INFORMATION SECURITY (UGCA1948)

UNIT-II

Course Code: UGCA1948 (PTU)

Course Name: Information Security
Semester: 6th
Unit – I
Security in Program and Operating System: Secure Programs, Non malicious Program
Errors, viruses and other malicious code, Targeted Malicious code, controls Against Program
Threats, Protection in General- Purpose operating system protected objects and methods of
protection memory and addmens protection, File protection Mechanisms, User Authentication
Designing Trusted.
Operating System: Security polices, models of security, trusted Operating System design,
Assurance in trusted Operating System Implementation examples.

Secure Programs
Secure programming is a fundamental principle in the field of internet security that focuses on
creating and implementing software applications with robust defenses against potential threats and
vulnerabilities. By following secure programming practices, developers strive (कोशिि करना ) to
safeguard sensitive data, prevent unauthorized access, and ensure the overall integrity of digital
systems.

In simple terms, secure programming can be defined as the process of writing code and developing
software applications in a manner that minimizes the risk of cyber-attacks, data breaches, and other
malicious activities. By adopting secure programming techniques, organizations aim to create a
safe online environment for their users and protect sensitive information from falling into the
wrong hands.

Secure programming entails (जरूरत पे जोर देना) an array of best practices, coding standards, and security
measures that are specifically designed to reduce vulnerabilities and fortify (मजबूत करना) against
potential exploits. These practices include input validation, secure coding frameworks, proper
error handling, data encryption, and the implementation of robust authentication and authorization
mechanisms.

With the rise of cyber threats, hacking attempts, and data breaches, it has become increasingly
crucial for organizations to prioritize the security of their software applications. A single
vulnerability or loophole in a program can expose valuable user data, financial information, and
private credentials, leading to severe repercussions for both individuals and businesses.

Implementing secure programming principles not only helps to mitigate (कम करना) the risk of
security breaches but also enhances user trust and confidence in an organization's digital offerings.
By prioritizing security during the development process, companies can ensure the integrity,
availability, and confidentiality of their software, fostering (को बढ़ावा देना) a safer online experience
for their customers.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Non-malicious Program Errors

Non-malicious program errors refer to a broad category of errors that can occur in software
programs.
These errors are unintentional and result from mistakes made during the design, coding, or testing
phases of software development.
Non-malicious program errors can cause a wide range of issues, from minor glitches (खशमया) to
catastrophic (आपशतजनक) failures that can compromise the security of the system or the data it
contains.

Types of No-malicious Program Errors:

Syntax Errors: These occur when the programmer violates (उलंघन करना) the rules of the
programming language. Syntax errors are usually detected by the compiler, which reports the error
and prevents the program from running.

Runtime Errors: These occur when a program is running and encounters an unexpected situation
that it cannot handle. Runtime errors can be caused by a wide range of issues, including input
errors, hardware failures, and memory leaks.

Logic Errors: These occur when a program produces incorrect output due to a flaw (गलती, दोष) in
the design or coding of the program. Logic errors can be difficult to detect and correct, as they do
not cause the program to crash or report an error.

Resource Errors: These occur when a program fails to manage system resources, such as memory
or file handles, properly. Resource errors can cause a program to crash or behave unpredictably.

Virus and other Malicious Codes

Malicious codes are programs designed to cause harm to a system or its users. Viruses are one type
of malicious code that can replicate themselves and spread from one system to another.
Malicious code is harmful computer programming scripts designed to create or exploit system
vulnerabilities. This code is designed by a threat actor to cause unwanted changes, damage, or
ongoing access to computer systems. Malicious code may result in security breaches, information
and data theft, and other potential damages to files and computing systems.

Viruses are typically attached to legitimate (वैध) files or programs and can infect a system when the
user opens or runs the infected file.
Once a virus infects a system, it can perform a wide range of malicious activities, including
deleting files, stealing sensitive information, and using the infected system to launch attacks
against other systems.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Types of Viruses:

File infectors: These viruses infect executable files, such as .exe or .com files. When the infected
file is run, the virus is activated and can spread to other files on the system.

