Operating System Security

FREE Online Courses: Transform Your Career – Enroll for Free!

Security is the feature of an Operating System that ensures the integrity, confidentiality, and availability of a system and its resources, especially the data and information. Security provides a protection system in case an unauthorized user gains access to the computer system and causes severe damage to the computer or the data stored in it. Thus, security protects the system from any malicious access to the memory, viruses, worms, and many more.

Authentication in Operating System

Authentication is the responsibility of the Operating System that identifies each user who accesses a system. It then associates the executing programs with those users. The OS creates a protection system that makes sure that the user currently working on the system is authentic. Following are the ways an OS authenticates users:

1. Username/Password: Each user has a registered username and password that they need to enter in order to login into the system.

2. User card/key: The user inserts a punch card in the card slot, or enters the OS-generated key in the option in order to login into the system.

3. User attribute: User attributes like fingerprint, eye retina pattern, or signature can be used to login into the system.

One Time passwords

A One-time password popularly known as OTP provides additional security alongside normal authentication. OTP is a unique password that a system generates every time a user tries to login into a system or application. As the name suggests it is a one-time password i.e., a user can use it only once. Following are the ways to implement an OTP:

1. Random numbers: A user receives cards that have numbers printed on them along with corresponding alphabets. The system then asks for these numbers that correspond to a few randomly chosen alphabets.

2. Secret key: A hardware device is given to the user that creates a secret id. The device maps this secret id with the user id. The system then asks for this secret id generated every time prior to login.

3. Network password: Some applications provide the users OTP on their registered mobile number or email prior to login. Users use this password to login into the system.

Program Threats

The kernel and processes of an OS complete a task as instructed. But if these processes are forced to do malicious tasks, then it is known as Program Threats. Program threats are usually the working of a hacker. Some well known program threats are:

1. Trojan Horse: A trojan horse traps the user’s login credentials. It stores them and sends them to the malicious user. This person can then login into the computer system and access the resources in the system.

2. Trap Door: A program contains a trap door if it has a security hole in its code and performs illegal action instead of doing what it is programmed to do. These unauthorized actions take place without the knowledge of the user.

3. Logic Bomb: In case of a logic bomb a program misbehaves in certain conditions. If those conditions are not met the program works as usual which makes a logic bomb harder to detect.

4. Virus: A virus replicates itself on a system and is highly dangerous. It can modify and delete user files and crash a system. A virus is usually in the form of a small code embedded in a program. As soon as a user accesses this program, it starts spreading in other files and programs, slowly corrupting the whole system.

System Threats

System threat is the misuse of the services of a system and its network connections. This puts a user in trouble as it misuses system resources and files. A system threat can launch program threats on a network. This is known as a program attack. Following are some well-known system threats:

1. Worm: A worm chokes down the system performance by using system resources to extreme levels. It generates multiple copies of a process and each copy uses the system resources, preventing other processes from getting the required resources. It can even shut down an entire network.

2. Port Scanning: Port scanning allows a hacker to detect the vulnerabilities of a system so that he/she can attack the system.

3. Denial of Service: A DoS attack prevents a user from making legitimate use of the system.

Computer Security Classifications

There are four security classifications in a computer system: A, B, C, and D. These specifications help determine and model the security of a system and provide security solutions.

Classification TypeDescription
Type AThis is the highest level of specification. It uses formal design specifications and verification techniques and provides a high degree of security assurance.
Type BThis specification provides mandatory protection to the system and has the properties of a class C2 system. Attaches a sensitivity label to each object. It has three types: 

B1: Maintains the security label of each object. Label makes decisions regarding access control.

B2: Extends the sensitivity labels to system resources and supports covert channels and event auditing.

B3: Allows the creation of lists or user groups in order to grant or revoke access to an object.

Type CThis specification uses audit capability to provide protection and user accountability. It has two types:

C1: Users can protect their private information themselves and keep their data safe from other users.

C2: It adds to the C1 system an individual-level access control.

Type DThis is the lowest level of specification and provides minimum protection.

Summary

Security is the feature of an OS that gives a system a protection system. It prevents access of any unauthorised user. Authentication can identify each user accessing a system. An OTP provides additional security. It is a one-time thing and can’t be reused. Program threats are man-made actions that force a program to perform malicious actions. System threat is the misuse of a system.

We work very hard to provide you quality material
Could you take 15 seconds and share your happy experience on Google

follow dataflair on YouTube

Leave a Reply

Your email address will not be published. Required fields are marked *