This document summarizes key aspects of security in operating systems. It outlines security goals of confidentiality, integrity and availability. It defines security terminology like encryption, decryption, plain text and cipher text. It also describes different types of intruders like masqueraders, misfeasors and clandestine users who threaten system security. The document provides an overview of security issues in operating systems and common security measures.

1. Security Environment
ALA OPERATING SYSTEMS (2140702)
MADE BY:-
KUSHAGR SHARMA
150950107048
CSE-A, 4TH SEMESTER

2. Points To Be Covered are:-
 Security in os
 Security Goals
 Security Terminology
 Intruders

3. Security
 Security addresses the issue of preventing unauthorized access to resource.
 Basic methods used to protect software and hardware is passwords, backups, security
policies etc.
 Computer security deals with the prevention and detection of unauthorized action by the user.
 Different types of security in os are:
 Data Security
 Computer security
 Network security
 internet security

4. Security Goals
 There are three security goals, all the security
measure try to address at least one of these goals.
These goals are:
1. Confidentially
2. Integrity
3. Availability.

5. 1. Confidentiality
 It refers the authorization of data disclosure from users.
 Sensitive information should not be shown to unauthorized user.
 Unique user-id and password are given to users for unpinning the goal of
confidentiality.
 It is not only applied to storage of data but also to the transmission of
data.
 Hence it means that people cannot read sensitive info either while it is on
a computer or is travelling across the network.

6. 2. Integrity
 It refers to the trustworthiness of information resource.
 It includes that data should not be changed inappropriately,
either by accident or by deliberate margin.
 It ensures that information is not altered in transit.
 It also includes only preservation without corruption if
whatever was transmitted or entered into the system.

7. 3. Availability
 Availability refers to the presence of data in system whenever needed by the
user.
 It means that people who are authorized to the info are not prevented to do so.
 Availability is dependent on how reliant the organization has become on
functioning of a computer and communication infrastructure.
 It could be affected purely technical issues, human causes or natural
phenomenon.

8. Security Terminology
1. Encryption: a process of encoding a plain text message into non-readable format.
2. Decryption: Transferring an encrypted message back into its normal form.
3. Plain text: The original raw form of message.
4. Cipher text: The encrypted form of plain text.
5. Vulnerability: Security flaws that allows attack to be successful.
6. Passive attack: Attempts to use info from system but does not affect the system.
7. Active attack: Invokes some modification of data or creation of a false stream.

9. Intruders
 It is a person who attempts to gain unauthorized access to the system to damage
it or disturb the data of that system.
 There are three type of intruders:-
1. Masquerader: An unauthorized user who penetrated a computer system’s access
control and gain access to account.
2. Misfeasor: A Legitimate user who accesses resources he is not authorized to
access. Who is authorized to the access but misuses his privileges.
3. Clandestine user: A user who seizes the supervisory control of the system and
uses it to evade auditing and access control.