Operating System Security


Security means providing a security system to computer program resources such as CPU, memory, disk, software programs and most importantly the data / data stored in the computer system. If a computer program is run by an unauthorized user, it may cause serious damage to the computer or data stored on it. The computer system must therefore be protected from unauthorized access, improper access to system memory, viruses, worms etc. We will discuss the following articles in this chapter.

  • Authentication
  • One Time passwords
  • Program Threats
  • System Threats
  • Computer Security Classifications

Proof of authenticity

Authentication means identifying each user of the system and integrating action plans with those users. It is the job of the operating system to create a security system that ensures that the user who runs a particular system is genuine. Operating Systems typically identifies / authenticates users using the following three methods -

Username / Password - User needs to enter a registered username and password to log in to the application.

User / key card - The user needs to hit the card in the card slot, or enter the key generated by the key generator in the option provided by the app to log in to the system.

User Annotation - Fingerprint / Retina Eye Pattern / Signature - The user needs to transfer their attribute via the selected input device used by the operating system to enter the system.

One Time Passwords

One-time passwords provide added security and standard authentication. In the One-Time Password system, a different password is required each time a user tries to sign in to the system. Once a one-time password is used, it will not be used again. One-time password is used in a variety of ways.

Random Numbers - Users are provided with cards with printed numbers and corresponding alphabets. The system asks for numbers corresponding to a few randomly selected characters.

Private key - User is provided with a hardware device that can create a private id map with a user id. The system is requesting such a secret id that will be generated before signing in.

Network Password - Some commercial applications send one-time passwords to the user on a mobile phone / registered email that needs to be entered before signing in.

Program Threats

Operating system and kernel processes perform the task as instructed. When a user's system performs this process it performs malicious operations, known as System Threats. One of the most common examples of system threats is a computer program that can store and send user information over the network to certain hackers. The following is a list of some known system threats.

Trojan Horse - Such a system holds user login credentials and saves them to send to a malicious user who can log in to the computer and gain access to system resources.

Trap Door - If the system is designed to work as needed, have a security code in its code and perform an illegal act without the user's knowledge and it is called a trap door.

Logic Bomb - A sensible bomb is a state in which a system behaves only when certain conditions are met in a certain way and acts as a real system. It's hard to find.

Virus - A virus as the name suggests can replicate itself on a computer program. They are very dangerous and can modify / delete user files, crash systems. The virus displays a small code embedded in the system. As a user logs into the program, the virus starts embedding other files / programs and can make the program usable for the user

System Threats

System threats refer to the misuse of system services and network connections to put the user in trouble. System threats can be used to launch system threats on a complete network called system attacks. System threats create an environment for system resources / user files to be misused. The following is a list of some known system threats.

Worm - Worm is a process that can reduce system performance by using system resources at higher levels. The Worm process generates many of its copies when each copy uses system resources, preventing all other processes from accessing the required resources. Worm processes can even shut down an entire network.

Port scans - Port scans are a method or method by which a criminal can detect a system vulnerability to carry out a system attack.

Rejection of Service - Refusing an app attack prevents a user from using the system legally. For example, a user may not be able to use the Internet if the denial of services attacks the browser content settings.

Computer Security Separation

According to the Department of Defense's Computer System's Evaluation Criteria, there are four security categories in computer systems: A, B, C, and D. This is widely used to specify the determination and modeling of security systems and security solutions. The following is a brief description of each classification.

Separation Type and Definition

Type A

  • Very high level. It uses systematic design specifications and verification techniques. Provides a high level of process security.

Type B

Provides a mandatory protection system. Have all the C2 class plan structures. Attaches a sensor label to each item. It has three types.

  • B1 - Maintains the safety label for each item in the system. The label is used to make decisions to access control.
  • B2 - Expands sensitivity labels to each program's resources, such as storage, supports private channels and event research.
  • B3 - Allows you to create a list or groups of users to control access or retrieve access to a named object.

Type C

Provides user protection and accountability using the power of audit. It has two types.

  • C1 - Installs controls so users can protect their personal information and keep other users from reading / deleting their data by mistake. UNIX varieties are mostly Cl class.
  • C2 - Adds access control for each level to capabil

All Topics of OS. 

Post a Comment


Please writing your opinion

Post a Comment (0)