Bellal Hossain, profile picture
Uploaded byBellal Hossain
PPTX, PDF152 views

Protection

Protection in operating systems aims to control access to system resources and prevent misuse. Key goals are to ensure resources are only used according to policies and that errors cause minimal damage. Protection is achieved through principles like least privilege and access controls. For example, the MULTICS system used rings to separate privileges, with outer rings having fewer privileges than inner rings. Access is represented by an access matrix where rows are domains and columns are resources, with entries indicating access permissions. Role-based access control also follows least privilege by assigning privileges based on roles. Revoking access raises questions about when and how it takes effect, whether it applies selectively or generally, and if it is temporary or permanent. Protection is crucial as systems have become more complex

Embed presentation

Download to read offline
PROTECTION In operating System Presented By: Md. Bellal Hossain Sohel Tanvir ID: 163015023 ID: 163015039
Content What is Protection Goals of Protection Principles of Protection Domain of Protection Example of protection Conclusion Revocation of Access Rights Access Controls
What is Protection ? Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system. The processes in an operating system must be protected from one another's activities.
Goals of Protection ? Obviously to prevent malicious misuse of the system by users or programs. To ensure that each shared resource is used only in accordance with system policies, which may be set either by system designers or by system administrators. To ensure that errant programs cause the minimal amount of damage possible It is up to administrators and users to implement those mechanisms effectively
Principles of Protection? The principle of least privilege dictates that programs, users, and systems be given just enough privileges to perform their tasks This ensures that failures do the least amount of harm and allow the least of harm to be done Typically each user is given their own account, and has only enough privilege to modify their own files. It is up to administrators and users to implement those mechanisms effectively
An Example: MULTICS The MULTICS system uses a complex system of rings, each corresponding to a different protection domain, as shown below:
An Example: MULTICS Rings are numbered from 0 to 7, with outer rings having a subset of the privileges of the inner rings. Each file is a memory segment, and each segment description includes an entry that indicates the ring number associated with that segment, as well as read, write, and execute privileges. Each process runs in a ring, according to the current-ring-number, a counter associated with each process.
Access Matrix The model of protection that we have been discussing can be viewed as an access matrix, in which columns represent different system resources and rows represent different protection domains. Entries within the matrix indicate what access that domain has to that resource.
Access Matrix Domain switching can be easily supported under this model, simply by providing "switch" access to other domains:
Access Control Role-Based Access Control, RBAC, assigns privileges to users, programs, or roles as appropriate, where "privileges" refer to the right to call certain system calls, or to use certain parameters with those calls. RBAC supports the principle of least privilege, and reduces the susceptibility to abuse as opposed to SUID or SGID programs
Revocation of Access Rights Immediate versus delayed - If delayed, can we determine when the revocation will take place? Selective versus general - Does revocation of an access right to an object affect all users who have that right, or only some users? Partial versus total - Can a subset of rights for an object be revoked, or are all rights revoked at once? The need to revoke access rights dynamically raises several questions: Temporary versus permanent - If rights are revoked, is there a mechanism for processes to re-acquire some or all of the revoked rights?
Conclusion As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. Protection was originally conceived as an adjunct to multiprogramming operating systems, so that untrustworthy users might safely share a common logical name space, such as a directory of files,
Protection
Protection

More Related Content

PPTX
Security engineering
byOWASP Indonesia Chapter
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...
byDonald E. Hester
 
PPT
Chapter006
byJeanie Delos Arcos
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 6: Categorize
byDonald E. Hester
 
PPTX
Ch13 security engineering
bysoftware-engineering-book
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 7: Select Con...
byDonald E. Hester
 
DOCX
Ids 015 architecture and implementation of ids
byjyoti_lakhani
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 10: Authorize
byDonald E. Hester
 
Security engineering
byOWASP Indonesia Chapter
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...
byDonald E. Hester
 
Chapter006
byJeanie Delos Arcos
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 6: Categorize
byDonald E. Hester
 
Ch13 security engineering
bysoftware-engineering-book
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 7: Select Con...
byDonald E. Hester
 
Ids 015 architecture and implementation of ids
byjyoti_lakhani
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 10: Authorize
byDonald E. Hester
 

