SlideShare a Scribd company logo

Chapter Last.ppt

Download as PPT, PDF
M
miki304759

Operating System

Engineering
1 of 13
Chapter Last Security and Protection
Overview • Security refers to providing a protection system to computer system resources such as CPU, memory, disk, software programs and most importantly data/information stored in the computer system. • a computer system must be protected against unauthorized access, malicious access to system memory, viruses, worms etc. Authentication : Authentication refers to identifying each user of the system and associating the executing programs with those users.
Overview….. • Operating Systems generally identifies/authenticates users using following three ways : – Username / Password – User card/key – User attribute – fingerprint/ eye retina pattern/signature One Time passwords: a unique password is required every time user tries to login into the system. It can be implemented by : – Random numbers – Secrete Key – Network password
• Program Threats: If a user program made these process do malicious tasks, then it is known as Program Threats. • well-known program threats are as follows: – Trojan Horse – Trap Door – Logic Bomb – Virus • System Threats : System threats refers to misuse of system services and network connections to put user in trouble well-known system threats. – Worm – Port Scanning – DoS Overview…..
Security methods and devices What is OS Security? • The term operating system (OS) security refers to practices and measures that can ensure the confidentiality, integrity, and availability (CIA) of operating systems. • Involves the implementation of control techniques that can protect your assets from unauthorized modification and deletion or theft. • The goal of OS security is to protect the OS from: – various threats – malicious software such as worms, Trojans and other viruses, – misconfigurations, and remote intrusions.
Cont.… • The most common techniques used to protect operating systems include – the use of antivirus software and other endpoint protection measures, – regular OS patch updates, – a firewall for monitoring network traffic, and – enforcement of secure access through least privileges and user controls.
Cont.… • Here are a few of the most common threat vectors that can affect an operating system. • Malware is injected into a system without the owner’s consent, or by masquerading as legitimate software, with the objective of stealing, destroying or corrupting data, or compromising the device. • A Denial of Service (DoS) attack is intended to clog a system with fake requests so it becomes overloaded, and eventually stops serving legitimate requests. • Network intrusion occurs when an individual gains access to a system for improper use. It can be Careless insiders, malicious insiders, Masqueraders, Clandestine users. • Buffer Overflow: During a buffer overflow attack, the buffer or other temporary data stores are overflowing with data.
Here are a few ways that improve operating system security: • Authentication Measures – Security keys – Username-password combinations – Biometric signatures – Multi-factor authentication • Using One-Time Passwords – Network passwords – Random numbers – Secret keys • Virtualization enables you to abstract software from hardware, effectively separating the two. • OS virtualization enables you to multiple isolated user environments using the same OS kernel. The technology that creates and enables this type of isolation is called a “hypervisor” Cont.…
Here are a few testing methods you can use. • Vulnerability assessment involves testing for weaknesses that may be lying undetected in an operating system. – Scanning for known vulnerabilities – Scanning the software and applications on an OS – Scanning for malware – Scanning for missing patches and updates – Patch testing – Port scanning • Penetration testing, or pentesting, is a security assessment strategy that uses vulnerability assessment to identify how an attacker may successfully exploit vulnerabilities in the system. the testing will be White Box, Grey Box and Black Box testing Cont.…
Protection, access, and authentication • Authentication mechanism determines the user’s identity before revealing the sensitive information. • It is very crucial for the system or interfaces where the user priority is to protect the confidential information. • Authentication does not determine what tasks the individual can do or what files the individual can see. Authentication merely identifies and verifies who the person or system is. • Access control for an operating system determines how the operating system implements accesses to system resources by satisfying the security objectives of integrity, availability, and secrecy. • Protection refers to a mechanism which controls the access of programs, processes, or users to the resources defined by a computer system.
Models of protection • Protection models represent the protected objects in a system – how users or subjects may request access to them, – how access decisions are made, and – how the rules governing access decisions may be altered. • Access Matrix is a security model of protection state in computer system. • It is represented as a matrix. • Access matrix is used to define the rights of each process executing in the domain with respect to each object. • The rows of matrix represent domains and columns represent objects. • Each cell of matrix represents set of access rights which are given to the processes of domain means each entry (i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.
Cont.…
Cont.…. • Memory protection is a way to manage access rights to the specific memory regions. It is used by the majority of multi-tasking operating systems. • The main goal of the memory protection appears to be a banning of a process to access the part of memory which is not allocated to that process. • Encryption is a method of securing data by scrambling the bits of a computer’s files so that they become illegible. • The only method of reading the encrypted files is by decrypting them with a key; the key is unlocked with a password. • Recovery Management is the process of planning, testing, and implementing the recovery procedures ad standards required to restore service in the event of a component failure; – either by returning the component to normal operation, or – taking alternative actions to restore service.

