SlideShare a Scribd company logo

Protection and Security in Operating Systems

Download as PPT, PDF
V
vampugani

The document discusses protection and security in operating systems. It covers two main techniques used by OSes: protection and security. Protection involves guarding against interference from other authorized users, while security guards against external unauthorized entities. The document outlines various security models, policies, threats, and mechanisms used in OSes like access control lists, authentication, and more. It provides an overview of concepts related to information security in operating systems.

Education
Related topics:
OS
1 of 22
Downloaded 377 times
1
2
Most read
3
4
5
6
7
Most read
8
9
10
11
12
13
14
15
16
Most read
17
18
19
20
21
22
Protection and Security in OS V.V.SUBRAHMANYAM SOCIS, IGNOU DATE: 28-10-07 TIME: 16-30 TO 17-00
Introduction  Interference in resource utilization is a very serious threat in an OS  The nature of the threat depends on the nature of a resource and the manner in which it is used.  In this session, we discuss threats to information stored in files because they are the most common, and also the most complex, threats.
Protection and Security  OS use two sets of techniques to counter threats to information namely: Protection Security
Protection  It involves guarding a user’s data and programs against interference by other authorized users of the system.
Security  It involves guarding of a user’s data and programs against interference by external entities, e.g. unauthorized persons.
Facets to protection of information  There are two facets to protection of information Secrecy: Implies that only authorized users should be able to access information. Privacy: Implies that information should be used only for the purpose(s) for which it is intended and shared. OS focuses on guaranteeing secrecy of information , and leaves the issue of privacy to the users and their processes.
Security and Protection: Policies and Mechanisms Security Policy Specify whether a person can become a user of the system. This function is performed by the system administrator Mechanisms 1. Add or delete users 2. Verify whether a person is an authorized user. Protection Policy Specify whether a user can access a specific file. The owner of a file performs this function while creating it. Mechanisms 1. Set or change protection information for a file. 2. Check whether a file can be accessed by a user.
Security Attributes  Security is traditionally defined by the three attributes namely: Confidentiality: It is the prevention of unauthorized modification of information or resources. Integrity: It is the prevention of unauthorized Availability: It is the prevention of unauthorized withholding of information or resources.
Security Threats  Direct: This is any direct attack on your specific systems, whether from outside hackers or from disgruntled insiders.  Indirect: This is general random attack, most commonly computer viruses, computer worms or Trojan horses.
Reasons for taking Security measures  To prevent loss of data  To prevent corruption of data  To prevent compromise of data  TO prevent theft of data  To prevent sabotage
Authentication  Goal of Authentication: Reasonable assurance that anyone who attempts to access a system or a network is a legitimate user.  3 Mechanisms: Password Physical token or an artifact Biometric measure
Security Models  Security models can be discretionary or mandatory. Discretionary: Holders of right can be allowed to transfer them at their discretion. Mandatory: Only designated roles are allowed to grant rights and users cannot transfer them.
Security policy Vs. Security Model  Security Policy: Outlines several high level points: how the data is accessed, the amount of security required and what are the steps when these requirements are not met.  Security Model: The mechanism to support the security policy. This involves in the design of the security system.
Access Matrix Model  Consists three principal components: A set of passive objects (files, terminals, devices and other entities) A set of active subjects, which may be manipulate the objects A set of rules governing the manipulation of objects by subjects.
The access matrix is a rectangular array with one row per subject and one column per object. Objects Subjects File 1 File 2 File 3 User 1 r,w r r,w,x User 2 r r r,w,x User 3 r,w,x r,w r,w,x
Role Based Access Control  Enforces access controls depending upon a user role(s).  Roles represent specific organization duties and are commonly mapped to job title. Ex: Administrator, Developer etc.  Role definitions and associated access rights must be based upon a thorough understanding of an organization’s security policy.
Take-Grant Model  This model use graphs to model access control.  The graph structure can be represented as an adjacency matrix and labels on the arcs can be coded as different values in the matrix.  Nodes in the graph are of two types, one corresponding to subjects and the other to objects.  The possible access rights are read( r), write(w), take(t) and grant(g).
Example of Take
Example of Grant
Multilevel Models  This type of models corresponds to the multilevel policies where data is classified into sensitivity levels and users have access according to their clearances.  Also known as Data Flow Models.
Contd…  The Bell-La Padula model, intended to contral leakage of information between levels.  The Biba Model, which controls the integrity.  The Lattice Model, which generalizes the partially ordered levels of the previous models using the concept of mathematical lattices.
Thank You