Boot Sector Virus: These viruses infect the boot sector of a disk, making it difficult to remove
the virus without reformatting the entire disk.
Macro Viruses: These Viruses infect macro-enabled documents, such as Microsoft Word or Excel
files. When the infected document is opened, the virus is activated and can spread to other
documents or the system.

Polymorphic Viruses: These Viruses are designed to evade (बचना) detection by changing their code
each time they replicate. This makes it difficult for antivirus software to detect and remove the
virus.

Effects of Virus Infections:

 Slowing down of the system.
 Frequent crashes and freezes.
 Unauthorized access to personal or sensitive information.
 Theft of identity and financial data.
 Loss of critical data and files.
 Disruption of normal business operations.

Preventing Virus Infection:

 Avoid downloading and opening email attachments or files from untrusted sources.
 Keep the operating system and all software applications up to date with the latest security
patches and updates.
 Use strong and unique passwords for all accounts and change them regularly.
 Use a firewall to block unauthorized access to the system.
 Back up critical data and files regularly and keep the backup copies in a safe place.

Conclusion:
Virus infections can cause serious harm to a system and its users. Understanding the different types
of viruses and taking preventive measures can help to protect the system from virus infections.
Antivirus software and other security measures should be regularly updated to stay ahead of the
evolving threats posed by viruses and other malicious codes.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Targeted malicious code:

Targeted malicious code refers to special malware designed to attack a particular individual,
organization, or system. Unlike general-purpose malware, targeted attacks are customized to
exploit vulnerabilities unique to the target, often to steal sensitive data, disrupt operations, or gain
unauthorized access.

How this malicious code spread?

These threats can spread over nearly any communication channel that transmits data. They include:

 Online networks; file sharing, public internet websites, etc.

 Social communications; email, SMS, mobile messaging apps, etc.
 Wireless connectivity; Bluetooth, etc.
 Direct device interfaces; USB, etc.

Visiting infected websites or clicking on a bad email link or attachment are standard gateways for
malicious code. Anything from public USB charging stations to exploited software update tools
has been misused for these purposes. Download and URL links are often used by attackers to
embed dangerous code.

Types of malicious code:

Viruses:

Viruses are self-replicating malicious code that attaches to macro-enabled programs to execute.
These files travel via documents and other file downloads, allowing the virus to infiltrate your
device. Once the virus executes, it can self-propagate and spread through the system and connected
networks.

Worms:

Worms are also self-replicating and self-spreading code like viruses but do not require any further
action to do so. Once a computer worm has arrived on your device, these malicious threats can
execute entirely on their own without any assistance from a user-run program.

Trojans:

Trojans are decoy (लभु ाव) files that carry malicious code , requiring a user to use the file or program
to execute. These threats cannot self-replicate or spread autonomously. However, their malicious
code can contain viruses, worms, or any other code.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Cross-site scripting (XSS):

Cross-site scripting interferes (दखल देना) with the user’s web browsing by injecting malicious
commands into the web applications they may use. This often changes we content, intercepts
confidential information, or serves an infection to the user’s device itself.

Backdoor attacks:

Application backdoor access can be coded to give a cybercriminal remote access to the
compromised system. Aside from exposing sensitive data, such as private company information,
a backdoor can allow an attacker to become an advanced persistent threat (APT).

Cybercriminals can then move laterally through their newly obtained access level, wipe out a
computer’s data, or even install spyware.

Controls Against Program Threats:

Control against program threats refers to the measures and strategies implemented to protect
computer programs and software from potential threats and vulnerabilities. These threats can
include unauthorized access, data breaches, malware, and other malicious activities that can
compromise the integrity, confidentiality, and availability of the program.
There are several control measures that can be implemented to mitigate program threats:
1. Access controls: These controls ensure that only authorized individuals have access to the
program. This can include user authentication, password policies, and role-based access
control (RBAC) to limit access to sensitive functionalities and data.

