprotocol. In the UNIXworldthismeansthat the root userhas the abilitytologin as root,but onlyif someone else agreesto,or grants,the permissiontodoso. Since multiple administratorsmayneedtoaccessthe root account,the account isknownas being“shared”;hence the Sharedasinthe SAMacronym. The PIM model,then,givesauserthe keyto the front door,a lockedclosetorsafe; and allowsthatuser to access the facility. Youmayhave multiple userswiththe same keyinthe same space atthe same time,butpropermonitoring(auditing,recording) will show whateachindividual isdoing.
Now,inall honesty,UNIXandLinux have done a fine jobof removingthe usernamed“root”fromthe requirementof beingdirectlyaccessed. Specifically,the currentsecure shell (SSH) offeringscanprohibit directroot logon, andthe sudo(superuserdo) facilityenablesa“common”userto performroot-level functionssimplybyissuingagreedupon,orgranted,commands. SeLinuxisinthe offering,aswell. And, as mentioned,MicrosoftWindowshasaverynice array of roles thatmay be assignedtoenable usersto have quite a range of privileges. So,we nowhave bothUNIX andMicrosoft Windowswithadministrative scope limitingresidentsecurity systemabilities,aPIMmodel tolimituberaccessinadditiontothe residentsecuritymodel,and monitoringtorecordall activities. Great! Well,no. The precedingkeepshonestpeople honestbutdoesnotaddresswhathappenswhenyetone more hole isexposed. And,yes,the axiomof all software is that“there isalwaysone more bugor one more hole.” So,whetheritisa bufferoverflowexposureorsome otherobscure entrypoint,youcanbe assuredthat someone somewherewillfindsomethingthatisnotgood. ZeroDay attacks are no longerinfrequentbutsufficientlycommontofinallymake exposedfinancial data a Dark Webcommodity. And,yes,phishingisaprimaryentrypoint;hence the commentaboutPIM and recordingkeepinghonestpeoplehonest. CA Technologies(CA) PrivilegedIdentityManagerisa servercentricsecurityofferingthathasthe power to scope root on UNIXand AdministratoronMicrosoftWindows. The operative wordshere are “server centric”and “scope”. Simplyput the servercomponentof CA PrivilegedIdentityManagerworksat a level thatwill blockevenaroot shell accesscompromise. The way thisworksisnot magic butis basedonkernel levelsyscall interceptscombinedwithatwo- factor useridentificationmodel. Upon serverlogon,CA PrivilegedIdentityManagercapturesthe logginginuserandwritesthatdatum to a private internal table. The usernotedinthe initial logoneventisthe userthatisthenchecked againstresource accessauthorizations. For example,if Alice logsonandsu’sto root,CA PrivilegedIdentityManagerwill know the userasAlice while UNIX will knowthe userasroot. So, forall UNIX activities,the currentshellistreatedasroot. But, and thisisa verybigand veryprotective but,if there are private datathatshouldonlybe accessedby Alice thenanyother“root” userwill nothave the abilitytoaccessthose data. Evenif a “true root” logs inthat userwill notbe able to access Alice’sdata. Where thismulti-level accessscopingisveryimportantisinthe situationwhere trulyprivatedata shouldbe maintainedastrulyprivate data. Justbecause ashell canrationallygainaccessto or usurp kernel level accessshouldnotmeanthatthe shell shouldbe able toaccessprotecteddata. Thinkaboutit.
In closing,the above discusseda bitusingUNIXexamplesbutasgoesUNIXso goesMicrosoftWindows. The verysame securityofferingsare common inbothoperatingsystemssoitispossible toensure that Alice’sdataare protectedonboth UNIXand MicrosoftWindows. And,yes,CA TechnologieshasaPIMofferingasdoesCyberArk, Lieberman,andothers. But,this discussiondealswithcontrollingthe core dataaccess whichisfundamental toall serversuitesand shouldbe considered regardlessof the PIMproviderinuse. DennisPierce IT SecurityArchitect