More Related Content

PPTX
Security & protection in operating system
Abou Bakr Ashraf
 
PDF
OPERATING SYSTEM SECURITY
RohitK71
 
PPTX
Operating system security
Ramesh Ogania
 
PPTX
Protection and security of operating system
Abdullah Khosa
 
PPT
Protection
Mohanlal Sukhadia University (MLSU)
 
PPT
Design for security in operating system
Bhagyashree Barde
 
PPTX
file system in operating system
tittuajay
 
PPTX
Operating System Security
Ramesh Upadhaya
 
Security & protection in operating system
Abou Bakr Ashraf
 
OPERATING SYSTEM SECURITY
RohitK71
 
Operating system security
Ramesh Ogania
 
Protection and security of operating system
Abdullah Khosa
 
Protection
Mohanlal Sukhadia University (MLSU)
 
Design for security in operating system
Bhagyashree Barde
 
file system in operating system
tittuajay
 
Operating System Security
Ramesh Upadhaya
 

What's hot (20)

PPTX
Protection and security
mbadhi
 
PPTX
Program Threats
guestab0ee0
 
PPTX
File system Os
Nehal Naik
 
PPTX
Deadlock ppt
Sweetestangel Kochar
 
PPTX
Active and Passive Network Attacks
Pradipta Poudel
 
PPTX
OSI Model - Open Systems Interconnection
Adeel Rasheed
 
PDF
Processes description and process control.
Ahsan Rahim
 
PPTX
Wireless network security
Vishal Agarwal
 
PPTX
File system structure
sangrampatil81
 
PPTX
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
PPTX
Storage management in operating system
DeepikaT13
 
PPTX
8 queens problem using back tracking
Tech_MX
 
PPTX
Software Configuration Management (SCM)
Er. Shiva K. Shrestha
 
PDF
Information Security Lecture Notes
FellowBuddy.com
 
PPTX
Deadlock Prevention
prachi mewara
 
PPTX
Introduction to Parallel and Distributed Computing
Sayed Chhattan Shah
 
PDF
Memory management
Rajni Sirohi
 
PDF
OS - Process Concepts
Mukesh Chinta
 
PDF
Disk allocation methods
ajeela mushtaq
 
PPTX
CS8792 - Cryptography and Network Security
vishnukp34
 
Protection and security
mbadhi
 
Program Threats
guestab0ee0
 
File system Os
Nehal Naik
 
Deadlock ppt
Sweetestangel Kochar
 
Active and Passive Network Attacks
Pradipta Poudel
 
OSI Model - Open Systems Interconnection
Adeel Rasheed
 
Processes description and process control.
Ahsan Rahim
 
Wireless network security
Vishal Agarwal
 
File system structure
sangrampatil81
 
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Storage management in operating system
DeepikaT13
 
8 queens problem using back tracking
Tech_MX
 
Software Configuration Management (SCM)
Er. Shiva K. Shrestha
 
Information Security Lecture Notes
FellowBuddy.com
 
Deadlock Prevention
prachi mewara
 
Introduction to Parallel and Distributed Computing
Sayed Chhattan Shah
 
Memory management
Rajni Sirohi
 
OS - Process Concepts
Mukesh Chinta
 
Disk allocation methods
ajeela mushtaq
 
CS8792 - Cryptography and Network Security
vishnukp34
 
Ad

Similar to Protection and Security in Operating Systems (20)

