Abstract image of a woman sitting on books and studying on a laptop

Protection and security of operating system

Download as PPTX, PDF
Abdullah Khosa, profile picture
Abdullah Khosa

The document discusses the protection and security mechanisms of operating systems, emphasizing the importance of controlling access to resources to prevent unauthorized use. It explains concepts such as the principle of least privilege, access control models like role-based and capability-based systems, and various security measures to protect against threats. Additionally, it categorizes security violations and highlights the role of the security kernel and user authentication in maintaining system integrity.

Education
1 of 28
Downloaded 68 times
1
2
3
4
5
6
7
8
9
10
Most read
11
12
13
14
Most read
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Most read
Group No.5 Name • Muhammad Abdullah • Sarmad Ali • Hashaam Altaf • Hanif Shah • Noman Rasool • Imran Ahmed Roll No. • 02 • 01 • 38 • 45 • 25 • 46
Topic: Protection and Security of Operating System
Muhammad Abdullah
Protection: •Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system.
Goals of Protection: •As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. •We need to provide protection for several reasons. The most obvious is the need to prevent the mischievous, intentional violation of an access restriction by user. • An unprotected resource cannot defend against use (or misuse) by an unauthorized or incompetent user. •The role of protection in a computer system is to provide a mechanism for the enforcement of the policies governing resource use.
Principles of Protection: •The time-tested guiding principle for protection is the Principle of least privilege. It dictates that programs, users, and even systems be given just enough privileges to perform their tasks. •An operating system following the principle of least privilege implements its features, programs, system calls, and data structures so that failure or compromise of a component does the minimum damage and allows the minimum damage to be done.
Domain of Protection: •A computer system is a collection of processes and objects. By objects, we mean both hardware objects (such as the CPU, printer) and software objects(such as files, programs). •Each object has a unique name that differentiates it from all other objects in the system, and each can be accessed only through well-defined and meaningful operations.
Domain Structures. •Each domain defines a set of objects and the types of operations that may be invoked on each object. • The ability to execute an operation on an object is an access right. •A domain can be realized in a variety of ways: •Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user. •Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process.
Cont… •For example, if domain D has the access right <file F, {read, write}>, then a process executing in domain D can both read and write file F; it cannot, however, perform any other operation on that object.
Example: UNIX System: •In the UNIX operating system, a domain is associated with the user •In Unix operating system user ID’s use for identify the domain.
Hashaam Altaf
Access Matrix: •Our model of protection can be viewed abstractly as a matrix, called an Access Matrix. The column of the access matrix represent domains, and the rows represent objects. Each entry in the matrix consists of a set of access rights.
Access Control: •Access Control is to control which objects a given program can access, and in what ways. Objects are things like files, sound cards, other programs, the network, your modem etc. •When we talk about ``controlling access,'' we are really talking about four kinds of things: i) Preventing access. ii) Limiting access. iii) Granting access . iv) Revoking access.
Cont... •A good example of this is found in Solaris 10. •Solaris uses Role-based access control(RBAC) to adding the principle. •Role-based access control (RBAC) is a security feature for controlling user access to tasks that would normally be restricted to the root user. • In conventional UNIX systems, the root user, also referred to as superuser. The root user has the ability to read and write to any file, run all programs, and send kill signals to any process.
Syed Muhammad Hanif Shah
Capability-based Systems: •In a capability-based computer system, all access to objects is done through capabilities, and capabilities provide the only means of accessing objects. In such a system, every program holds a set of capabilities. •If program A holds a capability to talk to program B, then the two programs can grant capabilities to each other. •In most capability-based systems, a program can hold an infinite number of capabilities. Such systems have tended to be slow.