What's hot

PPTX
Priviledged Identity Management
byrver21
 
PPTX
Hacking appliances
byJonathan Suldo
 
PDF
Data and database security and controls
byFITSFSd
 
PPTX
Functions and features network management
byFlightcase1
 
PPTX
Ch12 safety engineering
bysoftware-engineering-book
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 3: Roles
byDonald E. Hester
 
PPT
Ch20
byJoe Christensen
 
PDF
Guide for Applying The Risk Management Framework to Federal Information Systems
byGuillermo Remache
 
PPTX
Database Security - IK
byIlgın Kavaklıoğulları
 
PPT
Ch18
byJoe Christensen
 
PPT
Software Security Engineering
byMuhammad Asim
 
PPTX
System dependability
bysommerville-videos
 
DOCX
Poster
byRehab Abdallah
 
PPTX
Introduction to NIST’s Risk Management Framework (RMF)
byDonald E. Hester
 
PPTX
Distributed system for access control to physical resources based on qualific...
byDarshan Vithani
 
PDF
A Secure Software Engineering Perspective
byidescitation
 
DOC
V
byakashdeepverma
 
DOCX
CSEC630_TeamAssignment_TeamBlazer_FINAL
byRonald Jackson, Jr
 
PPTX
L5 Dependability Requirements
byIan Sommerville
 
Priviledged Identity Management
byrver21
 
Hacking appliances
byJonathan Suldo
 
Data and database security and controls
byFITSFSd
 
Functions and features network management
byFlightcase1
 
Ch12 safety engineering
bysoftware-engineering-book
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 3: Roles
byDonald E. Hester
 
Ch20
byJoe Christensen
 
Guide for Applying The Risk Management Framework to Federal Information Systems
byGuillermo Remache
 
Database Security - IK
byIlgın Kavaklıoğulları
 
Ch18
byJoe Christensen
 
Software Security Engineering
byMuhammad Asim
 
System dependability
bysommerville-videos
 
Poster
byRehab Abdallah
 
Introduction to NIST’s Risk Management Framework (RMF)
byDonald E. Hester
 
Distributed system for access control to physical resources based on qualific...
byDarshan Vithani
 
A Secure Software Engineering Perspective
byidescitation
 
V
byakashdeepverma
 
CSEC630_TeamAssignment_TeamBlazer_FINAL
byRonald Jackson, Jr
 
L5 Dependability Requirements
byIan Sommerville
 

Similar to Protection

PPT
Protection
byMohanlal Sukhadia University (MLSU)
 
PPTX
protection-151130150434-lva1-app6891.ppt_20240605_104455_0000.pptx
byabidwaqar4554
 
PPTX
System protection in Operating System
bysohaildanish
 
PPT
Chapter 14 - Protection
byWayne Jones Jnr
 
PPTX
Protection and security of operating system
byAbdullah Khosa
 
PPTX
about the presenation i dont fck about the t;
bytejaswi0514
 
PDF
CSI-503 - 10. Security & Protection (Operating System)
byghayour abbas
 
PDF
Ch13 protection
byWelly Dian Astika
 
PPTX
Protection Domain and Access Matrix Model -Operating System
byLalfakawmaKh
 
PPT
Os8
bygopal10scs185
 
PPT
Os8
bygopal10scs185
 
PPTX
Least privilege, access control, operating system security
byPrachi Gulihar
 
PDF
slidesgo-ensuring-security-understanding-the-goals-of-protection-in-operating...
byabidwaqar4554
 
PPTX
Swap space management and protection in os
byrajshreemuthiah
 
PPTX
Security-Mechanisms-and-Policies-Protecting-System-Resources (1).pptx
bypalkartik420238
 
PPT
14.Protection
bySenthil Kanth
 
PPT
Ch18 OS
byC.U
 
PPT
OSCh18
byJoe Christensen
 
PPT
OS_Ch18
bySupriya Shrivastava
 
DOCX
Aos v unit protection and access control
byvanamali_vanu
 
Protection
byMohanlal Sukhadia University (MLSU)
 
protection-151130150434-lva1-app6891.ppt_20240605_104455_0000.pptx
byabidwaqar4554
 
