2. Overview
• Security refers to providing a protection system to
computer system resources such as CPU, memory,
disk, software programs and most importantly
data/information stored in the computer system.
• a computer system must be protected against
unauthorized access, malicious access to system
memory, viruses, worms etc.
Authentication : Authentication refers to identifying
each user of the system and associating the executing
programs with those users.
3. Overview…..
• Operating Systems generally identifies/authenticates
users using following three ways :
– Username / Password
– User card/key
– User attribute – fingerprint/ eye retina
pattern/signature
One Time passwords: a unique password is required
every time user tries to login into the system. It can be
implemented by :
– Random numbers
– Secrete Key
– Network password
4. • Program Threats: If a user program made these process
do malicious tasks, then it is known as Program Threats.
• well-known program threats are as follows:
– Trojan Horse
– Trap Door
– Logic Bomb
– Virus
• System Threats : System threats refers to misuse of
system services and network connections to put user in
trouble well-known system threats.
– Worm
– Port Scanning
– DoS
Overview…..
5. Security methods and devices
What is OS Security?
• The term operating system (OS) security refers to
practices and measures that can ensure the
confidentiality, integrity, and availability (CIA) of
operating systems.
• Involves the implementation of control techniques
that can protect your assets from unauthorized
modification and deletion or theft.
• The goal of OS security is to protect the OS from:
– various threats
– malicious software such as worms, Trojans and
other viruses,
– misconfigurations, and remote intrusions.
6. Cont.…
• The most common techniques used to protect
operating systems include
– the use of antivirus software and other endpoint
protection measures,
– regular OS patch updates,
– a firewall for monitoring network traffic, and
– enforcement of secure access through least
privileges and user controls.
7. Cont.…
• Here are a few of the most common threat vectors that
can affect an operating system.
• Malware is injected into a system without the owner’s
consent, or by masquerading as legitimate software,
with the objective of stealing, destroying or corrupting
data, or compromising the device.
• A Denial of Service (DoS) attack is intended to clog a
system with fake requests so it becomes overloaded,
and eventually stops serving legitimate requests.
• Network intrusion occurs when an individual gains
access to a system for improper use. It can be Careless
insiders, malicious insiders, Masqueraders, Clandestine
users.
• Buffer Overflow: During a buffer overflow attack, the
buffer or other temporary data stores are overflowing
with data.
8. Here are a few ways that improve operating system security:
• Authentication Measures
– Security keys
– Username-password combinations
– Biometric signatures
– Multi-factor authentication
• Using One-Time Passwords
– Network passwords
– Random numbers
– Secret keys
• Virtualization enables you to abstract software from
hardware, effectively separating the two.
• OS virtualization enables you to multiple isolated user
environments using the same OS kernel. The technology that
creates and enables this type of isolation is called a
“hypervisor”
Cont.…
9. Here are a few testing methods you can use.
• Vulnerability assessment involves testing for
weaknesses that may be lying undetected in an
operating system.
– Scanning for known vulnerabilities
– Scanning the software and applications on an OS
– Scanning for malware
– Scanning for missing patches and updates
– Patch testing
– Port scanning
• Penetration testing, or pentesting, is a security
assessment strategy that uses vulnerability assessment
to identify how an attacker may successfully exploit
vulnerabilities in the system. the testing will be White
Box, Grey Box and Black Box testing
Cont.…
10. Protection, access, and authentication
• Authentication mechanism determines the user’s identity
before revealing the sensitive information.
• It is very crucial for the system or interfaces where the
user priority is to protect the confidential information.
• Authentication does not determine what tasks the
individual can do or what files the individual can see.
Authentication merely identifies and verifies who the
person or system is.
• Access control for an operating system determines how
the operating system implements accesses to system
resources by satisfying the security objectives of
integrity, availability, and secrecy.
• Protection refers to a mechanism which controls the
access of programs, processes, or users to the
resources defined by a computer system.
11. Models of protection
• Protection models represent the protected objects in a
system
– how users or subjects may request access to them,
– how access decisions are made, and
– how the rules governing access decisions may be altered.
• Access Matrix is a security model of protection state in
computer system.
• It is represented as a matrix.
• Access matrix is used to define the rights of each
process executing in the domain with respect to each
object.
• The rows of matrix represent domains and columns
represent objects.
• Each cell of matrix represents set of access rights which
are given to the processes of domain means each entry
(i, j) defines the set of operations that a process
executing in domain Di can invoke on object Oj.
13. Cont.….
• Memory protection is a way to manage access rights to
the specific memory regions. It is used by the majority of
multi-tasking operating systems.
• The main goal of the memory protection appears to be a
banning of a process to access the part of memory which
is not allocated to that process.
• Encryption is a method of securing data by scrambling
the bits of a computer’s files so that they become illegible.
• The only method of reading the encrypted files is by
decrypting them with a key; the key is unlocked with a
password.
• Recovery Management is the process of planning,
testing, and implementing the recovery procedures ad
standards required to restore service in the event of a
component failure;
– either by returning the component to normal operation, or
– taking alternative actions to restore service.