Cont... •A better design allows each program to hold a fixed (and small -- like 16 or 32) number of capabilities, and provides a means for storing additional capabilities if they are needed. •Here two example are discuss •Cambridge CAP System. •Hydra
Cambridge CAP System: •The Cambridge CAP computer was the first successful experimental computer that demonstrated the use of security capabilities, both in hardware and software . •The CAP system was designed such that any access to a memory segment or hardware required that the current process held the necessary capabilities. •CAP has two kinds of capabilities. •Data Capability. •Software Capability.
Cont… •Data Capability: It can be used to provide access to objects, but the only rights provided are the standard read, write, and execute of the individual storage segments associated with the object. •Software Capability: It is a protected procedure, which may be written by an application programmer as part of a subsystem. A particular kind of rights amplification is associated with a protected procedure. When executing the code, a process temporarily acquires the right to read or write the contents of a software capability itself.
Noman Rasool
Hydra: •Hydra is a capability-based protection system that provides considerable flexibility. The system implements a fixed set of possible access rights. • In addition, a user can declare other rights. The interpretation of user-defined rights is performed by the user's program, but the system provides access protection for the use of these rights.
Language Based Protection: •As operating systems have become more complex, and particularly as they have attempted to provide higher-level user interfaces, the goals of protection have become much more refined. The designers of protection systems have drawn heavily on ideas that originated in programming languages and especially on the concepts of abstract data types and objects. •There must be a protection policy to control the access of user defined programs.
Cont… • Protection systems are now concerned not only with the identity of a resource to which access is attempted but also with the functional nature of that access. •It is usually achieved through an operating-system kernel, which acts as a security agent to inspect and validate each attempt to access a protected resource.
SECURITY • ensure that each object is accessed correctly and only by those processes of authorized users that are allowed to do so. Security violation of the System can be categorized as: • Breach of Confidentiality: Unauthorized reading of data. • Breach of Integrity: Unauthorized modification of data. • Breach of Availability: Unauthorized destruction of data. • Theft of Service: Unauthorized use of resources. • Denial of service: Preventing legitimate use of the system.
Imran Ahmed
Security Measures • Physical: Both the machine rooms and the terminals or workstations that have access to the machines must be secures from physical entry. • Human: Authorization must be done carefully to ensure that only appropriate users have access to the system. • Operating System: The system must protect itself from accidental or purposeful security breaches. • Network: protection from the travel of data to private leased lines like Internet. • User Authentication: User should use some password or biometric authentications to protect the System.
Security Kernal • Responsible for implementing the security mechanisms of the entire operating system. • Provides the security interfaces among the hardware, the operating system, and the other parts of the computing system. Program Threats: • Virus dropper inserts virus onto the system. Use backdoor to access data. • Trojan Horse: A code segment that misuses its environment is called a Trojan horse. Trap Doors: user’s access privileges code into program. • Virus: A virus is a fragment of code embedded in a legitimate programs. They can wreck havoc in a system by modifying or destroying files and causing system crashes program malfunctions.
System and Network Threats • System and network threats create situation in which operating system resources and user files are misused. • Worms: A worm is a process that uses the spawn mechanism to duplicate itself. The worm spawns copies of itself using up system resources and perhaps locking out all other processes.

