Protection and security

Introduction
Protection and security requires that
computer resources such as CPU, software,
memory etc. are protected.
This extends to the operating system as well
as the data in the system.
This can be done by ensuring integrity,
confidentiality and availability in the
operating system.
The system must be protect against
unauthorized access, viruses, worms etc.
Confidentiality
means that your information can be seen only
by you and those that you want to see the
information.
Integrity
 involves making sure that your information
cannot be changed or removed without your
authorization.
Availability
Ensures that you can get to your information
when you need it.
Need for security
Security of a computer system is a crucial task. It is a
process of ensuring confidentiality and integrity of the
OS.
Security refers to providing a protection system to
computer system resources such as CPU, memory,
disk, software programs and most importantly
data/information stored in the computer system.
If a computer program is run by an unauthorized user,
then he/she may cause severe damage to computer or
data stored in it.
So a computer system must be protected against
unauthorized access, malicious access to system
memory, viruses, worms etc.
Program Threats
Operating system's processes and kernel do
the designated task as instructed.
If a user program is altered and further used
to perform some malicious unwanted task ,
then it is known as Program Threats
One of the common example of program
threat is a program installed in a computer
which can store and send user credentials via
network to some hacker.
 Following is the list of some well-known program threats.
 Virus − Virus as name suggest it is a self-replicating that attaches
itself to a system file on computer system. They are highly
dangerous and can modify/delete user files, crash systems. A virus is
generally a small code embedded in a program. As user accesses the
program, the virus starts getting embedded in other files/ programs
and can make system unusable for user
 Trojan Horse − A code segment that misuses its environment is
called Trojan Horse.Such program traps user login credentials and
stores them to send to malicious user who can later on login to
computer and can access system resources.
 Trap Door − If a program which is designed to work as required,
have a security hole in its code and perform illegal action without
knowledge of user then it is called to have a trap door.

 Logic Bomb − Logic bomb is a situation when a program

misbehaves only when certain conditions met otherwise it works as
a genuine program. It is harder to detect.
System and Network Threats

System threats refers to misuse of system

services and network connections to put user
in trouble.
System threats can be used to launch
program threats on a complete network
called as program attack.
 System threats creates such an environment
that operating system resources/ user files
are misused.
Following is the list of some well-known system threats.
 Worm − Worm is a process which can choked down a
system performance by using system resources to
extreme levels. A Worm process generates its multiple
copies where each copy uses system resources, prevents
all other processes to get required resources. Worms
processes can even shut down an entire network.
 Port Scanning − Port scanning is a mechanism or means
by which a hacker can detects system to make an attack
on the system.
 Denial of Service − Denial of service attacks normally
prevents user to make legitimate use of the system. It
involves flooding a computer resource with more requests
than it can handle consuming its available bandwidth
which results in server overload. This causes the
resource (e.g. a web server) to crash or slow down
significantly so that no one can access it.
Authentication
 Authentication refers to identifying each user of the system
and associating the executing programs with those users.
 It is the responsibility of the Operating System to create a
protection system which ensures that a user who is running
a particular program is authentic.
 Operating Systems generally identifies/authenticates users
using following three ways −
 Username / Password − User need to enter a registered
username and password with Operating system to login into
the system.
 User card/key − User need to punch card in card slot, or
enter key generated by key generator in option provided by
operating system to login into the system.
 User attribute - fingerprint/ eye retina pattern/
signature − User need to pass his/her attribute via designated
input device used by operating system to login into the system.
Goals of Protection
To prevent malicious misuse of the system by
users or programs.
To ensure that each shared resource is used
only in accordance with
system policies, which may be set either by
system designers or by system
administrators.
To ensure that errant programs cause the
minimal amount of damage possible.
To ensure confidentiality, integrity and
availability
Principles of Protection
The principle of least privilege dictates that
programs, users, and systems be given just enough
privileges to perform their tasks.
This ensures that failures do the least amount of
harm and allow the least of harm to be done.
Typically each user is given their own account, and
has only enough privilege to modify their own files.
The root account should not be used for normal
day to day activities - The System Administrator
should also have an ordinary account, and reserve
use of the root account for only those tasks which
need the root privileges
Domain of Protection
A computer can be viewed as a collection
of processes and objects ( both HW & SW ).
The need to know principle states that a
process should only have access to those
objects it needs to accomplish its task, and
furthermore only in the modes for which it
needs access and only during the time frame
when it needs access.
The modes available for a particular object
may depend upon its type.
Domain Structure
A protection domain specifies the resources
that a process may access.
Each domain defines a set of objects and the
types of operations that may be invoked on
each object.
An access right is the ability to execute an
operation on an object.
A domain is defined as a set of < object,
{ access right set } > pairs, as shown below.
Access Matrix
The model of protection that we have been
discussing can be viewed as an access
matrix, in which columns represent different
system resources and rows represent
different protection domains.
Entries within the matrix indicate what
access that domain has to that resource.
The ability to copy rights is denoted by an
asterisk, indicating that processes in that
domain have the right to copy that access
within the same column, i.e. for the same
object.
The owner right adds the privilege of adding
new rights or removing existing ones:
Copy and owner rights only allow the
modification of rights within a column. The
addition of control rights, which only apply
to domain objects, allow a process operating
in one domain to affect the rights available in
other domains. For example in the table
below, a process operating in domain D2 has
the right to control any of the rights in
domain D4.