UNIT III

SECURITY IN CONVENTIONAL OPERATING SYUSTEMS

MEMORY:

The term Memory can be defined as a collection of data in a specific format. It is used
to store instructions and process data. The memory comprises a large array or group of words
or bytes, each with its own location. The primary motive of a computer system is to execute
programs. These programs, along with the information they access, should be in the main
memory during execution. The CPU fetches instructions from memory according to the value
of the program counter.
To achieve a degree of multiprogramming and proper utilization of memory, memory
management is important. Many memory management methods exist, reflecting various
approaches, and the effectiveness of each algorithm depends on the situation.

What is Main Memory:

 The main memory is central to the operation of a modern computer. Main Memory is a large
array of words or bytes, ranging in size from hundreds of thousands to billions.
 Main memory is a repository of rapidly available information shared by the CPU and I/O
devices. Main memory is the place where programs and information are kept when the
processor is effectively utilizing them.
 Main memory is associated with the processor, so moving instructions and information into
and out of the processor is extremely fast. Main memory is also known as RAM(Random
Access Memory).
 This memory is a volatile memory.RAM lost its data when a power interruption occurs.

Why Memory Management is required:

 Allocate and de-allocate memory before and after process execution.

 To keep track of used memory space by processes.
 To minimize fragmentation issues.
 To proper utilization of main memory.
 To maintain data integrity while executing of process.

Swapping :

When a process is executed it must have resided in memory. Swapping is a process of

swapping a process temporarily into a secondary memory from the main memory, which is fast
as compared to secondary memory.
A swapping allows more processes to be run and can be fit into memory at one time.
The main part of swapping is transferred time and the total time is directly proportional to the
amount of memory swapped.
Swapping is also known as roll-out, roll in, because if a higher priority process arrives
and wants service, the memory manager can swap out the lower priority process and then load
and execute the higher priority process.
 After finishing higher priority work, the lower priority process swapped back in
memory and continued to the execution process.

Process Address Space

The process address space is the set of logical addresses that a process references in its
code. For example, when 32-bit addressing is in use, addresses can range from 0 to 0x7fffffff;
that is, 2^31 possible numbers, for a total theoretical size of 2 gigabytes.
The operating system takes care of mapping the logical addresses to physical addresses at
the time of memory allocation to the program. There are three types of addresses used in a
program before and after memory is allocated −
S.N Memory Addresses & Description
.
1 Symbolic addresses
The addresses used in a source code. The variable names, constants, and instruction labels
are the basic elements of the symbolic address space.
2 Relative addresses
At the time of compilation, a compiler converts symbolic addresses into relative addresses.
3 Physical addresses
The loader generates these addresses at the time when a program is loaded into main
memory.

Virtual and physical addresses are the same in compile-time and load-time address-
binding schemes. Virtual and physical addresses differ in execution-time address-binding
scheme.
The set of all logical addresses generated by a program is referred to as a logical address
space. The set of all physical addresses corresponding to these logical addresses is referred to as
a physical address space.

TIME:
When we are dealing with some CPU scheduling algorithms then we encounter with
some confusing terms like Burst time, Arrival time, Exit time, Waiting time, Response time,
Turnaround time, and throughput. These parameters are used to find the performance of a
system. So, in this blog, we will learn about these parameters. Let's get started one by one.

Burst time: Every process in a computer system requires some amount of time for its
execution. This time is both the CPU time and the I/O time. The CPU time is the time taken by
CPU to execute the process.While the I/O time is the time taken by the process to perform
some I/O operation. In general, we ignore the I/O time and we consider only the CPU time for
a process. So, Burst time is the total time taken by the process for its execution on the
CPU.

Arrival time:Arrival time is the time when a process enters into the ready state and is ready
for its execution.

Exit time: Exit time is the time when a process completes its execution and exit from the
system.

Response time: Response time is the time spent when the process is in the ready state and gets
the CPU for the first time. For example, here we are using the First Come First Serve CPU
scheduling algorithm for the below 3 processes:

Here, the response time of all the 3 processes are:

 P1: 0 ms
 P2: 7 ms because the process P2 have to wait for 8 ms during the execution of P1 and
then after it will get the CPU for the first time. Also, the arrival time of P2 is 1 ms. So,
the response time will be 8-1 = 7 ms.
 P3: 13 ms because the process P3 have to wait for the execution of P1 and P2 i.e. after
8+7 = 15 ms, the CPU will be allocated to the process P3 for the first time. Also, the
arrival of P3 is 2 ms. So, the response time for P3 will be 15-2 = 13 ms.
Response time = Time at which the process gets the CPU for the first time - Arrival time
Waiting time: Waiting time is the total time spent by the process in the ready state waiting for
CPU. For example, consider the arrival time of all the below 3 processes to be 0 ms, 0 ms, and
2 ms and we are using the First Come First Serve scheduling algorithm.