System protection in Operating System
bysohaildanish
 
Chapter 14 - Protection
byWayne Jones Jnr
 
Protection and security of operating system
byAbdullah Khosa
 
about the presenation i dont fck about the t;
bytejaswi0514
 
CSI-503 - 10. Security & Protection (Operating System)
byghayour abbas
 
Ch13 protection
byWelly Dian Astika
 
Protection Domain and Access Matrix Model -Operating System
byLalfakawmaKh
 
Os8
bygopal10scs185
 
Os8
bygopal10scs185
 
Least privilege, access control, operating system security
byPrachi Gulihar
 
slidesgo-ensuring-security-understanding-the-goals-of-protection-in-operating...
byabidwaqar4554
 
Swap space management and protection in os
byrajshreemuthiah
 
Security-Mechanisms-and-Policies-Protecting-System-Resources (1).pptx
bypalkartik420238
 
14.Protection
bySenthil Kanth
 
Ch18 OS
byC.U
 
OSCh18
byJoe Christensen
 
OS_Ch18
bySupriya Shrivastava
 
Aos v unit protection and access control
byvanamali_vanu
 

Recently uploaded

PPTX
Drug Distribution in Pharmacology: Mechanisms, Barriers, Factors & Volume of ...
byamrin3379
 
PPTX
Statistical Data Analysis using R Programming.pptx
byVETRISELVIP1
 
PDF
VIVA or SHORT ANSWER QUESTIONS or 2 MARKS QUESTIONS CHILD HEALTH NURSING.pdf
byPRADEEP ABOTHU
 
PPTX
Toba Tek Singh - Visualising Partition through Manto's Lens
byMiral Joshi
 
PPTX
2026SlideShare.pptx welcome talk 2026 for peace harmony
byBryanGan8
 
PPTX
MENTAL STATUS EXAMINATION Part-1.Shilpa hotakar.pptx
bySHILPA HOTAKAR
 
PPTX
Powerpoint for testing in embed test with Sway
byjeanpierrefort3
 
PPTX
Fruit Fermentation_ Ethanol & Sugar Estimation- Dr. Shikha Gaikwad
byinsighteduwithme
 
PPTX
YSPH VMOC Special Report - Measles - The Americas 1-25-2026
byYale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
PPTX
How to Create & Manage Wizard in Odoo 18
byCeline George
 
PDF
U.S. Departments of Education and Treasury fact sheet
byMebane Rash
 
PPTX
ALL London Event, January 17th 2026, at the British Film Institite, South Bank.
bySteve Smith
 
PDF
ĐỀ MINH HỌA KỲ THI TỐT NGHIỆP TRUNG HỌC PHỔ THÔNG NĂM 2026 MÔN TIẾNG ANH 2026...
byNguyen Thanh Tu Collection
 
PPTX
bundle of care.pptx Priti Bala @ BRD med
bypritibala13
 
PPTX
Payment Follow-Up via WhatsApp in Odoo 18.1 Accounting
byCeline George
 
PPTX
COMMUNICATION ITS PROCESS ELEMENTS & BARRIER .pptx
byPoojaSen20
 
PPTX
Day 2 ppt english.powerpoint presentation ppt
byJeahMaeMedez
 
PDF
Introduction to Principle Components Analysis algorithms
byBapusahebDange
 
PPTX
OCCULTISM IN JEHOVAH'S WITNESSES' ARTWORK
byDaniel Barnea
 
PPTX
Appreciations - Jan 26 01.pptxkjkjkkjkjkjkj
bypreetheshparmar
 
Drug Distribution in Pharmacology: Mechanisms, Barriers, Factors & Volume of ...
byamrin3379
 
Statistical Data Analysis using R Programming.pptx
byVETRISELVIP1
 
VIVA or SHORT ANSWER QUESTIONS or 2 MARKS QUESTIONS CHILD HEALTH NURSING.pdf
byPRADEEP ABOTHU
 
Toba Tek Singh - Visualising Partition through Manto's Lens
byMiral Joshi
 
2026SlideShare.pptx welcome talk 2026 for peace harmony
byBryanGan8
 
MENTAL STATUS EXAMINATION Part-1.Shilpa hotakar.pptx
bySHILPA HOTAKAR
 
Powerpoint for testing in embed test with Sway
byjeanpierrefort3
 
Fruit Fermentation_ Ethanol & Sugar Estimation- Dr. Shikha Gaikwad
byinsighteduwithme
 