PPTX
Security & Protection in Operating System
Meghaj Mallick
 
PPTX
operating system ppt tegeng2.pptxguktgjh
tegenefikadu91
 
PPTX
resource security and protection in distributed system
sathiabama40
 
PPT
Chapter 5-Security Mechanisms and Techniques.ppt
Lina Shimelis
 
PPT
Ch1 cse
bhaskard8
 
PDF
Information Security basic introduction by professor
adityakatare35
 
PDF
CSI-503 - 10. Security & Protection (Operating System)
ghayour abbas
 
PDF
Chapter 1 - Introduction.pdf
EthioDotNetDeveloper
 
PDF
Health Information Privacy and Security
Nawanan Theera-Ampornpunt
 
PPT
Chapter Last.ppt
miki304759
 
PPTX
Security Environment, Design Principles Of Security
ankitashah871482
 
PPTX
securityandprotection Design Principles Of Security
ankitashah871482
 
PPT
AccessControl.ppt
DAKSHATAPANCHAL2
 
PPTX
Week Topic Code Access vs Event Based.pptx
ArjayBalberan1
 
PPT
4_5949547032388570388.ppt
MohammedMohammed578197
 
PDF
Distributed Operating System Resource Security And Protection: Access and Flo...
Aki Akshaya.D
 
PPTX
Protection Domain and Access Matrix Model -Operating System
LalfakawmaKh
 
PPTX
Protection in general purpose operating system
Prachi Gulihar
 
PDF
Health Information Privacy and Security
Nawanan Theera-Ampornpunt
 
PPT
Access control3
Awhydot
 
Security & Protection in Operating System
Meghaj Mallick
 
operating system ppt tegeng2.pptxguktgjh
tegenefikadu91
 
resource security and protection in distributed system
sathiabama40
 
Chapter 5-Security Mechanisms and Techniques.ppt
Lina Shimelis
 
Ch1 cse
bhaskard8
 
Information Security basic introduction by professor
adityakatare35
 
CSI-503 - 10. Security & Protection (Operating System)
ghayour abbas
 
Chapter 1 - Introduction.pdf
EthioDotNetDeveloper
 
Health Information Privacy and Security
Nawanan Theera-Ampornpunt
 
Chapter Last.ppt
miki304759
 
Security Environment, Design Principles Of Security
ankitashah871482
 
securityandprotection Design Principles Of Security
ankitashah871482
 
AccessControl.ppt
DAKSHATAPANCHAL2
 
Week Topic Code Access vs Event Based.pptx
ArjayBalberan1
 
4_5949547032388570388.ppt
MohammedMohammed578197
 
Distributed Operating System Resource Security And Protection: Access and Flo...
Aki Akshaya.D
 
Protection Domain and Access Matrix Model -Operating System
LalfakawmaKh
 
Protection in general purpose operating system
Prachi Gulihar
 
Health Information Privacy and Security
Nawanan Theera-Ampornpunt
 
Access control3
Awhydot
 
Ad

More from vampugani (19)

PPTX
Social media presentation
vampugani
 
PPTX
Creating Quick Response(QR) Codes for the OER
vampugani
 
PPTX
Arithmetic Computation using 2's Complement Notation
vampugani
 
PPTX
Post Graduate Diploma in Computer Applications (PGDCA)
vampugani
 
PPTX
Overview of Distributed Systems
vampugani
 
PPT
Virtual Memory
vampugani
 
PPT
Memory Management in OS
vampugani
 
PPT
Process Scheduling
vampugani
 
PPT
Processes
vampugani
 
PPT
Introduction to OS
vampugani
 
PPT
Operating Systems
vampugani
 
PPT
Distributed Systems
vampugani
 
PPT
Multiprocessor Systems
vampugani
 
PPT
File Management in Operating Systems
vampugani
 
PPT
Strings in c
vampugani
 
PPT
Arrays in c
vampugani
 
PPT
Control statements and functions in c
vampugani
 
PPT
Introduction to C Programming
vampugani
 
PPT
Introduction to C Programming - I
vampugani
 
Social media presentation
vampugani
 
Creating Quick Response(QR) Codes for the OER
vampugani
 
Arithmetic Computation using 2's Complement Notation
vampugani
 
Post Graduate Diploma in Computer Applications (PGDCA)
vampugani
 
Overview of Distributed Systems
vampugani
 
Virtual Memory
vampugani
 
Memory Management in OS
vampugani
 
Process Scheduling
vampugani
 
Processes
vampugani
 
Introduction to OS
vampugani
 
Operating Systems
vampugani
 
Distributed Systems
vampugani
 
Multiprocessor Systems
vampugani
 
File Management in Operating Systems
vampugani
 
Strings in c
vampugani
 
Arrays in c
vampugani
 
Control statements and functions in c
vampugani
 
Introduction to C Programming
vampugani
 
Introduction to C Programming - I
vampugani
 

Recently uploaded (20)

PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PPTX
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PDF
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
Classroom Observation Tools for Teachers
Nicaramirez
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 

Protection and Security in Operating Systems

  • 1. Protection and Security in OS V.V.SUBRAHMANYAM SOCIS, IGNOU DATE: 28-10-07 TIME: 16-30 TO 17-00
  • 2. Introduction  Interference in resource utilization is a very serious threat in an OS  The nature of the threat depends on the nature of a resource and the manner in which it is used.  In this session, we discuss threats to information stored in files because they are the most common, and also the most complex, threats.
  • 3. Protection and Security  OS use two sets of techniques to counter threats to information namely: Protection Security
  • 4. Protection  It involves guarding a user’s data and programs against interference by other authorized users of the system.
  • 5. Security  It involves guarding of a user’s data and programs against interference by external entities, e.g. unauthorized persons.
  • 6. Facets to protection of information  There are two facets to protection of information Secrecy: Implies that only authorized users should be able to access information. Privacy: Implies that information should be used only for the purpose(s) for which it is intended and shared. OS focuses on guaranteeing secrecy of information , and leaves the issue of privacy to the users and their processes.
  • 7. Security and Protection: Policies and Mechanisms Security Policy Specify whether a person can become a user of the system. This function is performed by the system administrator Mechanisms 1. Add or delete users 2. Verify whether a person is an authorized user. Protection Policy Specify whether a user can access a specific file. The owner of a file performs this function while creating it. Mechanisms 1. Set or change protection information for a file. 2. Check whether a file can be accessed by a user.
  • 8. Security Attributes  Security is traditionally defined by the three attributes namely: Confidentiality: It is the prevention of unauthorized modification of information or resources. Integrity: It is the prevention of unauthorized Availability: It is the prevention of unauthorized withholding of information or resources.
  • 9. Security Threats  Direct: This is any direct attack on your specific systems, whether from outside hackers or from disgruntled insiders.  Indirect: This is general random attack, most commonly computer viruses, computer worms or Trojan horses.
  • 10. Reasons for taking Security measures  To prevent loss of data  To prevent corruption of data  To prevent compromise of data  TO prevent theft of data  To prevent sabotage
  • 11. Authentication  Goal of Authentication: Reasonable assurance that anyone who attempts to access a system or a network is a legitimate user.  3 Mechanisms: Password Physical token or an artifact Biometric measure
  • 12. Security Models  Security models can be discretionary or mandatory. Discretionary: Holders of right can be allowed to transfer them at their discretion. Mandatory: Only designated roles are allowed to grant rights and users cannot transfer them.
  • 13. Security policy Vs. Security Model  Security Policy: Outlines several high level points: how the data is accessed, the amount of security required and what are the steps when these requirements are not met.  Security Model: The mechanism to support the security policy. This involves in the design of the security system.
  • 14. Access Matrix Model  Consists three principal components: A set of passive objects (files, terminals, devices and other entities) A set of active subjects, which may be manipulate the objects A set of rules governing the manipulation of objects by subjects.
  • 15. The access matrix is a rectangular array with one row per subject and one column per object. Objects Subjects File 1 File 2 File 3 User 1 r,w r r,w,x User 2 r r r,w,x User 3 r,w,x r,w r,w,x
  • 16. Role Based Access Control  Enforces access controls depending upon a user role(s).  Roles represent specific organization duties and are commonly mapped to job title. Ex: Administrator, Developer etc.  Role definitions and associated access rights must be based upon a thorough understanding of an organization’s security policy.
  • 17. Take-Grant Model  This model use graphs to model access control.  The graph structure can be represented as an adjacency matrix and labels on the arcs can be coded as different values in the matrix.  Nodes in the graph are of two types, one corresponding to subjects and the other to objects.  The possible access rights are read( r), write(w), take(t) and grant(g).
  • 20. Multilevel Models  This type of models corresponds to the multilevel policies where data is classified into sensitivity levels and users have access according to their clearances.  Also known as Data Flow Models.
  • 21. Contd…  The Bell-La Padula model, intended to contral leakage of information between levels.  The Biba Model, which controls the integrity.  The Lattice Model, which generalizes the partially ordered levels of the previous models using the concept of mathematical lattices.