2. Secure coding practices: Developers should follow secure coding practices to minimize
vulnerabilities in the program's code. This includes input validation, proper error handling, and
avoiding common coding mistakes that can be exploited by attackers.

3. Regular updates and patches: Keeping the program up to date with the latest security patches
and updates is crucial to address any known vulnerabilities. This includes updating the
program's dependencies and libraries as well.

4. Secure configuration: Configuring the program with secure settings and parameters can help
prevent unauthorized access and reduce the attack surface. This includes disabling unnecessary
services, using secure communication protocols, and implementing strong encryption.

5. Malware protection: Implementing antivirus and anti-malware software can help detect and
prevent malicious programs from infecting the system. Regular scans and updates should be
performed to ensure the program is protected against the latest threats.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

6. Monitoring and logging: Implementing monitoring and logging mechanisms can help detect
and respond to any suspicious activities or security incidents. This includes monitoring system
logs, network traffic, and user activities to identify any potential threats.

7. Backup and recovery: Regularly backing up the program's data and configurations is essential
to ensure that it can be restored in case of a security incident or system failure. This helps
minimize the impact of an attack and ensures business continuity.

By implementing these control measures, organizations can enhance the security of their programs
and protect them against various threats and vulnerabilities. It is important to regularly assess and
update these controls to adapt to evolving threats and ensure the ongoing security of the program.

Protection in General Purpose Operating System:

Introduction

General-purpose operating systems (GPOS) are designed to support a wide range of applications
and users. Examples include Windows, Linux, and macOS. These systems require robust security
measures to protect against unauthorized access, malware, and other threats while ensuring system
stability and efficiency.

Key Security Objectives

1. Confidentiality: Ensuring that sensitive data is only accessible to authorized users.

2. Integrity: Preventing unauthorized modifications to system resources.
3. Availability: Guaranteeing that system resources remain accessible and functional.
4. Accountability: Tracking user activities to ensure compliance and detect potential security
breaches.

There are several ways in which an operating system can provide system protection:
5. User authentication: The operating system requires users to authenticate themselves
before accessing the system. Usernames and passwords are commonly used for this
purpose.
6. Access control: The operating system uses access control lists (ACLs) to determine
which users or processes have permission to access specific resources or perform specific
actions.
7. Encryption: The operating system can use encryption to protect sensitive data and
prevent unauthorized access.
8. Firewall: A firewall is a software program that monitors and controls incoming and
outgoing network traffic based on predefined security rules.
9. Antivirus software: Antivirus software is used to protect the system from viruses,
malware, and other malicious software.
10. System updates and patches: The operating system must be kept up-to-date with the
latest security patches and updates to prevent known vulnerabilities from being exploited.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

By implementing these protection mechanisms, the operating system can prevent

unauthorized access to the system, protect sensitive data, and ensure the overall security and
integrity of the system.

Protected Objects and Methods of Protection:

Introduction
Protected objects refer to critical assets within an organization that require safeguarding from
unauthorized access, modification, or destruction. These assets include data, software, hardware,
and network resources. Implementing robust protection methods ensures the confidentiality,
integrity, and availability of these objects against cyber threats.

Types of Protected Objects

1. Data: Sensitive information such as personal data, financial records, and intellectual
property.
2. Software: Applications and operating systems that require security from unauthorized
modifications and malware.
3. Hardware: Physical computing devices such as servers, workstations, and networking
equipment.
4. Network Resources: Communication channels, databases, and cloud-based infrastructures
that need protection against cyber intrusions.
5. User Credentials: Authentication data such as usernames, passwords, and biometric
information.
6. Critical Infrastructure: Essential systems such as power grids, industrial control systems,
and emergency response networks.

