OS - Assignment - Security and Virtualization

ASSIGNMENT-8

1. Which are the ways for the user authentication? Explain each in brief.

Answer:

User authentication is a crucial part of system security that ensures only legitimate users can access system

resources.

There are several methods of user authentication, each with varying degrees of security and usability:

1. Password-based Authentication:

- Users provide a secret passphrase or password to verify their identity.

- Simple and common, but vulnerable to brute-force attacks and phishing if not managed properly.

2. Biometric Authentication:

- Uses biological traits such as fingerprints, facial recognition, iris scans, or voice recognition.

- Offers a high level of security but may raise privacy concerns and require specialized hardware.

3. Token-based Authentication:

- Involves physical or software-based tokens that generate temporary codes (e.g., RSA SecurID, OTP

apps).

- Adds an extra layer of security as possession of the token is required.

4. Multi-Factor Authentication (MFA):

- Combines two or more different methods of authentication (e.g., password + fingerprint).

- Significantly improves security by layering independent methods.

5. Smart Card Authentication:

- Utilizes cards embedded with integrated circuits for secure authentication.

- Commonly used in corporate or government environments.

Each method can be selected based on the level of security needed and the usability expectations of the
system.

2. Explain domain protection mechanism in brief.

Answer:

Domain protection is a method of defining and enforcing boundaries within which a process or user can

operate.

Each domain contains a set of resources (files, devices, etc.) and a set of access rights. The system ensures

that a process only accesses resources according to the domain's policies. This mechanism prevents

unauthorized access and supports the principle of least privilege by allowing minimal rights required to

perform a task.

3. What is Access Control list? Explain in brief.

Answer:

An Access Control List (ACL) is a security mechanism that associates each system object (like a file or

directory) with a list of users and their permitted access types (read, write, execute, etc.).

It helps in specifying and controlling what type of operations a particular user or process can perform on that

object, ensuring robust access control.

4. Explain the Trojan Horse and Trap doors program threats

Answer:

Trojan Horse:

- A malicious program disguised as a legitimate one.

- It performs hidden actions like stealing data or damaging the system when executed by the user.

Trap Door (Backdoor):

- A hidden entry point in a program left intentionally (or maliciously) for bypassing normal authentication.

- Often exploited by attackers to gain unauthorized access to systems.

5. Explain the Access metrics mechanism

Access matrix is a model used to define and manage access control. It is a table with subjects (users,

processes) as rows and objects (files, devices) as columns. Each cell defines the operations permitted (read,

write, execute, etc.) for that subject-object pair.

The matrix supports system-wide overview and enforcement of security policies.

6. Write a note on Generic Security Attacks.

Answer:

Generic security attacks include common techniques used by attackers to compromise systems:

- Eavesdropping: Listening to private communications.

- Data Modification: Altering data without authorization.

- Identity Spoofing: Impersonating another user.

- Password Cracking: Guessing or decrypting passwords.

- Denial of Service (DoS): Overloading systems to render them unusable.

Such attacks highlight the importance of layered defense and proactive security measures.

7. Design Principles of Security.

Answer:

Security principles provide guidelines to design secure systems:

- Least Privilege: Grant users the minimum access needed.

- Fail-Safe Defaults: Default to denying access unless explicitly allowed.

- Economy of Mechanism: Keep security mechanisms simple.

- Complete Mediation: Validate access every time.

- Open Design: Don't rely on secrecy of implementation.

- Separation of Privilege: Require multiple conditions for access.

- Least Common Mechanism: Reduce shared components.

- Psychological Acceptability: Make security features user-friendly.

1. Define Virtual machine and their benefits.

Answer:

A Virtual Machine (VM) is a software emulation of a physical computer. It allows multiple operating systems

to run on a single physical machine by sharing resources.

Benefits include:

- Isolation between systems.

- Better hardware utilization.

- Cost savings from reduced physical infrastructure.

- Flexibility for testing and development.

- Easier backup, migration, and recovery.

2. Differentiate between types of virtual machines.

Answer:

Virtual machines can be classified into:

1. System Virtual Machines:

- Provide full system virtualization including hardware simulation.

- Capable of running multiple operating systems.

- Used for testing, server consolidation.

- Examples: VMware, VirtualBox.

2. Process Virtual Machines:

- Designed to run a single application or process.

- Provides platform-independent execution.

- Examples: Java Virtual Machine (JVM), .NET CLR.

System VMs support entire OS environments, while process VMs support isolated application execution.

3. Explain building block of virtulization, including hypervisiors, Virtual machine monitor and virtulization
layers. Discuss the functions and operations.

Answer:

The key building blocks of virtualization include:

- Hypervisor:

- Software that manages multiple VMs on a host machine.

- Type 1 (bare-metal) runs directly on hardware; Type 2 (hosted) runs over an OS.

- Virtual Machine Monitor (VMM):

- Manages resource allocation, scheduling, and isolation among VMs.

- Ensures security and fairness.

- Virtualization Layers:

- Abstract the hardware to provide a unified environment to VMs.

- Help manage CPU, memory, I/O operations across VMs.

Functions:

- Resource scheduling

- Memory and I/O management

- VM provisioning and migration

4. Analyze the impact of virtualization on system performance, resource utilization, and management

efficiency.

Answer:

- System Performance:

- Minor overhead due to abstraction, which is optimized in modern systems.

- Resource Utilization:

- Higher utilization by running multiple VMs on a single host.

- Management Efficiency:

- Simplifies deployment, monitoring, and maintenance.

- Enhances scalability and disaster recovery.