More Related Content

PPTX
Deadlocks in operating system
Sara Ali
 
PPTX
Mobile cloud Computing
Pooja Sharma
 
PPTX
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
PPTX
Paging and segmentation
Piyush Rochwani
 
PPTX
Windows operating system
Leah Gonzales
 
PPT
Eidws 107 information assurance
IT2Alcorn
 
PPT
Protection and Security in Operating Systems
vampugani
 
PDF
Lecture5 virtualization
hktripathy
 
Deadlocks in operating system
Sara Ali
 
Mobile cloud Computing
Pooja Sharma
 
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Paging and segmentation
Piyush Rochwani
 
Windows operating system
Leah Gonzales
 
Eidws 107 information assurance
IT2Alcorn
 
Protection and Security in Operating Systems
vampugani
 
Lecture5 virtualization
hktripathy
 

What's hot (20)

PPTX
System security
invertis university
 
PPTX
Operating system security
Ramesh Ogania
 
PPTX
Types of attacks
Vivek Gandhi
 
PPTX
Distributed file system
Anamika Singh
 
PPTX
Introduction to Distributed System
Sunita Sahu
 
PPTX
Database Security
ShingalaKrupa
 
PPTX
Introduction to Network Security
John Ely Masculino
 
PDF
8. mutual exclusion in Distributed Operating Systems
Dr Sandeep Kumar Poonia
 
PPTX
Structure of shared memory space
Coder Tech
 
PPTX
Basic concepts in computer security
Arzath Areeff
 
PPTX
Protection and security
mbadhi
 
PPTX
Computer security concepts
Prachi Gulihar
 
PPTX
Goals of protection
veena ali
 
PPT
Operating system support in distributed system
ishapadhy
 
PPTX
Database security
Software Engineering
 
PPTX
Access Controls
primeteacher32
 
PDF
CS9222 Advanced Operating System
Kathirvel Ayyaswamy
 
PPTX
System security
sommerville-videos
 
PPTX
System Security-Chapter 1
Vamsee Krishna Kiran
 
PPT
Network security
Gichelle Amon
 
System security
invertis university
 
Operating system security
Ramesh Ogania
 
Types of attacks
Vivek Gandhi
 
Distributed file system
Anamika Singh
 
Introduction to Distributed System
Sunita Sahu
 
Database Security
ShingalaKrupa
 
Introduction to Network Security
John Ely Masculino
 
8. mutual exclusion in Distributed Operating Systems
Dr Sandeep Kumar Poonia
 
Structure of shared memory space
Coder Tech
 
Basic concepts in computer security
Arzath Areeff
 
Protection and security
mbadhi
 
Computer security concepts
Prachi Gulihar
 
Goals of protection
veena ali
 
Operating system support in distributed system
ishapadhy
 
Database security
Software Engineering
 
Access Controls
primeteacher32
 
CS9222 Advanced Operating System
Kathirvel Ayyaswamy
 
System security
sommerville-videos
 
System Security-Chapter 1
Vamsee Krishna Kiran
 
Network security
Gichelle Amon
 
Ad

Similar to Protection and security of operating system (20)

PPT
Protection
Mohanlal Sukhadia University (MLSU)
 
PPTX
protection-151130150434-lva1-app6891.ppt_20240605_104455_0000.pptx
abidwaqar4554
 
PPTX
System protection in Operating System
sohaildanish
 
PPTX
Protection Domain and Access Matrix Model -Operating System
LalfakawmaKh
 
PPT
Chapter Last.ppt
miki304759
 
PPTX
System Security Sem 2(Module 1).pptx
rahulkumarcscsf21
 
PPTX
Operating Systems Protection and Security
Sivakumar M
 
PPT
3. security architecture and models
7wounders
 
PPTX
Computer , Internet and physical security.
Ankur Kumar
 
PPT
Os8
gopal10scs185
 
PPT
Os8
gopal10scs185
 
PPTX
Enumeration and system hacking
begmohsin
 
PPT
Introduction to Operating Systems - Mary Margarat
Mary Margarat
 
PPTX
Least privilege, access control, operating system security
Prachi Gulihar
 
PPT
Security (IM).ppt
GooglePay16
 
PPTX
File Protection in Operating System
Meghaj Mallick
 
PDF
Design and Analyze Secure Networked Systems - 7
Don Kim
 
PPTX
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
PPTX
securityandprotection Design Principles Of Security
ankitashah871482
 
