This document discusses operating system security. It begins by defining security as ensuring confidentiality and integrity of the OS. It then discusses common security problems like systems being targets for thieves. Security can be threatened by threats and attacks, which are intentional violations like malware or accidental issues like denial of service attacks. The goals of security systems are integrity, secrecy and availability. Attacks use methods like masquerading, replay attacks, and man-in-the-middle attacks. Security is protected at the physical, human, operating system and network levels. Measures include access control, encryption, authorization and detecting intrusions.

1. Operating System
SECURITY

2. INTRODUCTION
Security of a computer system is a crucial task. It is a process of ensuring confidentiality and integrity
of the OS.
On the other hand, this requires only adequate protection system but also consideration of external
environment within which the system operates.
A system is said to be secure if its resources are used and accessed as intended under all the
circumstances.

3. SECURITY PROBLEM
So, How exactly this security problem occurs ?
● In large commercial systems containing payroll or other financial data are inviting targets to
thieves
● We say that a system is secure if its resources are used and accessed as intended under all
circumstances.
● So, for this we must have mechanisms to make security breaches a rare occurrence rather
than normal conditions.

4. SECURITY VIOLATIONS
A security violation or infraction is any breach of security regulations, requirements, procedures or guidelines,
whether or not a compromise results.
Security of a system can be threatened via two violations:
● Threat: A program which has the potential to cause serious damage to the system.
● Attack: An attempt to break security and make unauthorized use of an asset.
This System violations can be categorized into intentional and accidental.
● Intentional, A kind of harmful computer code or web script designed to create system vulnerabilities
leading to back doors and security breaches. Also known as MALICIOUS
● Accidental, on the other hand, are comparatively easier to be protected against.
○ Example: Denial of service DDoS Attack

5. BREACHES
Security can be compromised via any of the breaches mentioned:
● Breach of confidentiality: This type of violation involves the unauthorized reading of data.
● Breach of integrity: This violation involves unauthorized modification of data.
● Breach of availability: It involves an unauthorized destruction of data.
● Theft of service: It involves an unauthorized use of resources.
● Denial of service: It involves preventing legitimate use of the system.
As mentioned before, such attacks can be accidental in nature.

6. SECURITY SYSTEM GOALS
1. Integrity:
The objects in the system mustn’t be accessed by any unauthorized user & any user not having sufficient rights
should not be allowed to modify the important system files and resources.
2. Secrecy:
The objects of the system must be accessible only to a limited number of authorized users. Not everyone
should be able to view the system files.
3. Availability:
In this kind of situation, a malware might hog the resources for itself & thus preventing the legitimate
processes from accessing the system resources.

7. METHODS
Attackers use several standard methods in their attempts to breach the security.
● One common attack is masquerading, in which the attacker pretends to be a trusted third party. A
variation of this is the man-in-the-middle, in which the attacker masquerades as both ends of the
conversation to two targets.
● A replay attack involves repeating a valid transmission. Sometimes this can be the entire attack, (
such as repeating a request for a money transfer ), or other times the content of the original message is
replaced with malicious content.

8. SECURITY ATTACK
● Consider the damage that could be done if a request for authentication had a legitimate users
information replaced with an unauthorized users. yet another kind of attack is the man-in-the-middle
attack, in which an attacker sits in the data flow of a communication, masquerading as the sender to
the receiver, and vice-versa.
● In a network communication, a man-in-the-middle attack may be preceded by a session hijacking, in
which an active communication session is intercepted.
● In some cases, such as a denial-of-service attack, it is preferable to prevent the attack but sufficient to
detect the attack so that the counter measures can be taken.
several attacks are depicted in the following diagram

10. SECURITY MEASURES
● There are four levels at which a system must be protected:
1. Physical - The easiest way to steal data is to pocket the backup tapes. Also, access to the root console will
often give the user special privileges, such as rebooting the system as root from removable media. Even
general access to terminals in a computer room offers some opportunities for an attacker.
2. Human - There is some concern that the humans who are allowed access to a system be trustworthy, and
that they cannot be coerced into breaching security.
■ Phishing involves sending an innocent-looking e-mail or web site designed to fool people into
revealing confidential information..
■ Dumpster Diving involves searching the trash or other locations for passwords that are written
down.
■ Password Cracking involves divining users passwords, either by watching them type in their
passwords, knowing something about them like their pet's names, or simply trying all words in
common dictionaries.

11. SECURITY MEASURES
3. Operating System - The OS must protect itself from security breaches, such as runaway processes, memory-access
violations, stack overflow violations, the launching of programs with excessive privileges, and many others.
4. Network - As network communications become ever more important and pervasive in modern computing
environments, it becomes ever more important to protect this area of the system. This is a growing area of concern as
wireless communications and portable devices become more and more prevalent.

12. DIFFERENCE BETWEEN
SECURITY AND PROTECTION
SECURITY
► Security grants the system access to the
appropriate users only.
► External threats are involved.
► More convoluted queries are handled.
► Security illustrates that which person is granted for
using the system.
► Encryption and certification mechanisms are used.
PROTECTION
► While protection deals with the access to the system
resources.
► Internal threats are involved.
► Simple queries are handled.
► Whereas protection determines that what files can be
accessed or permeated by a special user.
► Authorization mechanism is implemented.

13. CONCLUSION
Security at the physical and human levels, although important is for the most part beyond the scope.
The security of Operating System depends on us because the more precautions we will take the more
secure our Operating System will be.
Security within the operating system and also in between the operating system is implemented in
several ways ranging from passwords of authentication through guarding against viruses to detecting
intrusions.

14. THANK YOU !