Then the waiting time for all the 3 processes will be:

 P1: 0 ms
 P2: 8 ms because P2 have to wait for the complete execution of P1 and arrival time of
P2 is 0 ms.
 P3: 13 ms becuase P3 will be executed after P1 and P2 i.e. after 8+7 = 15 ms and the
arrival time of P3 is 2 ms. So, the waiting time of P3 will be: 15-2 = 13 ms.
Waiting time = Turnaround time - Burst time

Turnaround time:Turnaround time is the total amount of time spent by the process from
coming in the ready state for the first time to its completion.

Turnaround time = Burst time + Waiting time (or)

Turnaround time = Exit time - Arrival time

FILES:

Files are used for all input and output (I/O) of information in the operating system,
to standardize access to both software and hardware.

Input occurs when the contents of a file is modified or written to. Output occurs when the
contents of one file is read or transferred to another file.

Files are used for all input and output (I/O) of information in the operating system, to
standardize access to both software and hardware.

Input occurs when the contents of a file is modified or written to. Output occurs when the
contents of one file is read or transferred to another file.

For example, to create a printed copy of a file, the system reads the information from the text
file and writes that information to the file representing the printer.

Types of files
The types of files recognized by the system are either regular, directory, or special. However,
the operating system uses many variations of these basic types.
  Administering files
There are many ways to work with the files on your system. Usually you create a text file
with a text editor.
 File and directory links
Links are connections between a file name and an index node reference number (i-node
number), the internal representation of a file. Because directory entries contain file names
paired with i-node numbers, every directory entry is a link.
 DOS files
The AIX operating system allows you to work with DOS files on your system.
 Command summary for files
The following are commands for files, file handling procedures, and DOS files. There is also
a list of commands for linking files and directories.

Operating System Security

Every computer system and software design must handle all security risks and implement
the necessary measures to enforce security policies. At the same time, it's critical to strike a
balance because strong security measures might increase costs while also limiting the system's
usability, utility, and smooth operation.

As a result, system designers must assure efficient performance without compromising

security.

OPERATING SYSTEM SECURITY

What is Operating System Security?

The process of ensuring OS availability, confidentiality, integrity is known as operating

system security. OS security refers to the processes or measures taken to protect the operating
system from dangers, including viruses, worms, malware, and remote hacker intrusions.

Operating system security comprises all preventive-control procedures that protect any
system assets that could be stolen, modified, or deleted if OS security is breached.

Security refers to providing safety for computer system resources like software, CPU, memory,
disks, etc. It can protect against all threats, including viruses and unauthorized access. It can be
enforced by assuring the operating system's integrity, confidentiality, and availability. If an
illegal user runs a computer application, the computer or data stored may be seriously damaged.

System security may be threatened through two violations, and these are as follows:

1. Threat:A program that has the potential to harm the system seriously.
2. Attack:A breach of security that allows unauthorized access to a resource.

There are two types of security breaches that can harm the system: malicious and
accidental. Malicious threats are a type of destructive computer code or web script that is
designed to cause system vulnerabilities that lead to back doors and security breaches. On the
other hand, Accidental Threats are comparatively easier to protect against.

Security may be compromised through the breaches. Some of the breaches are as follows:

1. Breach of integrity

The goal of Security System

There are several goals of system security. Some of them are as follows:

1. Integrity

Unauthorized users must not be allowed to access the system's objects, and users with
insufficient rights should not modify the system's critical files and resources.

2. Secrecy

The system's objects must only be available to a small number of authorized users. The system
files should not be accessible to everyone.

3. Availability

All system resources must be accessible to all authorized users, i.e., no single user/process
should be able to consume all system resources. If such a situation arises, service denial may
occur. In this case, malware may restrict system resources and preventing legitimate processes
from accessing them.

