

{"id":100273,"date":"2021-08-18T14:28:50","date_gmt":"2021-08-18T08:58:50","guid":{"rendered":"https:\/\/data-flair.training\/blogs\/?p=100273"},"modified":"2021-08-18T14:28:50","modified_gmt":"2021-08-18T08:58:50","slug":"operating-system-security","status":"publish","type":"post","link":"https:\/\/data-flair.training\/blogs\/operating-system-security\/","title":{"rendered":"Operating System Security"},"content":{"rendered":"<p>Security is the feature of an Operating System that ensures the integrity, confidentiality, and availability of a system and its resources, especially the data and information. Security provides a protection system in case an unauthorized user gains access to the computer system and causes severe damage to the computer or the data stored in it. Thus, security protects the system from any malicious access to the memory, viruses, worms, and many more.<\/p>\n<h3>Authentication in Operating System<\/h3>\n<p>Authentication is the responsibility of the Operating System that identifies each user who accesses a system. It then associates the executing programs with those users. The OS creates a protection system that makes sure that the user currently working on the system is authentic. Following are the ways an OS authenticates users:<\/p>\n<p><strong>1. Username\/Password:<\/strong> Each user has a registered username and password that they need to enter in order to login into the system.<\/p>\n<p><strong>2. User card\/key:<\/strong> The user inserts a punch card in the card slot, or enters the OS-generated key in the option in order to login into the system.<\/p>\n<p><strong>3. User attribute:<\/strong> User attributes like fingerprint, eye retina pattern, or signature can be used to login into the system.<\/p>\n<h3>One Time passwords<\/h3>\n<p>A One-time password popularly known as OTP provides additional security alongside normal authentication. OTP is a unique password that a system generates every time a user tries to login into a system or application. As the name suggests it is a one-time password i.e., a user can use it only once. Following are the ways to implement an OTP:<\/p>\n<p><strong>1. Random numbers:<\/strong> A user receives cards that have numbers printed on them along with corresponding alphabets. The system then asks for these numbers that correspond to a few randomly chosen alphabets.<\/p>\n<p><strong>2. Secret key:<\/strong> A hardware device is given to the user that creates a secret id. The device maps this secret id with the user id. The system then asks for this secret id generated every time prior to login.<\/p>\n<p><strong>3. Network password:<\/strong> Some applications provide the users OTP on their registered mobile number or email prior to login. Users use this password to login into the system.<\/p>\n<h3>Program Threats<\/h3>\n<p>The kernel and processes of an OS complete a task as instructed. But if these processes are forced to do malicious tasks, then it is known as Program Threats. Program threats are usually the working of a hacker. Some well known program threats are:<\/p>\n<p><strong>1. Trojan Horse:<\/strong> A trojan horse traps the user&#8217;s login credentials. It stores them and sends them to the malicious user. This person can then login into the computer system and access the resources in the system.<\/p>\n<p><strong>2. Trap Door:<\/strong> A program contains a trap door if it has a security hole in its code and performs illegal action instead of doing what it is programmed to do. These unauthorized actions take place without the knowledge of the user.<\/p>\n<p><strong>3. Logic Bomb:<\/strong> In case of a logic bomb a program misbehaves in certain conditions. If those conditions are not met the program works as usual which makes a logic bomb harder to detect.<\/p>\n<p><strong>4. Virus:<\/strong> A virus replicates itself on a system and is highly dangerous. It can modify and delete user files and crash a system. A virus is usually in the form of a small code embedded in a program. As soon as a user accesses this program, it starts spreading in other files and programs, slowly corrupting the whole system.<\/p>\n<h3>System Threats<\/h3>\n<p>System threat is the misuse of the services of a system and its network connections. This puts a user in trouble as it misuses system resources and files. A system threat can launch program threats on a network. This is known as a program attack. Following are some well-known system threats:<\/p>\n<p><strong>1. Worm:<\/strong> A worm chokes down the system performance by using system resources to extreme levels. It generates multiple copies of a process and each copy uses the system resources, preventing other processes from getting the required resources. It can even shut down an entire network.<\/p>\n<p><strong>2. Port Scanning:<\/strong> Port scanning allows a hacker to detect the vulnerabilities of a system so that he\/she can attack the system.<\/p>\n<p><strong>3. Denial of Service:<\/strong> A DoS attack prevents a user from making legitimate use of the system.<\/p>\n<h3>Computer Security Classifications<\/h3>\n<p>There are four security classifications in a computer system: A, B, C, and D. These specifications help determine and model the security of a system and provide security solutions.