vinay arora, profile picture
Uploaded byvinay arora
PPT, PDF1,867 views

Security & Protection

This document discusses protection and security in operating systems. It covers goals of protection like ensuring each object can only be accessed correctly by allowed processes. The principle of least privilege is introduced. Domain structure and access matrix models for protection are described. Access control matrix consists of subjects, objects, and access operations. Access control list and capability list are derivative and better forms. Security threats like intruders attempting to breach security are addressed. Categories of security violations like breach of confidentiality and methods of attacks are outlined. References from textbooks and websites on related topics are listed at the end.

Embed presentation

Downloaded 153 times
Protection & Security Organized By: V.A. V.A. CSED,TU
Disclaimer This is NOT A COPYRIGHT MATERIAL Content has been taken mainly from the following books: Operating Systems Concepts By Silberschatz & Galvin , Operating systems By D M Dhamdhere, System Programming By John J Donovan etc… VA. CSED,TU
Protection – Goals & Principle  Each Object has a Unique Name and can be accessed through a well-defined set of Operations.  Ensure that each Object is accessed correctly and only by those Processes that are allowed to do so.  Guiding Principle – Principle of Least Privilege  Programs, users and systems should be given just enough privileges to perform their tasks VA. CSED,TU
Domain Structure  Access-right = <object-name, rights-set> where rights-set is a subset of all valid operations that can be performed on the object.  Domain = Set of Access-Rights  Domain can be realized in variety of ways: Each User, Each Process and Each Procedure. VA. CSED,TU
Access Matrix  View Protection as a MATRIX (access matrix)  Rows represent Domains  Columns represent Objects  Access (i, j) is the Set Of Operations that a process executing in Domaini can invoke on Objectj VA. CSED,TU
Access Control Matrix  Access control matrix consists of triple parts such as subject, object, and access operation.  A SUBJECT is an Active Entity in a computer system such as User, Program, Process and Thread.  An OBJECT is a Passive Entity or System Resource such as File, Directory, Database Record and Printer.  In Access Control Matrix’s schema, the Subjects and Objects are placed in a table. Each row represents a Subject and each column represents an Object.  The data inside the table are Set Of Access Operations such as read, write, and execute. The access operations are responsible for interactions between subjects and objects. VA. CSED,TU
Access Matrix VA. CSED,TU
Use of Access Matrix  If a Process in Domain Di tries to do “op” on object Oj, then “op” must be in the ACCESS MATRIX.  Can be Expanded to DYNAMIC PROTECTION.  Operations to ADD, DELETE access rights.  Special Access Rights:  Owner of Oi  Copy op from Oi to Oj  Control – Di can modify Dj access rights  Transfer – Switch from domain Di to Dj VA. CSED,TU
Access Matrix – Showing Switch VA. CSED,TU
Role Based Access Control VA. CSED,TU
Sample Access Matrix The Derivative forms of access control matrix such as Access Control List (ACL) and Capability List (C-list) are better applied. VA. CSED,TU
Access Control List VA. CSED,TU
ACL When we look for Insurance Data we can write: VA. CSED,TU
C-List VA. CSED,TU
C-List When we look for Alice’s C-list we can write: VA. CSED,TU
ACL vs CL VA. CSED,TU
Security  Security must consider External Environment of the System and protect the system resources  Intruders (crackers) attempt to breach security  THREAT is potential security violation  ATTACK is attempt to breach security  Attack can be accidental or malicious  Easier to protect against accidental than malicious misuse VA. CSED,TU
Security Violations  Categories  Breach of confidentiality  Breach of integrity  Breach of availability  Theft of service  Denial of service  Methods  Masquerading (breach authentication)  Replay attack  Message modification  Man-in-the-middle attack  Session hijacking VA. CSED,TU
Security Attacks VA. CSED,TU
Reference List Operating Systems Concepts By Silberschatz & Galvin, Operating systems By D M Dhamdhere, System Programming By John J Donovan, www.os-book.com www.cs.jhu.edu/~yairamir/cs418/os2/sld001.htm http://gaia.ecs.csus.edu/~zhangd/oscal/pscheduling.html http://www.edugrid.ac.in/iiitmk/os/os_module03.htm http://williamstallings.com/OS/Animations.html etc… VA. CSED,TU
Thnx… VA. CSED,TU