Types of Threats

There are mainly two types of threats that occur. These are as follows:

Program threats

The operating system's processes and kernel carry out the specified task as directed.
Program Threats occur when a user program causes these processes to do malicious operations.
The common example of a program threat is that when a program is installed on a computer, it
could store and transfer user credentials to a hacker. There are various program threats. Some of
them are as follows:

1.Virus

A virus may replicate itself on the system. Viruses are extremely dangerous and can
modify/delete user files as well as crash computers. A virus is a little piece of code that is
implemented on the system program. As the user interacts with the program, the virus becomes
embedded in other files and programs, potentially rendering the system inoperable.
2. Trojan Horse

This type of application captures user login credentials. It stores them to transfer them to
a malicious user who can then log in to the computer and access system resources.

3. Logic Bomb

A logic bomb is a situation in which software only misbehaves when particular criteria are met;
otherwise, it functions normally.

4. Trap Door

A trap door is when a program that is supposed to work as expected has a security weakness in
its code that allows it to do illegal actions without the user's knowledge.

System Threats

System threats are described as the misuse of system services and network connections to cause
user problems. These threats may be used to trigger the program threats over an entire network,
known as program attacks. System threats make an environment in which OS resources and user
files may be misused. There are various system threats. Some of them are as follows:

1. Port Scanning

It is a method by which the cracker determines the system's vulnerabilities for an attack.
It is a fully automated process that includes connecting to a specific port via TCP/IP. To protect
the attacker's identity, port scanning attacks are launched through Zombie Systems, which
previously independent systems now serve their owners while being utilized for such terrible
purposes.

2. Worm

The worm is a process that can choke a system's performance by exhausting all system
resources. A Worm process makes several clones, each consuming system resources and
preventing all other processes from getting essential resources. Worm processes can even bring a
network to a halt.

3. Denial of Service

Denial of service attacks usually prevents users from legitimately using the system. For
example, if a denial-of-service attack is executed against the browser's content settings, a user
may be unable to access the internet.

Threats to Operating System

There are various threats to the operating system. Some of them are as follows:

Malware

It contains viruses, worms, Trojan horses, and other dangerous software. These are generally
short code snippets that may corrupt files, delete the data, replicate to propagate further, and even
crash a system. The malware frequently goes unnoticed by the victim user while criminals
silently extract important data.

Network Intrusion

Network intruders are classified as masqueraders, misfeasors, and unauthorized users. A

masquerader is an unauthorized person who gains access to a system and uses an authorized
person's account. A misfeasor is a legitimate user who gains unauthorized access to and misuses
programs, data, or resources. A rogue user takes supervisory authority and tries to evade access
constraints and audit collection.

Buffer Overflow

It is also known as buffer overrun. It is the most common and dangerous security issue of the
operating system. It is defined as a condition at an interface under which more input may be
placed into a buffer and a data holding area than the allotted capacity, and it may overwrite other
information. Attackers use such a situation to crash a system or insert specially created malware
that allows them to take control of the system.

How to ensure Operating System Security?

There are various ways to ensure operating system security. These are as follows:

Authentication

The process of identifying every system user and associating the programs executing with those
users is known as authentication. The operating system is responsible for implementing a
security system that ensures the authenticity of a user who is executing a specific program. In
general, operating systems identify and authenticate users in three ways.

1.Username/Password

Every user contains a unique username and password that should be input correctly
before accessing a system.

2.User Attribution

These techniques usually include biometric verification, such as fingerprints, retina scans,
etc. This authentication is based on user uniqueness and is compared to database samples already
in the system. Users can only allow access if there is a match.

One Time passwords

Along with standard authentication, one-time passwords give an extra layer of security.
Every time a user attempts to log into the One-Time Password system, a unique password is
needed. Once a one-time password has been used, it cannot be reused. One-time passwords may
be implemented in several ways.

1. Secret Key
The user is given a hardware device that can generate a secret id that is linked to the user's id.
The system prompts for such a secret id, which must be generated each time you log in.

2. Random numbers

Users are given cards that have alphabets and numbers printed on them. The system requests
numbers that correspond to a few alphabets chosen at random.

3. Network password

Some commercial applications issue one-time passwords to registered mobile/email addresses,

which must be input before logging in.

Firewalls

Firewalls are essential for monitoring all incoming and outgoing traffic. It imposes local security,
defining the traffic that may travel through it. Firewalls are an efficient way of protecting
network systems or local systems from any network-based security threat.

Physical Security

The most important method of maintaining operating system security is physical security. An
attacker with physical access to a system may edit, remove, or steal important files since
operating system code and configuration files are stored on the hard drive.