Recommandé

Sattt
SatttSattt
Sattt
satya0564
 
Talk of the hour, the wanna crypt ransomware
Talk of the hour, the wanna crypt ransomwareTalk of the hour, the wanna crypt ransomware
Talk of the hour, the wanna crypt ransomware
shubaira
 
Survey/analysis of the QNX Neutrino Secure Kernel
Survey/analysis of the QNX Neutrino Secure KernelSurvey/analysis of the QNX Neutrino Secure Kernel
Survey/analysis of the QNX Neutrino Secure Kernel
Apollo_n
 
Virtual Machines Security Internals: Detection and Exploitation
Virtual Machines Security Internals: Detection and Exploitation Virtual Machines Security Internals: Detection and Exploitation
Virtual Machines Security Internals: Detection and Exploitation
Mattia Salvi
 
Chroot Protection and Breaking
Chroot Protection and BreakingChroot Protection and Breaking
Chroot Protection and Breaking
Anton Chuvakin
 
Futex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsFutex Scaling for Multi-core Systems
Futex Scaling for Multi-core Systems
Davidlohr Bueso
 
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Paula Januszkiewicz
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
Paula Januszkiewicz
 

Recommandé

Sattt
SatttSattt
Sattt
satya0564
 
Talk of the hour, the wanna crypt ransomware
Talk of the hour, the wanna crypt ransomwareTalk of the hour, the wanna crypt ransomware
Talk of the hour, the wanna crypt ransomware
shubaira
 
Survey/analysis of the QNX Neutrino Secure Kernel
Survey/analysis of the QNX Neutrino Secure KernelSurvey/analysis of the QNX Neutrino Secure Kernel
Survey/analysis of the QNX Neutrino Secure Kernel
Apollo_n
 
Virtual Machines Security Internals: Detection and Exploitation
Virtual Machines Security Internals: Detection and Exploitation Virtual Machines Security Internals: Detection and Exploitation
Virtual Machines Security Internals: Detection and Exploitation
Mattia Salvi
 
Chroot Protection and Breaking
Chroot Protection and BreakingChroot Protection and Breaking
Chroot Protection and Breaking
Anton Chuvakin
 
Futex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsFutex Scaling for Multi-core Systems
Futex Scaling for Multi-core Systems
Davidlohr Bueso
 
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Paula Januszkiewicz
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
Paula Januszkiewicz
 
Empire Character Status Infographic
Empire Character Status InfographicEmpire Character Status Infographic
Empire Character Status Infographic
Empire Boo Boo Kitty
 
View british f1 grand prix 2015
View british f1 grand prix 2015View british f1 grand prix 2015
View british f1 grand prix 2015
jhonsonroberts34
 
Rachel Cardenas resume
Rachel Cardenas resumeRachel Cardenas resume
Rachel Cardenas resume
Rachel Reta
 
Kim's Reference Letter
Kim's Reference LetterKim's Reference Letter
Kim's Reference Letter
Kim Burgener
 
CV
CVCV
CV
Samantha McCarthy
 
3Q15 Results Presentation
3Q15 Results Presentation3Q15 Results Presentation
3Q15 Results Presentation
TegmaRI
 
Eje
EjeEje
Eje
lauraprofesorageh
 
CON 121 Session 3 - Standards and Evaluation
CON 121 Session 3 - Standards and EvaluationCON 121 Session 3 - Standards and Evaluation
CON 121 Session 3 - Standards and Evaluation
alpenaccedu
 
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
European School of Oncology
 
New Targets & New Drugs in Hepatocellular carcinoma
New Targets & New Drugs in Hepatocellular carcinomaNew Targets & New Drugs in Hepatocellular carcinoma
New Targets & New Drugs in Hepatocellular carcinoma
Prof. Eric Raymond Oncologie Medicale
 
Administering Remote System in Linux
Administering Remote System in Linux Administering Remote System in Linux
Administering Remote System in Linux
Mohammed Yazdani
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
Shawn Wells
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security
Cedar Consulting
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
devilback
 
