Operating System Security

Operating System Overview

• Operating system: collection of programs
that allows user to operate computer
hardware

2
 Operating System Overview

• Key functions of an operating system:

– Multitasking, multisharing
– Computer resource management
– Controls the flow of activities
– Provides a user interface

3
 Operating System Overview
• Key functions of an operating system
– Administers user actions and accounts
– Runs software utilities and programs
– Enforce security measures
– Schedules jobs

4
The Components of an Operating
System Security Environment
• Used as access points to the database
• Three components:
– Memory
– Services
– Files

5
 Services
• Main component of operating system
security environment
• Used to gain access to the OS and its
features
• Include
– User authentication
– Remote access
– Administration tasks
– Password policies
6
 Files

• Common threats:
– File permission
– File sharing
• Files must be protected from
unauthorized reading and writing actions
• Data resides in files; protecting files
protects data
• Read, write, and execute privileges
7
 Memory

• Hardware memory available on the

system
• Can be corrupted by badly written
software
• Two options:
– Stop using the program
– Apply a patch (service pack) to fix it
• Can harm data integrity
• Can potentially exploit data for illegal use 8
 Authentication Methods
• Authentication:
– Verifies user identity
– Permits access to the operating system
• Physical authentication:
– Allows physical entrance to company property
– Magnetic cards and biometric measures
• Digital authentication: verifies user identity
by digital means
9
 Authorization

• Process that decides whether users are

permitted to perform the functions they
request
• Authorization is not performed until the
user is authenticated
• Deals with privileges and rights

10
 User Administration
• Create user accounts
• Set password policies
• Grant privileges to users
• Best practices:
– Use a consistent naming convention
– Always provide a password to an account
and force the user to change it at the first
logon
– Protect passwords
11
– Do not use default passwords
 Vulnerabilities of Operating
Systems (continued)
• Top vulnerabilities to UNIX systems
(continued):
– Sendmail
– Simple Network Management Protocol
(SNMP)
– Secure Shell (SSH)
– Misconfiguration of Enterprise Services
NIS/NFS
– Open Secure Sockets Layer (SSL)
12
 E-mail Security
• Tool must widely used by public
• May be the tool must frequently used by
hackers:
– Viruses
– Worms
– Spam
– Others
• Used to send private and confidential
data as well as offensive material 13
 E-mail Security (continued)
• Used by employees to communicate with:
– Clients
– Colleagues
– Friends
• Recommendations:
– Do not configure e-mail server on the same
machine where sensitive data resides
– Do not disclose technical details about the
e-mail server
14
Computer Technology and
Security
 Computer Viruses
• Virus
– Stands for Vital Information Resources Under Siege
– Is a destructive computer program written to alter the
way a computer operates
– Is written by individuals to cause damage to computers
and the data stored on them
• Some Examples of virus are
– Disk Killer
– W97M
– Sunday
– Cascade
– Anna Kournikova
– Lovegate
 Antivirus Software

• Antivirus software
– Is a software to scan the computer for viruses
– Is used to remove the viruses from the computer if
found
• Examples of antivirus software are:
– Quick Heal
– Net Protector
– Avast
– McAfee
– VX2000
– Smartdog
 How to Prevent A Virus Attack

• Precautions that you can follow to keep your

computer free from viruses are:
– Scan all floppy disks/pen drives before opening or
copying files
– Install at least one antivirus software and run it
regularly
– Update the antivirus software regularly to check for
new viruses
– Make backup copies to minimize damage if virus
attack occur
 Hacking

• Hackers or Crackers
– Are people who access the computers of others
without their knowledge
– They are intelligent programmers, who have high
knowledge of computer systems and programming
languages
 Misusing Personal Information

• Chances of the data being intercepted, deleted

or altered by others can happen
– When data is transferred over a large network
– In chat rooms and newsgroups, where people often
reveal personal details in their interaction with others.
People with bad intentions use this information
maliciously
 Theft of Information
The different types of crimes and criminals that
the digital world harbours are:
• Software Piracy
– Is the illegal copying, distribution, or use of software
without the permission of its owner
• Cracking
– Cracker
• Break into the computers of other users by means
of a network, either for the challenge or for some
malicious intention
• Take advantage of any breach in security on a
computer and steal vital information or even cause
damage to files and programs
 Theft of Information (Contd..)
Stealing Data
– Occurs when data is transferred from one network to
another where there is a risk of the information being
viewed, deleted, or altered by others
– Occurs when Individuals share their information online
or when they buy goods online
 Basic Security for your Computer

Precautions to minimize the risk of data-loss are:

• Restricting access to your computer
• Creating backups of data
• Scanning and cleaning e-mail attachments
• Checking for viruses before downloading files
from the Internet
• Applying virus updates and patches
• Setting up firewalls
• Encrypting data
 Restricting Access to Your Computer
• You can restrict access to the computer by
– Setting a password
– Locking the computer
 Creating Backups of Data

Some of the situations that might lead to data-loss

are:
• Power failures
• Program crashes
• New users
 Downloading Files from the Internet

While browsing or downloading files from the

Internet
• Be cautious about the pop-up windows that
appear
• Ensure that it is virus free
• Scan any application before installing it
 Applying Updates and Patches

• Updates of anti-virus software give information

about new viruses and the ways they infect files

• Patches for anti-virus software will install new

features.
 Setting Firewalls

• Firewall is a combination of hardware and

software
• Firewall protects your network from
– Destructive Web sites
– Offensive Web sites
– Potential hackers
• To set up a firewall:
– Click Start, and then click Control Panel.
 Encrypting Data

• Encryption
– Is the process of converting data into symbols
– Used to safeguard your data