<\/p>\n<table>\n<tbody>\n<tr>\n<td><b>Classification Type<\/b><\/td>\n<td><b>Description<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Type A<\/span><\/td>\n<td><span style=\"font-weight: 400;\">This is the highest level of specification. It uses formal design specifications and verification techniques and provides a high degree of security assurance.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Type B<\/span><\/td>\n<td><span style=\"font-weight: 400;\">This specification provides mandatory protection to the system and has the properties of a class C2 system. Attaches a sensitivity label to each object. It has three types:\u00a0<\/span><\/p>\n<p><b>B1:<\/b><span style=\"font-weight: 400;\"> Maintains the security label of each object. Label makes decisions regarding access control.<\/span><\/p>\n<p><b>B2:<\/b><span style=\"font-weight: 400;\"> Extends the sensitivity labels to system resources and supports covert channels and event auditing.<\/span><\/p>\n<p><b>B3:<\/b><span style=\"font-weight: 400;\"> Allows the creation of lists or user groups in order to grant or revoke access to an object.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Type C<\/span><\/td>\n<td><span style=\"font-weight: 400;\">This specification uses audit capability to provide protection and user accountability. It has two types:<\/span><\/p>\n<p><b>C1:<\/b><span style=\"font-weight: 400;\"> Users can protect their private information themselves and keep their data safe from other users.<\/span><\/p>\n<p><b>C2:<\/b><span style=\"font-weight: 400;\"> It adds to the C1 system an individual-level access control.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Type D<\/span><\/td>\n<td><span style=\"font-weight: 400;\">This is the lowest level of specification and provides minimum protection.<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>Summary<\/h3>\n<p>Security is the feature of an OS that gives a system a protection system. It prevents access of any unauthorised user. Authentication can identify each user accessing a system. An OTP provides additional security. It is a one-time thing and can\u2019t be reused. Program threats are man-made actions that force a program to perform malicious actions. System threat is the misuse of a system.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security is the feature of an Operating System that ensures the integrity, confidentiality, and availability of a system and its resources, especially the data and information. Security provides a protection system in case an&#46;&#46;&#46;<\/p>\n","protected":false},"author":1,"featured_media":100337,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24565],"tags":[24958,24957,24956],"class_list":["post-100273","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-operating-system-tutorials","tag-authentication-in-operating-system","tag-computer-security-classifications","tag-operating-system-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Operating System Security - DataFlair<\/title>\n<meta name=\"description\" content=\"Security is feature of Operating System that ensures integrity, confidentiality &amp; availability of a system &amp; its resources. Learn about it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/data-flair.training\/blogs\/operating-system-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Operating System Security - DataFlair\" \/>\n<meta property=\"og:description\" content=\"Security is feature of Operating System that ensures integrity, confidentiality &amp; availability of a system &amp; its resources. Learn about it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/data-flair.training\/blogs\/operating-system-security\/\" \/>\n<meta property=\"og:site_name\" content=\"DataFlair\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/DataFlairWS\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-18T08:58:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2021\/08\/OS-SECURITY.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"DataFlair Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@DataFlairWS\" \/>\n<meta name=\"twitter:site\" content=\"@DataFlairWS\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"DataFlair Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Operating System Security - DataFlair","description":"Security is feature of Operating System that ensures integrity, confidentiality & availability of a system & its resources. Learn about it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/data-flair.training\/blogs\/operating-system-security\/","og_locale":"en_US","og_type":"article","og_title":"Operating System Security - DataFlair","og_description":"Security is feature of Operating System that ensures integrity, confidentiality & availability of a system & its resources. Learn about it.","og_url":"https:\/\/data-flair.training\/blogs\/operating-system-security\/","og_site_name":"DataFlair","article_publisher":"https:\/\/www.facebook.com\/DataFlairWS\/","article_published_time":"2021-08-18T08:58:50+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2021\/08\/OS-SECURITY.jpg","type":"image\/jpeg"}],"author":"DataFlair Team","twitter_card":"summary_large_image","twitter_creator":"@DataFlairWS","twitter_site":"@DataFlairWS","twitter_misc":{"Written by":"DataFlair