2600 v03 n07 (july 1986)
2600 v03 n07 (july 1986)2600 v03 n07 (july 1986)
2600 v03 n07 (july 1986)
Felipe Prado
 
4 Types Of Desktop Virtualization .pdf
4 Types Of Desktop Virtualization .pdf4 Types Of Desktop Virtualization .pdf
4 Types Of Desktop Virtualization .pdf
Host It Smart
 
PPT_Compiled
PPT_CompiledPPT_Compiled
PPT_Compiled
Avineshwar Singh
 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
shreyng
 
Purple Teaming With Adversary Emulation.pdf
Purple Teaming With Adversary Emulation.pdfPurple Teaming With Adversary Emulation.pdf
Purple Teaming With Adversary Emulation.pdf
prithaaash
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...
Dana Gardner
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating System
Digital River
 
The Duqu 2.0: Technical Details
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
Kaspersky
 

Contenu connexe

En vedette

Rachel Cardenas resume
Rachel Cardenas resumeRachel Cardenas resume
Rachel Cardenas resume
Rachel Reta
 
Kim's Reference Letter
Kim's Reference LetterKim's Reference Letter
Kim's Reference Letter
Kim Burgener
 
CON 121 Session 3 - Standards and Evaluation
CON 121 Session 3 - Standards and EvaluationCON 121 Session 3 - Standards and Evaluation
CON 121 Session 3 - Standards and Evaluation
alpenaccedu
 
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
European School of Oncology
 
New Targets & New Drugs in Hepatocellular carcinoma
New Targets & New Drugs in Hepatocellular carcinomaNew Targets & New Drugs in Hepatocellular carcinoma
New Targets & New Drugs in Hepatocellular carcinoma
Prof. Eric Raymond Oncologie Medicale
 

En vedette (10)

Empire Character Status Infographic
Empire Character Status InfographicEmpire Character Status Infographic
Empire Character Status Infographic
 
View british f1 grand prix 2015
View british f1 grand prix 2015View british f1 grand prix 2015
View british f1 grand prix 2015
 
Rachel Cardenas resume
Rachel Cardenas resumeRachel Cardenas resume
Rachel Cardenas resume
 
Kim's Reference Letter
Kim's Reference LetterKim's Reference Letter
Kim's Reference Letter
 
CV
CVCV
CV
 
3Q15 Results Presentation
3Q15 Results Presentation3Q15 Results Presentation
3Q15 Results Presentation
 
Eje
EjeEje
Eje
 
CON 121 Session 3 - Standards and Evaluation
CON 121 Session 3 - Standards and EvaluationCON 121 Session 3 - Standards and Evaluation
CON 121 Session 3 - Standards and Evaluation
 
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
Medical Students 2011 - A. Cervantes - GASTROINTESTINAL CANCER - Hepatocellul...
 
New Targets & New Drugs in Hepatocellular carcinoma
New Targets & New Drugs in Hepatocellular carcinomaNew Targets & New Drugs in Hepatocellular carcinoma
New Targets & New Drugs in Hepatocellular carcinoma
 

Similaire à Controlling The Core

Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
devilback
 
The Duqu 2.0: Technical Details
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
Kaspersky
 
Report_Honeypots_Trojans_Spyware
Report_Honeypots_Trojans_SpywareReport_Honeypots_Trojans_Spyware
Report_Honeypots_Trojans_Spyware
Shan Kumar
 
Microsoft Operating System Vulnerabilities
Microsoft Operating System VulnerabilitiesMicrosoft Operating System Vulnerabilities
Microsoft Operating System Vulnerabilities
Information Technology
 
WebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for CodeWebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for Code
All Things Open
 

Similaire à Controlling The Core (20)

Administering Remote System in Linux
Administering Remote System in Linux Administering Remote System in Linux
Administering Remote System in Linux
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
 