More Related Content

PPT
3 java - variable type
byvinay arora
 
PPT
Process Synchronization
byvinay arora
 
PPT
2 java - operators
byvinay arora
 
PPT
1 java - data type
byvinay arora
 
PPT
6 java - loop
byvinay arora
 
PPT
4 java - decision
byvinay arora
 
PPT
Uta005 lecture1
byvinay arora
 
PDF
Search engine and web crawler
byvinay arora
 
3 java - variable type
byvinay arora
 
Process Synchronization
byvinay arora
 
2 java - operators
byvinay arora
 
1 java - data type
byvinay arora
 
6 java - loop
byvinay arora
 
4 java - decision
byvinay arora
 
Uta005 lecture1
byvinay arora
 
Search engine and web crawler
byvinay arora
 

Similar to Security & Protection

PPT
Chapter 14 - Protection
byWayne Jones Jnr
 
PPT
Protection
byMohanlal Sukhadia University (MLSU)
 
PPTX
securityandprotection Design Principles Of Security
byankitashah871482
 
PPT
Ch18 OS
byC.U
 
PPTX
Security Environment, Design Principles Of Security
byankitashah871482
 
PPT
Os8
bygopal10scs185
 
PPTX
Protection Domain and Access Matrix Model -Operating System
byLalfakawmaKh
 
PPTX
Protection and security
bymbadhi
 
PPTX
Operating Systems Protection and Security
bySivakumar M
 
PPT
W ch14
bysamarsayed91
 
PPT
Lecture 19 - Materials Protection Operating System
bytivilar649
 
PDF
Access control
bychenlahero
 
PPT
Topic 7 access control
byKhawar Nehal khawar.nehal@atrc.net.pk
 
PPT
OSCh18
byJoe Christensen
 
PPT
OS_Ch18
bySupriya Shrivastava
 
PPTX
L-3.1.1 (1).pptx
byAnandYadav24579
 
PPT
Os8
bygopal10scs185
 
PDF
Ch13 protection
byWelly Dian Astika
 
PDF
Acl 6
bydarryllyrad
 
PPTX
security in is.pptx
byselvapriyabiher
 
Chapter 14 - Protection
byWayne Jones Jnr
 
Protection
byMohanlal Sukhadia University (MLSU)
 