Recommended

operating system Security presentation vol 2
operating system Security presentation vol 2operating system Security presentation vol 2
operating system Security presentation vol 2qacaybagirovv
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
Thur Venture
Thur VentureThur Venture
Thur VentureSathishkumar Vasudevan
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name BasicsSathishkumar Vasudevan
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name BasicsSathishkumar Vasudevan
 
Regression
RegressionRegression
RegressionSathishkumar Vasudevan
 

Recommended

operating system Security presentation vol 2
operating system Security presentation vol 2operating system Security presentation vol 2
operating system Security presentation vol 2qacaybagirovv
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
Thur Venture
Thur VentureThur Venture
Thur VentureSathishkumar Vasudevan
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name BasicsSathishkumar Vasudevan
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name BasicsSathishkumar Vasudevan
 
Regression
RegressionRegression
RegressionSathishkumar Vasudevan
 
Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha VentureSathishkumar Vasudevan
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).pptGooglePay16
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securityGeevarghese Titus
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Security.pdf
Security.pdfSecurity.pdf
Security.pdfKarthick Panneerselvam
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models7wounders
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYRohitK71
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
Chapter 7
Chapter 7Chapter 7
Chapter 7Seth Nurul
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxAadityaRauniyar1
 
Intruders
IntrudersIntruders
IntrudersDr.Florence Dayana
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating systemAbdullah Khosa
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 
Computer Security
Computer SecurityComputer Security
Computer SecurityAkNirojan
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptxRushikeshChikane2
 
Metasploit
MetasploitMetasploit
MetasploitParth Sahu
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.Ankur Kumar
 
Advanced Programming, Java Programming, Applets.ppt
Advanced Programming, Java Programming, Applets.pptAdvanced Programming, Java Programming, Applets.ppt
Advanced Programming, Java Programming, Applets.pptmiki304759
 
Chapter 1- Introduction.ppt
Chapter 1- Introduction.pptChapter 1- Introduction.ppt
Chapter 1- Introduction.pptmiki304759
 

More Related Content

Similar to Chapter Last.ppt

Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).pptGooglePay16
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securityGeevarghese Titus
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models7wounders
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYRohitK71
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxAadityaRauniyar1
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating systemAbdullah Khosa
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 
Computer Security
Computer SecurityComputer Security
Computer SecurityAkNirojan
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptxRushikeshChikane2
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.Ankur Kumar
 

Similar to Chapter Last.ppt (20)

Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha Venture
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Security.pdf
Security.pdfSecurity.pdf
Security.pdf
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITY
 
Security and management
Security and managementSecurity and management
Security and management
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptx
 
Intruders
IntrudersIntruders
Intruders
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating system
 
Protection and security
Protection and securityProtection and security
Protection and security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptx
 
Metasploit
MetasploitMetasploit
Metasploit
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System)
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 

More from miki304759

Advanced Programming, Java Programming, Applets.ppt
Advanced Programming, Java Programming, Applets.pptAdvanced Programming, Java Programming, Applets.ppt
Advanced Programming, Java Programming, Applets.pptmiki304759
 
Chapter 1- Introduction.ppt
Chapter 1- Introduction.pptChapter 1- Introduction.ppt
Chapter 1- Introduction.pptmiki304759
 
Elements of Graph Theory for IS.pptx
Elements of Graph Theory for IS.pptxElements of Graph Theory for IS.pptx
Elements of Graph Theory for IS.pptxmiki304759
 
Chapter one_oS.ppt
Chapter one_oS.pptChapter one_oS.ppt
Chapter one_oS.pptmiki304759
 
Chapter 3 SE 2015.pptx
Chapter 3 SE 2015.pptxChapter 3 SE 2015.pptx
Chapter 3 SE 2015.pptxmiki304759
 
Chapter One Function.pptx
Chapter One Function.pptxChapter One Function.pptx
Chapter One Function.pptxmiki304759
 
4_5809869271378954936.pptx
4_5809869271378954936.pptx4_5809869271378954936.pptx
4_5809869271378954936.pptxmiki304759
 

More from miki304759 (7)

Advanced Programming, Java Programming, Applets.ppt
Advanced Programming, Java Programming, Applets.pptAdvanced Programming, Java Programming, Applets.ppt
Advanced Programming, Java Programming, Applets.ppt
 
Chapter 1- Introduction.ppt
Chapter 1- Introduction.pptChapter 1- Introduction.ppt
Chapter 1- Introduction.ppt
 
Elements of Graph Theory for IS.pptx
Elements of Graph Theory for IS.pptxElements of Graph Theory for IS.pptx
Elements of Graph Theory for IS.pptx
 
Chapter one_oS.ppt
Chapter one_oS.pptChapter one_oS.ppt
Chapter one_oS.ppt
 
Chapter 3 SE 2015.pptx
Chapter 3 SE 2015.pptxChapter 3 SE 2015.pptx
Chapter 3 SE 2015.pptx
 
Chapter One Function.pptx
Chapter One Function.pptxChapter One Function.pptx
Chapter One Function.pptx
 