2600 v03 n07 (july 1986)
2600 v03 n07 (july 1986)2600 v03 n07 (july 1986)
2600 v03 n07 (july 1986)
 
4 Types Of Desktop Virtualization .pdf
4 Types Of Desktop Virtualization .pdf4 Types Of Desktop Virtualization .pdf
4 Types Of Desktop Virtualization .pdf
 
PPT_Compiled
PPT_CompiledPPT_Compiled
PPT_Compiled
 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
 
Purple Teaming With Adversary Emulation.pdf
Purple Teaming With Adversary Emulation.pdfPurple Teaming With Adversary Emulation.pdf
Purple Teaming With Adversary Emulation.pdf
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating System
 
The Duqu 2.0: Technical Details
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
 
Security on z/OS
Security on z/OSSecurity on z/OS
Security on z/OS
 
Report_Honeypots_Trojans_Spyware
Report_Honeypots_Trojans_SpywareReport_Honeypots_Trojans_Spyware
Report_Honeypots_Trojans_Spyware
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systems
 
Qubes os presentation_to_clug_20150727
Qubes os presentation_to_clug_20150727Qubes os presentation_to_clug_20150727
Qubes os presentation_to_clug_20150727
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 
Microsoft Operating System Vulnerabilities
Microsoft Operating System VulnerabilitiesMicrosoft Operating System Vulnerabilities
Microsoft Operating System Vulnerabilities
 
Microsoft OS Vulnerabilities
Microsoft OS VulnerabilitiesMicrosoft OS Vulnerabilities
Microsoft OS Vulnerabilities
 
WebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for CodeWebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for Code
 