YSPH VMOC Special Report - Measles - The Americas 1-25-2026
byYale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
How to Create & Manage Wizard in Odoo 18
byCeline George
 
U.S. Departments of Education and Treasury fact sheet
byMebane Rash
 
ALL London Event, January 17th 2026, at the British Film Institite, South Bank.
bySteve Smith
 
ĐỀ MINH HỌA KỲ THI TỐT NGHIỆP TRUNG HỌC PHỔ THÔNG NĂM 2026 MÔN TIẾNG ANH 2026...
byNguyen Thanh Tu Collection
 
bundle of care.pptx Priti Bala @ BRD med
bypritibala13
 
Payment Follow-Up via WhatsApp in Odoo 18.1 Accounting
byCeline George
 
COMMUNICATION ITS PROCESS ELEMENTS & BARRIER .pptx
byPoojaSen20
 
Day 2 ppt english.powerpoint presentation ppt
byJeahMaeMedez
 
Introduction to Principle Components Analysis algorithms
byBapusahebDange
 
OCCULTISM IN JEHOVAH'S WITNESSES' ARTWORK
byDaniel Barnea
 
Appreciations - Jan 26 01.pptxkjkjkkjkjkjkj
bypreetheshparmar
 

Protection

  • 1.
    PROTECTION In operating System PresentedBy: Md. Bellal Hossain Sohel Tanvir ID: 163015023 ID: 163015039
  • 2.
    Content What is Protection Goalsof Protection Principles of Protection Domain of Protection Example of protection Conclusion Revocation of Access Rights Access Controls
  • 3.
    What is Protection? Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system. The processes in an operating system must be protected from one another's activities.
  • 4.
    Goals of Protection? Obviously to prevent malicious misuse of the system by users or programs. To ensure that each shared resource is used only in accordance with system policies, which may be set either by system designers or by system administrators. To ensure that errant programs cause the minimal amount of damage possible It is up to administrators and users to implement those mechanisms effectively
  • 5.
    Principles of Protection? Theprinciple of least privilege dictates that programs, users, and systems be given just enough privileges to perform their tasks This ensures that failures do the least amount of harm and allow the least of harm to be done Typically each user is given their own account, and has only enough privilege to modify their own files. It is up to administrators and users to implement those mechanisms effectively
  • 6.
    An Example: MULTICS TheMULTICS system uses a complex system of rings, each corresponding to a different protection domain, as shown below:
  • 7.
    An Example: MULTICS Ringsare numbered from 0 to 7, with outer rings having a subset of the privileges of the inner rings. Each file is a memory segment, and each segment description includes an entry that indicates the ring number associated with that segment, as well as read, write, and execute privileges. Each process runs in a ring, according to the current-ring-number, a counter associated with each process.
  • 8.
    Access Matrix The modelof protection that we have been discussing can be viewed as an access matrix, in which columns represent different system resources and rows represent different protection domains. Entries within the matrix indicate what access that domain has to that resource.
  • 9.
    Access Matrix Domain switchingcan be easily supported under this model, simply by providing "switch" access to other domains:
  • 10.
    Access Control Role-Based AccessControl, RBAC, assigns privileges to users, programs, or roles as appropriate, where "privileges" refer to the right to call certain system calls, or to use certain parameters with those calls. RBAC supports the principle of least privilege, and reduces the susceptibility to abuse as opposed to SUID or SGID programs
  • 11.
    Revocation of AccessRights Immediate versus delayed - If delayed, can we determine when the revocation will take place? Selective versus general - Does revocation of an access right to an object affect all users who have that right, or only some users? Partial versus total - Can a subset of rights for an object be revoked, or are all rights revoked at once? The need to revoke access rights dynamically raises several questions: Temporary versus permanent - If rights are revoked, is there a mechanism for processes to re-acquire some or all of the revoked rights?
  • 12.
    Conclusion As computer systemshave become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. Protection was originally conceived as an adjunct to multiprogramming operating systems, so that untrustworthy users might safely share a common logical name space, such as a directory of files,