PPTX
Security Environment, Design Principles Of Security
ankitashah871482
 
Protection
Mohanlal Sukhadia University (MLSU)
 
protection-151130150434-lva1-app6891.ppt_20240605_104455_0000.pptx
abidwaqar4554
 
System protection in Operating System
sohaildanish
 
Protection Domain and Access Matrix Model -Operating System
LalfakawmaKh
 
Chapter Last.ppt
miki304759
 
System Security Sem 2(Module 1).pptx
rahulkumarcscsf21
 
Operating Systems Protection and Security
Sivakumar M
 
3. security architecture and models
7wounders
 
Computer , Internet and physical security.
Ankur Kumar
 
Os8
gopal10scs185
 
Os8
gopal10scs185
 
Enumeration and system hacking
begmohsin
 
Introduction to Operating Systems - Mary Margarat
Mary Margarat
 
Least privilege, access control, operating system security
Prachi Gulihar
 
Security (IM).ppt
GooglePay16
 
File Protection in Operating System
Meghaj Mallick
 
Design and Analyze Secure Networked Systems - 7
Don Kim
 
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
securityandprotection Design Principles Of Security
ankitashah871482
 
Security Environment, Design Principles Of Security
ankitashah871482
 
Ad

More from Abdullah Khosa (20)

PDF
Chanel and H&M Brand Comparison.pdf
Abdullah Khosa
 
PPTX
Mycin presentation
Abdullah Khosa
 
PPTX
Policy directives of federal government of pakistan for Enterprise Architecture
Abdullah Khosa
 
PPTX
Face to Face Communication and Text Based Communication in HCI
Abdullah Khosa
 
PPT
STRATEGIC PAY PLANS
Abdullah Khosa
 
PPTX
AI services in google
Abdullah Khosa
 
PPTX
Cloud Artificial Intelligence services
Abdullah Khosa
 
PPTX
Digital centralization
Abdullah Khosa
 
PPTX
Diamond water-paradox (A Theory)
Abdullah Khosa
 
PPTX
The 5th generation (5G)
Abdullah Khosa
 
PDF
Report of database of list of Pakistan international cricket stadiums
Abdullah Khosa
 
PPTX
Database of list of Pakistan international cricket stadiums
Abdullah Khosa
 
PPTX
Attitude and behavior
Abdullah Khosa
 
PPTX
Digital signature
Abdullah Khosa
 
PDF
Benefits of Search engine optimization
Abdullah Khosa
 
PDF
Physical Database Design & Performance
Abdullah Khosa
 
PDF
Advanced Normalization
Abdullah Khosa
 
PDF
Relational Algebra & Calculus
Abdullah Khosa
 
PDF
Advance database system(part 8)
Abdullah Khosa
 
PDF
Advance database system(part 7)
Abdullah Khosa
 
Chanel and H&M Brand Comparison.pdf
Abdullah Khosa
 
Mycin presentation
Abdullah Khosa
 
Policy directives of federal government of pakistan for Enterprise Architecture
Abdullah Khosa
 
Face to Face Communication and Text Based Communication in HCI
Abdullah Khosa
 
STRATEGIC PAY PLANS
Abdullah Khosa
 
AI services in google
Abdullah Khosa
 
Cloud Artificial Intelligence services
Abdullah Khosa
 
Digital centralization
Abdullah Khosa
 
Diamond water-paradox (A Theory)
Abdullah Khosa
 
The 5th generation (5G)
Abdullah Khosa
 
Report of database of list of Pakistan international cricket stadiums
Abdullah Khosa
 
Database of list of Pakistan international cricket stadiums
Abdullah Khosa
 
Attitude and behavior
Abdullah Khosa
 
Digital signature
Abdullah Khosa
 
Benefits of Search engine optimization
Abdullah Khosa
 
Physical Database Design & Performance
Abdullah Khosa
 
Advanced Normalization
Abdullah Khosa
 
Relational Algebra & Calculus
Abdullah Khosa
 
Advance database system(part 8)
Abdullah Khosa
 
Advance database system(part 7)
Abdullah Khosa
 

Recently uploaded (20)

PPTX
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PDF
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
PPTX
History, Philosophy and sociology of education (1).pptx
tmdth1
 