Controlling The Core

  • 1. Controlling the Core Regardlessof whetheranapplicationsolutionsuiteishostedonpremise,inthe cloudorsome combinationof the two,someone somewhere still needstoaccessserverspace toperformthe basic functionsof installation,configuration,andmaintenance. Of course incloudspace thismay be somebodyelse’sproblemwhile inonpremisespace the responsibility maybe squarelyonyour shoulders. Computersecurityhasnotchangedmuch inthe past generationsof hardware spinningandoperating systemre-inventing. The currentaccessmodel still usesthe same authenticationcomponentsof somethingyouare,somethingyou have,orsomethingyouknow withthe mostbasicandeasiest offeringbeingausername andpassword combination. Onthe authorizationfrontwe still have userand groupID’s for UNIX and a plethoraof fine-grainedpre-definedaccessrightsforMicrosoftWindows. While the standardtriedandtrue residentsecuritysystemsare quite goodforblocking aberrantaccess at most levels,everyoperatingsystemhasone securityhole thatisthe holygrail of rogue access. On UNIX thisisroot and onMicrosoft WindowsthisisAdministrator. Sure,the namescanchange to protectthe innocent(renamingAdministrator,forexample) butonce kernel-levelaccesshasbeen attainedthenthe worldisthe infiltrator’soystertobe consumedslowlyandwithsavor. In the not toodistantpast,wavesof technologieswereintroducedtoauditthe activityof keyplayers. It was believedthatif one couldreviewwhathappenedduringamaliciouseventthenthe exposure could be mitigatedsomewhattorecoverassetsandpreventfuture failures. Recordingactivityisaverygood wayto watch the good guysdo goodthingsfor compliance auditability,butitdoesnothingtoprevent the trulymaliciousadministratorfromjustplaincopyingorwipinganentire system. Simplyput, auditingisakinto watching a videoof your100 inch televisionwalkoutyourfrontdoorwithabsolutely no powerto blockthe exit. To counterthe audit-onlymodel andbringascopedlimitationtosensitive accountaccess,CA Privileged IdentityManager(PIM) wasintroduced. The termPIMhas seenseveral iterationsfromSharedAccount Management(SAM) toPrivilegedAccessManagement (PAM) andbackto PIM. But,while the acronyms have changed,the concepthas remainedthe same. Basically,grantuberaccessto those usersthat require suchaccessbut control the grantingto a pre-definedprotocol. In the UNIXworldthismeansthat the root userhas the abilitytologin as root,but onlyif someone else agreesto,or grants,the permissiontodoso. Since multiple administratorsmayneedtoaccessthe root account,the account isknownas being“shared”;hence the Sharedasinthe SAMacronym. The PIM model,then,givesauserthe keyto the front door,a lockedclosetorsafe; and allowsthatuser to access the facility. Youmayhave multiple userswiththe same keyinthe same space atthe same time,butpropermonitoring(auditing,recording) will show whateachindividual isdoing.
  • 2. Now,inall honesty,UNIXandLinux have done a fine jobof removingthe usernamed“root”fromthe requirementof beingdirectlyaccessed. Specifically,the currentsecure shell (SSH) offeringscanprohibit directroot logon, andthe sudo(superuserdo) facilityenablesa“common”userto performroot-level functionssimplybyissuingagreedupon,orgranted,commands. SeLinuxisinthe offering,aswell. And, as mentioned,MicrosoftWindowshasaverynice array of roles thatmay be assignedtoenable usersto have quite a range of privileges. So,we nowhave bothUNIX andMicrosoft Windowswithadministrative scope limitingresidentsecurity systemabilities,aPIMmodel tolimituberaccessinadditiontothe residentsecuritymodel,and monitoringtorecordall activities. Great! Well,no. The precedingkeepshonestpeople honestbutdoesnotaddresswhathappenswhenyetone more hole isexposed. And,yes,the axiomof all software is that“there isalwaysone more bugor one more hole.” So,whetheritisa bufferoverflowexposureorsome otherobscure entrypoint,youcanbe assuredthat someone somewherewillfindsomethingthatisnotgood. ZeroDay attacks are no longerinfrequentbutsufficientlycommontofinallymake exposedfinancial data a Dark Webcommodity. And,yes,phishingisaprimaryentrypoint;hence the commentaboutPIM and recordingkeepinghonestpeoplehonest. CA Technologies(CA) PrivilegedIdentityManagerisa servercentricsecurityofferingthathasthe power to scope root on UNIXand AdministratoronMicrosoftWindows. The operative wordshere are “server centric”and “scope”. Simplyput the servercomponentof CA PrivilegedIdentityManagerworksat a level thatwill blockevenaroot shell accesscompromise. The way thisworksisnot magic butis basedonkernel levelsyscall interceptscombinedwithatwo- factor useridentificationmodel. Upon serverlogon,CA PrivilegedIdentityManagercapturesthe logginginuserandwritesthatdatum to a private internal table. The usernotedinthe initial logoneventisthe userthatisthenchecked againstresource accessauthorizations. For example,if Alice logsonandsu’sto root,CA PrivilegedIdentityManagerwill know the userasAlice while UNIX will knowthe userasroot. So, forall UNIX activities,the currentshellistreatedasroot. But, and thisisa verybigand veryprotective but,if there are private datathatshouldonlybe accessedby Alice thenanyother“root” userwill nothave the abilitytoaccessthose data. Evenif a “true root” logs inthat userwill notbe able to access Alice’sdata. Where thismulti-level accessscopingisveryimportantisinthe situationwhere trulyprivatedata shouldbe maintainedastrulyprivate data. Justbecause ashell canrationallygainaccessto or usurp kernel level accessshouldnotmeanthatthe shell shouldbe able toaccessprotecteddata. Thinkaboutit.
  • 3. In closing,the above discusseda bitusingUNIXexamplesbutasgoesUNIXso goesMicrosoftWindows. The verysame securityofferingsare common inbothoperatingsystemssoitispossible toensure that Alice’sdataare protectedonboth UNIXand MicrosoftWindows. And,yes,CA TechnologieshasaPIMofferingasdoesCyberArk, Lieberman,andothers. But,this discussiondealswithcontrollingthe core dataaccess whichisfundamental toall serversuitesand shouldbe considered regardlessof the PIMproviderinuse. DennisPierce IT SecurityArchitect