securityandprotection Design Principles Of Security
byankitashah871482
 
Ch18 OS
byC.U
 
Security Environment, Design Principles Of Security
byankitashah871482
 
Os8
bygopal10scs185
 
Protection Domain and Access Matrix Model -Operating System
byLalfakawmaKh
 
Protection and security
bymbadhi
 
Operating Systems Protection and Security
bySivakumar M
 
W ch14
bysamarsayed91
 
Lecture 19 - Materials Protection Operating System
bytivilar649
 
Access control
bychenlahero
 
Topic 7 access control
byKhawar Nehal khawar.nehal@atrc.net.pk
 
OSCh18
byJoe Christensen
 
OS_Ch18
bySupriya Shrivastava
 
L-3.1.1 (1).pptx
byAnandYadav24579
 
Os8
bygopal10scs185
 
Ch13 protection
byWelly Dian Astika
 
Acl 6
bydarryllyrad
 
security in is.pptx
byselvapriyabiher
 

More from vinay arora

PDF
CG - Display Devices
byvinay arora
 
PDF
A&D - Object Oriented Analysis using UML
byvinay arora
 
PDF
A&D - Object Oriented Design using UML
byvinay arora
 
PDF
C Prog. - Strings (Updated)
byvinay arora
 
PPT
A&D - Input Design
byvinay arora
 
PDF
CG - Input Output Devices
byvinay arora
 
PDF
CG - Output Primitives
byvinay arora
 
PDF
CG - Introduction to Computer Graphics
byvinay arora
 
DOCX
Use case diagram (airport)
byvinay arora
 
DOCX
Use case diagram
byvinay arora
 
DOCX
Lab exercise questions (AD & CD)
byvinay arora
 
PPT
Uta005 lecture2
byvinay arora
 
PPT
A&D - UML
byvinay arora
 
PDF
C Prog. - Structures
byvinay arora
 
PDF
C Prog - Pointers
byvinay arora
 
PDF
C Prog - Strings
byvinay arora
 
PPT
Uta005 lecture3
byvinay arora
 
PDF
C Prog - Array
byvinay arora
 
PDF
C Prog - Array
byvinay arora
 
PDF
SEM - UML (1st case study)
byvinay arora
 
CG - Display Devices
byvinay arora
 
A&D - Object Oriented Analysis using UML
byvinay arora
 
A&D - Object Oriented Design using UML
byvinay arora
 
C Prog. - Strings (Updated)
byvinay arora
 
A&D - Input Design
byvinay arora
 
CG - Input Output Devices
byvinay arora
 
CG - Output Primitives
byvinay arora
 
CG - Introduction to Computer Graphics
byvinay arora
 
Use case diagram (airport)
byvinay arora
 
Use case diagram
byvinay arora
 
Lab exercise questions (AD & CD)
byvinay arora
 
Uta005 lecture2
byvinay arora
 
A&D - UML
byvinay arora
 
C Prog. - Structures
byvinay arora
 
C Prog - Pointers
byvinay arora
 
C Prog - Strings
byvinay arora
 
Uta005 lecture3
byvinay arora
 
C Prog - Array
byvinay arora
 
C Prog - Array
byvinay arora
 
SEM - UML (1st case study)
byvinay arora
 

Recently uploaded

PPTX
Pain. definition, causes, factor influencing pain & pain assessment.pptx
byPompi Begum
 
PPTX
Pig- piggy bank in Big Data Analytics.ppt.pptx
byVarshini M
 
PDF
1ST APPLICATION FOR ANNULMENT (4)8787666.pdf
bykonstantinantountoum1
 
PDF
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PPTX
Overview of how to Create a Model in Odoo 18
byCeline George
 
PPTX
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
PPTX
Repeat Orders_ Use Odoo Blanket Agreement
byCeline George
 
PDF
Toward Massive, Ultrareliable, and Low-Latency Wireless Communication With Sh...
byMan_Ebook
 
PPTX
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
PPTX
Nursing Unit Management, patient care unit, physical layout of nursing unit,t...
byyellow4878
 
PDF
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
PDF
Analyzing the data of your initial survey
byThelma Villaflores
 
PPTX
Planning Assessment for Outcome-based Education
byAdri Jovin
 
PPTX
REVISED DEFENSE MECHANISM / ADJUSTMENT MECHANISM-FINAL
byShimla
 
PPTX
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
PPTX
THEORIES OF GROWTH AND DEVELOPMENT..pptx
byAneetaSharma15
 
PDF
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
PPTX
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
PPTX
Basics in Phytochemistry, Extraction, Isolation methods, Characterisation etc.
byD. Y. Patil College of Pharmacy, Kolhapur.
 
PDF
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
Pain. definition, causes, factor influencing pain & pain assessment.pptx
byPompi Begum
 
Pig- piggy bank in Big Data Analytics.ppt.pptx
byVarshini M
 
1ST APPLICATION FOR ANNULMENT (4)8787666.pdf
bykonstantinantountoum1
 
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
Overview of how to Create a Model in Odoo 18
byCeline George
 
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
Repeat Orders_ Use Odoo Blanket Agreement
byCeline George
 
Toward Massive, Ultrareliable, and Low-Latency Wireless Communication With Sh...
byMan_Ebook
 
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
Nursing Unit Management, patient care unit, physical layout of nursing unit,t...
byyellow4878
 
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
Analyzing the data of your initial survey
byThelma Villaflores
 
Planning Assessment for Outcome-based Education
byAdri Jovin
 
REVISED DEFENSE MECHANISM / ADJUSTMENT MECHANISM-FINAL
byShimla
 
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
THEORIES OF GROWTH AND DEVELOPMENT..pptx
byAneetaSharma15
 
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
Basics in Phytochemistry, Extraction, Isolation methods, Characterisation etc.
byD. Y. Patil College of Pharmacy, Kolhapur.
 
