Transcript Win32 Programming
Host and Application Security
Lesson 3: What is Information?
Two questions that merit discussion
What do we mean when we talk about information?
What do we _really_ mean when we talk about something being a computer?
First, what is information?
Claude Shannon helped us out with this in his excellent paper “The Mathematical Theory of Communication” Weaver: Level A: How accurately can the symbols of communication be transmitted? (The technical problem) Level B: How precisely do the transmitted symbols convey the desired meaning? (The semantic problem) Level C: How effectively does the received meaning affect the conduct in the desired way? (The effectiveness problem)
However…
Most of the theoretical and practical work from this deals with the Level A problem: essentially, bits flowing on a wire This is important from a security perspective, but it’s not the whole story
More xkcd
Level A: Transmitting Symbols
Imagine we have a simple noiseless system that transmits only English words as defined in a particular dictionary This higher-level meaning reduces the actual channel capacity
How this fits with Security
Implications are interesting; we can keep our “secret” but still leak information Examples?
Whenever we think about application security and host security we need to think hard about what information is…
Now… what is a computer?
At the abstract level, we’re talking about Turing Machines Note that this is anything but the universal model of computation
The Turing Machine
More precisely, a Turing machine consists of: A tape which is divided into cells, one next to the other. Each cell contains a symbol from some finite alphabet. The alphabet contains a special blank symbol (here written as 'B') and one or more other symbols. The tape is assumed to be arbitrarily extendable to the left and to the right, i.e., the Turing machine is always supplied with as much tape as it needs for its computation. Cells that have not been written to before are assumed to be filled with the blank symbol. In some models the tape has a left end marked with a special symbol; the tape extends or is indefinitely extensible to the right.
A head that can read and write symbols on the tape and move the tape left and right one (and only one) cell at a time. In some models the head moves and the tape is stationary.
A finite table (occasionally called an action table or transition function) of instructions (usually quintuples [5-tuples] : q i a j →q i1 a j1 d k , but sometimes 4-tuples) that, given the state(q i ) the machine is currently in and the symbol(a j ) it is reading on the tape (symbol currently under the head) tells the machine to do the following in sequence (for the 5-tuple models): Either erase or write a symbol (instead of a j , write a j1 ), and then Move the head (which is described by d same place), and then k and can have values: 'L' for one step left or 'R' for one step right or 'N' for staying in the Assume the same or a new state as prescribed (go to state q i1 ).
In the 4-tuple models, erase or write a symbol (aj1) and move the head left or right (dk) are specified as separate instructions. Specifically, the table tells the machine to (ia) erase or write a symbol or (ib) move the head left or right, and then (ii) assume the same or a new state as prescribed, but not both actions (ia) and (ib) in the same instruction. In some models, if there is no entry in the table for the current combination of symbol and state then the machine will halt; other models require all entries to be filled.
A state register that stores the state of the Turing machine, one of finitely many. There is one special start state with which the state register is initialized. Source: Wikipedia Also, let’s look at: http://www.youtube.com/watch?v=E3keLeMwfHY
Observation
When we think about computing like this, some of the “magic” disappears How does this help us
think
about security?
Now, let’s have some fun…
Define computation?
Broad definition or narrow?
Digital (abacus) versus analog (nomograph) Is this calculation?
Does this compute?
“For example, it now appears that primary visual cortex (area V1) does a Gaborwavelet transform (Daugman 1984, 1985a, 1985b, 1988). That is, it implements a particular mathematical operation, and that seems to be its purpose in the visual system. It is natural and informative to say that it
computes
a Gabor-wavelet transform. However, to apply the narrower definition of computation, we would have to understand the actual mechanism in the brain before we could say this. If we found a discrete process fitting the assumptions of the Church-Turing thesis, we could call it a computation, otherwise we would have to call it something else (a “pseudo-computation”?). But this seems to be perverse. Surely it is more informative and accurate to say that V1 is computing a Gaborwavelet transform, regardless of whether the underlying technology is “digital” or “analog.” Natural Computation and non-Turing models of Computation – Bruce MacLennan
With that out of the way…
What does this tell us about host protection?
Can we reflect this to the larger system?
Intel Privilege Levels
Source: Intel® 64 and IA-32 Architectures Software Developer’s Manual