4_5809869271378954936.pptx
4_5809869271378954936.pptx4_5809869271378954936.pptx
4_5809869271378954936.pptx
 

Recently uploaded

Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 

Recently uploaded (20)

Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 

Chapter Last.ppt

  • 2. Overview • Security refers to providing a protection system to computer system resources such as CPU, memory, disk, software programs and most importantly data/information stored in the computer system. • a computer system must be protected against unauthorized access, malicious access to system memory, viruses, worms etc. Authentication : Authentication refers to identifying each user of the system and associating the executing programs with those users.
  • 3. Overview….. • Operating Systems generally identifies/authenticates users using following three ways : – Username / Password – User card/key – User attribute – fingerprint/ eye retina pattern/signature One Time passwords: a unique password is required every time user tries to login into the system. It can be implemented by : – Random numbers – Secrete Key – Network password
  • 4. • Program Threats: If a user program made these process do malicious tasks, then it is known as Program Threats. • well-known program threats are as follows: – Trojan Horse – Trap Door – Logic Bomb – Virus • System Threats : System threats refers to misuse of system services and network connections to put user in trouble well-known system threats. – Worm – Port Scanning – DoS Overview…..
  • 5. Security methods and devices What is OS Security? • The term operating system (OS) security refers to practices and measures that can ensure the confidentiality, integrity, and availability (CIA) of operating systems. • Involves the implementation of control techniques that can protect your assets from unauthorized modification and deletion or theft. • The goal of OS security is to protect the OS from: – various threats – malicious software such as worms, Trojans and other viruses, – misconfigurations, and remote intrusions.
  • 6. Cont.… • The most common techniques used to protect operating systems include – the use of antivirus software and other endpoint protection measures, – regular OS patch updates, – a firewall for monitoring network traffic, and – enforcement of secure access through least privileges and user controls.
  • 7. Cont.… • Here are a few of the most common threat vectors that can affect an operating system. • Malware is injected into a system without the owner’s consent, or by masquerading as legitimate software, with the objective of stealing, destroying or corrupting data, or compromising the device. • A Denial of Service (DoS) attack is intended to clog a system with fake requests so it becomes overloaded, and eventually stops serving legitimate requests. • Network intrusion occurs when an individual gains access to a system for improper use. It can be Careless insiders, malicious insiders, Masqueraders, Clandestine users. • Buffer Overflow: During a buffer overflow attack, the buffer or other temporary data stores are overflowing with data.
  • 8. Here are a few ways that improve operating system security: • Authentication Measures – Security keys – Username-password combinations – Biometric signatures – Multi-factor authentication • Using One-Time Passwords – Network passwords – Random numbers – Secret keys • Virtualization enables you to abstract software from hardware, effectively separating the two. • OS virtualization enables you to multiple isolated user environments using the same OS kernel. The technology that creates and enables this type of isolation is called a “hypervisor” Cont.…
  • 9. Here are a few testing methods you can use. • Vulnerability assessment involves testing for weaknesses that may be lying undetected in an operating system. – Scanning for known vulnerabilities – Scanning the software and applications on an OS – Scanning for malware – Scanning for missing patches and updates – Patch testing – Port scanning • Penetration testing, or pentesting, is a security assessment strategy that uses vulnerability assessment to identify how an attacker may successfully exploit vulnerabilities in the system. the testing will be White Box, Grey Box and Black Box testing Cont.…
  • 10. Protection, access, and authentication • Authentication mechanism determines the user’s identity before revealing the sensitive information. • It is very crucial for the system or interfaces where the user priority is to protect the confidential information. • Authentication does not determine what tasks the individual can do or what files the individual can see. Authentication merely identifies and verifies who the person or system is. • Access control for an operating system determines how the operating system implements accesses to system resources by satisfying the security objectives of integrity, availability, and secrecy. • Protection refers to a mechanism which controls the access of programs, processes, or users to the resources defined by a computer system.
  • 11. Models of protection • Protection models represent the protected objects in a system – how users or subjects may request access to them, – how access decisions are made, and – how the rules governing access decisions may be altered. • Access Matrix is a security model of protection state in computer system. • It is represented as a matrix. • Access matrix is used to define the rights of each process executing in the domain with respect to each object. • The rows of matrix represent domains and columns represent objects. • Each cell of matrix represents set of access rights which are given to the processes of domain means each entry (i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.
  • 13. Cont.…. • Memory protection is a way to manage access rights to the specific memory regions. It is used by the majority of multi-tasking operating systems. • The main goal of the memory protection appears to be a banning of a process to access the part of memory which is not allocated to that process. • Encryption is a method of securing data by scrambling the bits of a computer’s files so that they become illegible. • The only method of reading the encrypted files is by decrypting them with a key; the key is unlocked with a password. • Recovery Management is the process of planning, testing, and implementing the recovery procedures ad standards required to restore service in the event of a component failure; – either by returning the component to normal operation, or – taking alternative actions to restore service.