PDF
HVAC Specification 2024 according to central public works department
amitrobanipl
 
PPTX
Onco Emergencies - Spinal cord compression Superior vena cava syndrome Febr...
Medpopz
 
PDF
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
PDF
advance database management system book.pdf
hinamannan364
 
PDF
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
PDF
Practical Manual AGRO-233 Principles and Practices of Natural Farming
MilindKhedekar2
 
DOC
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
PPTX
ELIAS-SEZIURE AND EPilepsy semmioan session.pptx
eyoba2172
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
PDF
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
PDF
ChatGPT for Dummies - Pam Baker Ccesa007.pdf
Demetrio Ccesa Rayme
 
PDF
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
PPTX
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
PPTX
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
PDF
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
History, Philosophy and sociology of education (1).pptx
tmdth1
 
HVAC Specification 2024 according to central public works department
amitrobanipl
 
Onco Emergencies - Spinal cord compression Superior vena cava syndrome Febr...
Medpopz
 
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
advance database management system book.pdf
hinamannan364
 
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
Practical Manual AGRO-233 Principles and Practices of Natural Farming
MilindKhedekar2
 
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
ELIAS-SEZIURE AND EPilepsy semmioan session.pptx
eyoba2172
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
ChatGPT for Dummies - Pam Baker Ccesa007.pdf
Demetrio Ccesa Rayme
 
