The document discusses security and protection in operating systems. It defines security as a mechanism that analyzes users and permits authorized access to system resources through authentication and encryption. Protection deals with controlling access to system resources and determining which files a user can access. The document provides examples of how organizations implement security and protection measures to restrict access to information.

1. 10
Security and Protection
Prepared By: Ghayour Abbas
Security:
The security systems covers the safety of their system resources (saved data,
memory, disks, etc) across malignant alteration & illegal access. The security gives a
mechanism (authentication and encryption) to analyze the user to permit for using
the system.
For example, in a corporation that the info is obtained by completely different
workers however, it can’t be obtained by a user that doesn’t exist in this explicit
organization or a user operating in different business enterprises. Security is the
vital task for a corporation to provide some safety mechanism in order that no
outside user will access the knowledge of the organization.
Protection:
protection deals with the access to the system resources. It determines that
what files can be accessed or permeated by a special user. The protection of the
system should confirm the approval of the process and users. Due to this, these
licensed users and processes will care for the central processing unit, memory and
alternative sources. The protection mechanism ought to provide a path for
specifying the controls to be obligatory, beside how of implementing them.
Example of protection can be given from the security, any organization will
have many departments below that several staff operate. the assorted departments
will share frequent info with one another however not sensitive info. So, completely
different employees have different access rights the info in step with that they will
access the define data.

2. Authentication Authorization
Authentication verifies who the user is. Authorization determines what resources a user can
access.
Authentication works through passwords, one-time
pins, biometric information, and other information
provided or entered by the user.
Authorization works through settings that are
implemented and maintained by the organization.
Authentication is the first step of a good identity
and access management process.
Authorization always takes place after
authentication.
Authentication is visible to and partially
changeable by the user.
Authorization isn’t visible to or changeable by the
user.
Example: By verifying their identity, employees can
gain access to an HR application that includes their
personal pay information, vacation time, and data.
Example: Once their level of access is authorized,
employees and HR managers can access different
levels of data based on the permissions set by the
organization.
S.NO Comparison
based on
Security Protection
1. Basic Security grants the system access to
the appropriate users only.
While protection deals with the
access to the system resources.
2. Type of threats
involved of the
system
In security, external threats are
involved.
While in protection, internal threats
are involved.
3. Queries handle In security, more convoluted
queries are handled.
Whereas in protection, simple
queries are handled.
4. Policy Security illustrates that which
person is granted for using the
system.
Whereas protection determines that
what files can be accessed or
permeated by a special user.
5. Mechanism In security, encryption and
certification(authentication)
mechanisms are used.
Whereas in protection,
authorization mechanism is
implemented.

3. Protection in Operating System
Protection is especially important in a multiuser environment when multiple users
use computer resources such as CPU, memory, etc. It is the operating system's
responsibility to offer a mechanism that protects each process from other processes. In a
multiuser environment, all assets that require protection are classified as objects, and
those that wish to access these objects are referred to as subjects. The operating system
grants different 'access rights' to different subjects.
What is Protection in Operating System?
A mechanism that controls the access of programs, processes, or users to the
resources defined by a computer system is referred to as protection. You may utilize
protection as a tool for multi-programming operating systems, allowing multiple users to
safely share a common logical namespace, including a directory or files.
It needs the protection of computer resources like the software, memory, processor,
etc. Users should take protective measures as a helper to multiprogramming OS so that
multiple users may safely use a common logical namespace like a directory or data.
Protection may be achieved by maintaining confidentiality, honesty and availability in the
OS. It is critical to secure the device from unauthorized access, viruses, worms, and other
malware.
Need of Protection in Operating System
Various needs of protection in the operating system are as follows:
1. There may be security risks like unauthorized reading, writing, modification, or preventing
the system from working effectively for authorized users.
2. It helps to ensure data security, process security, and program security against
unauthorized user access or program access.
3. It is important to ensure no access rights' breaches, no viruses, no unauthorized access to
the existing data.
4. Its purpose is to ensure that only the systems' policies access programs, resources, and
data.

4. Goals of Protection in Operating System
Various goals of protection in the operating system are as follows:
1. The policies define how processes access the computer system's resources, such as the
CPU, memory, software, and even the operating system. It is the responsibility of both the
operating system designer and the app programmer. Although, these policies are modified
at any time.
2. Protection is a technique for protecting data and processes from harmful or intentional
infiltration. It contains protection policies either established by itself, set by management
or imposed individually by programmers to ensure that their programs are protected to the
greatest extent possible.
3. It also provides a multiprogramming OS with the security that its users expect when sharing
common space such as files or directories.
Role of Protection in Operating System
Its main role is to provide a mechanism for implementing policies that define the use
of resources in a computer system. Some rules are set during the system's design, while
others are defined by system administrators to secure their files and programs.
Every program has distinct policies for using resources, and these policies may
change over time. Therefore, system security is not the responsibility of the system's
designer, and the programmer must also design the protection technique to protect their
system against infiltration.
Association between Process and Domain
When processes have the necessary access rights, they can switch from one domain to
another. It could be of two types, as shown below.
1. Fixed or Static
In a fixed association, all access rights could be given to processes at the start. However,
the results in a large number of access rights for domain switching. As a result, a technique
of changing the domain's contents is found dynamically.
2. Changing or dynamic
A process may switch dynamically and creating a new domain in the process.

5. Security measures of Operating System
There are various security measures of the operating system that the users may take. Some
of them are as follows:
1. The network used for file transfers must be secure at all times. During the transfer, no alien
software should be able to harvest information from the network. It is referred to as
network sniffing, and it could be avoided by implementing encrypted data transfer routes.
Moreover, the OS should be capable of resisting forceful or even accidental violations.
2. Passwords are a good authentication method, but they are the most common and
vulnerable. It is very easy to crack passwords.
3. Security measures at various levels are put in place to prevent malpractices, like no one
being allowed on the premises or access to the systems.
4. The best authentication techniques include a username-password combination, eye retina
scan, fingerprint, or even user cards to access the system.
System Authentication
One-time passwords, encrypted passwords, and cryptography are used to create a strong
password and a formidable authentication source.
1. One-time Password
It is a way that is unique at every login by the user. It is a combination of two passwords
that allow the user access. The system creates a random number, and the user supplies a
matching one. An algorithm generates a random number for the system and the user, and
the output is matched using a common function.
2. Encrypted Passwords
It is also a very effective technique of authenticating access. Encrypted data is passed via
the network, which transfers and checks passwords, allowing data to pass without
interruption or interception.
3. Cryptography
It's another way to ensure that unauthorized users can't access data transferred over a
network. It aids in the data secure transmission. It introduces the concept of a key to
protecting the data. The key is crucial in this situation. When a user sends data, he encodes
it using a computer that has the key, and the receiver must decode the data with the same
key. As a result, even if the data is stolen in the middle of the process, there's a good
possibility the unauthorized user won't be able to access it.