Team","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#article","isPartOf":{"@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/"},"author":{"name":"DataFlair Team","@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/person\/b49855299264df5e27e3ec6c2cd9fde9"},"headline":"Operating System Security","datePublished":"2021-08-18T08:58:50+00:00","mainEntityOfPage":{"@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/"},"wordCount":973,"commentCount":0,"publisher":{"@id":"https:\/\/data-flair.training\/blogs\/#organization"},"image":{"@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#primaryimage"},"thumbnailUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2021\/08\/OS-SECURITY.jpg","keywords":["Authentication in Operating System","Computer Security Classifications","Operating System Security"],"articleSection":["Operating System Tutorials"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/data-flair.training\/blogs\/operating-system-security\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/","url":"https:\/\/data-flair.training\/blogs\/operating-system-security\/","name":"Operating System Security - DataFlair","isPartOf":{"@id":"https:\/\/data-flair.training\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#primaryimage"},"image":{"@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#primaryimage"},"thumbnailUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2021\/08\/OS-SECURITY.jpg","datePublished":"2021-08-18T08:58:50+00:00","description":"Security is feature of Operating System that ensures integrity, confidentiality & availability of a system & its resources. Learn about it.","breadcrumb":{"@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/data-flair.training\/blogs\/operating-system-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#primaryimage","url":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2021\/08\/OS-SECURITY.jpg","contentUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2021\/08\/OS-SECURITY.jpg","width":1200,"height":628,"caption":"Operating System Security"},{"@type":"BreadcrumbList","@id":"https:\/\/data-flair.training\/blogs\/operating-system-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog Home","item":"https:\/\/data-flair.training\/blogs\/"},{"@type":"ListItem","position":2,"name":"Operating System Tutorials","item":"https:\/\/data-flair.training\/blogs\/category\/operating-system-tutorials\/"},{"@type":"ListItem","position":3,"name":"Operating System Security"}]},{"@type":"WebSite","@id":"https:\/\/data-flair.training\/blogs\/#website","url":"https:\/\/data-flair.training\/blogs\/","name":"DataFlair","description":"Learn Today. Lead Tomorrow.","publisher":{"@id":"https:\/\/data-flair.training\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/data-flair.training\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/data-flair.training\/blogs\/#organization","name":"DataFlair","url":"https:\/\/data-flair.training\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2016\/07\/Data-Flair.png","contentUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2016\/07\/Data-Flair.png","width":106,"height":48,"caption":"DataFlair"},"image":{"@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/DataFlairWS\/","https:\/\/x.com\/DataFlairWS","https:\/\/www.linkedin.com\/company\/dataflair-web-services-pvt-ltd\/","https:\/\/www.youtube.com\/user\/DataFlairWS"]},{"@type":"Person","@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/person\/b49855299264df5e27e3ec6c2cd9fde9","name":"DataFlair Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/ef46b745ddad2fad690af626c6ef29b91809ad0a9f5ef398d07817d8cad042f5?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ef46b745ddad2fad690af626c6ef29b91809ad0a9f5ef398d07817d8cad042f5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ef46b745ddad2fad690af626c6ef29b91809ad0a9f5ef398d07817d8cad042f5?s=96&d=mm&r=g","caption":"DataFlair Team"},"description":"DataFlair Team is a group of passionate educators and industry experts dedicated to providing high-quality online learning resources on programming, Java, Python, C++, DSA, AI, ML, data Science, Android, Flutter, MERN, Web Development, and technology. With years of experience in the field, the team aims to simplify complex topics and help learners advance their careers. At DataFlair, we believe in empowering students and professionals with the knowledge and skills needed to thrive in today\u2019s fast-paced tech industry. Follow us for Free courses, expert insights, tutorials, and practical tips to boost your learning journey.","url":"https:\/\/data-flair.training\/blogs\/author\/datafbdad\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts\/100273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/comments?post=100273"}],"version-history":[{"count":3,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts\/100273\/revisions"}],"predecessor-version":[{"id":100339,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts\/100273\/revisions\/100339"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/media\/100337"}],"wp:attachment":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/media?parent=100273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/categories?post=100273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/tags?post=100273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}