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 

Protection and security of operating system

  • 1. Group No.5 Name • Muhammad Abdullah • Sarmad Ali • Hashaam Altaf • Hanif Shah • Noman Rasool • Imran Ahmed Roll No. • 02 • 01 • 38 • 45 • 25 • 46
  • 2. Topic: Protection and Security of Operating System
  • 4. Protection: •Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system.
  • 5. Goals of Protection: •As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. •We need to provide protection for several reasons. The most obvious is the need to prevent the mischievous, intentional violation of an access restriction by user. • An unprotected resource cannot defend against use (or misuse) by an unauthorized or incompetent user. •The role of protection in a computer system is to provide a mechanism for the enforcement of the policies governing resource use.
  • 6. Principles of Protection: •The time-tested guiding principle for protection is the Principle of least privilege. It dictates that programs, users, and even systems be given just enough privileges to perform their tasks. •An operating system following the principle of least privilege implements its features, programs, system calls, and data structures so that failure or compromise of a component does the minimum damage and allows the minimum damage to be done.
  • 7. Domain of Protection: •A computer system is a collection of processes and objects. By objects, we mean both hardware objects (such as the CPU, printer) and software objects(such as files, programs). •Each object has a unique name that differentiates it from all other objects in the system, and each can be accessed only through well-defined and meaningful operations.
  • 8. Domain Structures. •Each domain defines a set of objects and the types of operations that may be invoked on each object. • The ability to execute an operation on an object is an access right. •A domain can be realized in a variety of ways: •Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user. •Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process.
  • 9. Cont… •For example, if domain D has the access right <file F, {read, write}>, then a process executing in domain D can both read and write file F; it cannot, however, perform any other operation on that object.
  • 10. Example: UNIX System: •In the UNIX operating system, a domain is associated with the user •In Unix operating system user ID’s use for identify the domain.
  • 12. Access Matrix: •Our model of protection can be viewed abstractly as a matrix, called an Access Matrix. The column of the access matrix represent domains, and the rows represent objects. Each entry in the matrix consists of a set of access rights.
  • 13. Access Control: •Access Control is to control which objects a given program can access, and in what ways. Objects are things like files, sound cards, other programs, the network, your modem etc. •When we talk about ``controlling access,'' we are really talking about four kinds of things: i) Preventing access. ii) Limiting access. iii) Granting access . iv) Revoking access.
  • 14. Cont... •A good example of this is found in Solaris 10. •Solaris uses Role-based access control(RBAC) to adding the principle. •Role-based access control (RBAC) is a security feature for controlling user access to tasks that would normally be restricted to the root user. • In conventional UNIX systems, the root user, also referred to as superuser. The root user has the ability to read and write to any file, run all programs, and send kill signals to any process.
  • 16. Capability-based Systems: •In a capability-based computer system, all access to objects is done through capabilities, and capabilities provide the only means of accessing objects. In such a system, every program holds a set of capabilities. •If program A holds a capability to talk to program B, then the two programs can grant capabilities to each other. •In most capability-based systems, a program can hold an infinite number of capabilities. Such systems have tended to be slow.
  • 17. Cont... •A better design allows each program to hold a fixed (and small -- like 16 or 32) number of capabilities, and provides a means for storing additional capabilities if they are needed. •Here two example are discuss •Cambridge CAP System. •Hydra
  • 18. Cambridge CAP System: •The Cambridge CAP computer was the first successful experimental computer that demonstrated the use of security capabilities, both in hardware and software . •The CAP system was designed such that any access to a memory segment or hardware required that the current process held the necessary capabilities. •CAP has two kinds of capabilities. •Data Capability. •Software Capability.
  • 19. Cont… •Data Capability: It can be used to provide access to objects, but the only rights provided are the standard read, write, and execute of the individual storage segments associated with the object. •Software Capability: It is a protected procedure, which may be written by an application programmer as part of a subsystem. A particular kind of rights amplification is associated with a protected procedure. When executing the code, a process temporarily acquires the right to read or write the contents of a software capability itself.
  • 21. Hydra: •Hydra is a capability-based protection system that provides considerable flexibility. The system implements a fixed set of possible access rights. • In addition, a user can declare other rights. The interpretation of user-defined rights is performed by the user's program, but the system provides access protection for the use of these rights.
  • 22. Language Based Protection: •As operating systems have become more complex, and particularly as they have attempted to provide higher-level user interfaces, the goals of protection have become much more refined. The designers of protection systems have drawn heavily on ideas that originated in programming languages and especially on the concepts of abstract data types and objects. •There must be a protection policy to control the access of user defined programs.
  • 23. Cont… • Protection systems are now concerned not only with the identity of a resource to which access is attempted but also with the functional nature of that access. •It is usually achieved through an operating-system kernel, which acts as a security agent to inspect and validate each attempt to access a protected resource.
  • 24. SECURITY • ensure that each object is accessed correctly and only by those processes of authorized users that are allowed to do so. Security violation of the System can be categorized as: • Breach of Confidentiality: Unauthorized reading of data. • Breach of Integrity: Unauthorized modification of data. • Breach of Availability: Unauthorized destruction of data. • Theft of Service: Unauthorized use of resources. • Denial of service: Preventing legitimate use of the system.
  • 26. Security Measures • Physical: Both the machine rooms and the terminals or workstations that have access to the machines must be secures from physical entry. • Human: Authorization must be done carefully to ensure that only appropriate users have access to the system. • Operating System: The system must protect itself from accidental or purposeful security breaches. • Network: protection from the travel of data to private leased lines like Internet. • User Authentication: User should use some password or biometric authentications to protect the System.
  • 27. Security Kernal • Responsible for implementing the security mechanisms of the entire operating system. • Provides the security interfaces among the hardware, the operating system, and the other parts of the computing system. Program Threats: • Virus dropper inserts virus onto the system. Use backdoor to access data. • Trojan Horse: A code segment that misuses its environment is called a Trojan horse. Trap Doors: user’s access privileges code into program. • Virus: A virus is a fragment of code embedded in a legitimate programs. They can wreck havoc in a system by modifying or destroying files and causing system crashes program malfunctions.
  • 28. System and Network Threats • System and network threats create situation in which operating system resources and user files are misused. • Worms: A worm is a process that uses the spawn mechanism to duplicate itself. The worm spawns copies of itself using up system resources and perhaps locking out all other processes.