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 

Security & Protection

  • 1.
    Protection & Security Organized By: V.A. V.A. CSED,TU
  • 2.
    Disclaimer Thisis NOT A COPYRIGHT MATERIAL Content has been taken mainly from the following books: Operating Systems Concepts By Silberschatz & Galvin , Operating systems By D M Dhamdhere, System Programming By John J Donovan etc… VA. CSED,TU
  • 3.
    Protection – Goals& Principle  Each Object has a Unique Name and can be accessed through a well-defined set of Operations.  Ensure that each Object is accessed correctly and only by those Processes that are allowed to do so.  Guiding Principle – Principle of Least Privilege  Programs, users and systems should be given just enough privileges to perform their tasks VA. CSED,TU
  • 4.
    Domain Structure  Access-right = <object-name, rights-set> where rights-set is a subset of all valid operations that can be performed on the object.  Domain = Set of Access-Rights  Domain can be realized in variety of ways: Each User, Each Process and Each Procedure. VA. CSED,TU
  • 5.
    Access Matrix  View Protection as a MATRIX (access matrix)  Rows represent Domains  Columns represent Objects  Access (i, j) is the Set Of Operations that a process executing in Domaini can invoke on Objectj VA. CSED,TU
  • 6.
    Access Control Matrix  Access control matrix consists of triple parts such as subject, object, and access operation.  A SUBJECT is an Active Entity in a computer system such as User, Program, Process and Thread.  An OBJECT is a Passive Entity or System Resource such as File, Directory, Database Record and Printer.  In Access Control Matrix’s schema, the Subjects and Objects are placed in a table. Each row represents a Subject and each column represents an Object.  The data inside the table are Set Of Access Operations such as read, write, and execute. The access operations are responsible for interactions between subjects and objects. VA. CSED,TU
  • 7.
    Access Matrix VA. CSED,TU
  • 8.
    Use of AccessMatrix  If a Process in Domain Di tries to do “op” on object Oj, then “op” must be in the ACCESS MATRIX.  Can be Expanded to DYNAMIC PROTECTION.  Operations to ADD, DELETE access rights.  Special Access Rights:  Owner of Oi  Copy op from Oi to Oj  Control – Di can modify Dj access rights  Transfer – Switch from domain Di to Dj VA. CSED,TU
  • 9.
    Access Matrix –Showing Switch VA. CSED,TU
  • 10.
    Role Based AccessControl VA. CSED,TU
  • 11.
    Sample Access Matrix The Derivative forms of access control matrix such as Access Control List (ACL) and Capability List (C-list) are better applied. VA. CSED,TU
  • 12.
  • 13.
    ACL Whenwe look for Insurance Data we can write: VA. CSED,TU
  • 14.
    C-List VA. CSED,TU
  • 15.
    C-List Whenwe look for Alice’s C-list we can write: VA. CSED,TU
  • 16.
    ACL vs CL VA. CSED,TU
  • 17.
    Security  Security must consider External Environment of the System and protect the system resources  Intruders (crackers) attempt to breach security  THREAT is potential security violation  ATTACK is attempt to breach security  Attack can be accidental or malicious  Easier to protect against accidental than malicious misuse VA. CSED,TU
  • 18.
    Security Violations  Categories  Breach of confidentiality  Breach of integrity  Breach of availability  Theft of service  Denial of service  Methods  Masquerading (breach authentication)  Replay attack  Message modification  Man-in-the-middle attack  Session hijacking VA. CSED,TU
  • 19.
    Security Attacks VA. CSED,TU
  • 20.
    Reference List Operating SystemsConcepts By Silberschatz & Galvin, Operating systems By D M Dhamdhere, System Programming By John J Donovan, www.os-book.com www.cs.jhu.edu/~yairamir/cs418/os2/sld001.htm http://gaia.ecs.csus.edu/~zhangd/oscal/pscheduling.html http://www.edugrid.ac.in/iiitmk/os/os_module03.htm http://williamstallings.com/OS/Animations.html etc… VA. CSED,TU
  • 21.