Method of protection:
 Keep a Data Backup: It is a safe option in case of data corruption due to problems in
protection and security, you can always require it from the Backup.
 Beware of suspicious emails and links: When we visit some malicious link over the
internet, it can cause a serious issue by acquiring user access.
 Secure Authentication and Authorization: OS should provide secure authentication and
authorization for access to resources and also users should keep the credentials safe to
avoid illegal access to resources.
 Use Secure Wi-Fi Only: Sometimes using free wifi or insecure wifi may cause security
issues, because attackers can transmit harmful programs over the network or record the
activity etc, which could cause a big problem in the worst case.
 Install anti-virus and malware protection: It helps to remove and avoid viruses and
malware from the system.
 Manage access wisely: Access should be provided to apps and software by thorough
analysis because no software can harm our system until it acquires access. So, we can
ensure to provide suitable access to software and we can always keep an eye on software
to see what resources and access it is using.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

 Firewalls Utilities: It enables us to monitor and filter network traffic. We can use firewalls
to ensure that only authorized users are allowed to access or transfer data.
 Encryption and Decryption transfer: The data content must be transferred according to
an encryption algorithm that can only be reversed with the appropriate decryption key. This
process protects your data from unauthorized access over the internet, also even if data is
stolen it will always remain unreadable.
 Be cautious when sharing personal information: Personal information and credentials
must be shared only with trusted and safe sources by not doing so attackers can use this
information for their intent which could be harmful to the system's security.

Memory and addmens (address) protection:

"Memory and address protection" in internet security refers to a fundamental security feature
within operating systems that prevents programs from accessing memory they are not authorized
to use, essentially creating boundaries to safeguard sensitive data and system stability by isolating
different processes and restricting their memory access rights, thus mitigating potential attacks like
buffer overflows and malicious code execution.

How it works:
Operating systems utilize mechanisms like memory segmentation and paging to divide memory
into sections with specific access permissions, allowing only authorized programs to read or
write data within their allocated memory space.
Benefits:
Preventing unauthorized access: Blocks malicious software from accessing sensitive data
stored in other programs' memory areas.
System stability: Reduces the risk of crashes and system instability caused by programs
attempting to write to invalid memory locations.
Data integrity: Protects data from corruption by ensuring only authorized processes can modify
it.

Important aspects of memory and address protection:

Access control:
Setting specific read, write, and execute permissions for different memory regions.
Virtual memory:
Mapping logical memory addresses used by programs to physical memory addresses further
enhances access control.
Memory protection unit (MPU):
Hardware component within the CPU that enforces memory access rules and generates
exceptions when violations occur.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

File protection Mechanisms

File protection mechanism refers to the methods and techniques used to ensure the security and
integrity of files stored on a computer system. It involves controlling access to files, preventing
unauthorized modifications, and maintaining confidentiality.

Access Control
Access control is a fundamental aspect of file protection. It involves determining who can access
a file and what actions they can perform on it. Access control mechanisms typically include:
 User-based access control: Users are assigned specific permissions (read, write, execute)
based on their roles or privileges. This is often implemented through user accounts and
passwords.
 Group-based access control: Users are grouped together, and permissions are assigned to the
group as a whole. This simplifies access control management for large systems.
 Access control lists (ACLs): ACLs provide fine-grained control over file access by specifying
permissions for individual users or groups.
File Permissions
File permissions define the actions that can be performed on a file by different users or groups.
The most common file permission system is the Unix file permission system, which uses a
combination of read (r), write (w), and execute (x) permissions for the owner, group, and others.
 The owner of a file can modify its permissions and access it based on the assigned permissions.
 The group members can access the file based on the group permissions.
 Others refer to users who are not the owner or part of the group.
File Ownership
File ownership determines who has control over a file and its permissions. Each file is associated
with an owner, usually the user who created it. The owner can modify the file's permissions and
access it based on the assigned permissions.

File Encryption
File encryption is a technique used to protect the confidentiality of files. It involves converting the
contents of a file into an unreadable format using encryption algorithms. Only authorized users
with the decryption key can access and read the encrypted file.

Auditing and Logging

Auditing and logging mechanisms track and record file access and modifications. This helps in
identifying unauthorized access attempts, detecting suspicious activities, and maintaining an audit
trail for forensic analysis.

Backup and Recovery

Backup and recovery mechanisms are essential for file protection. Regular backups ensure that
files can be restored in case of accidental deletion, hardware failures, or security breaches. It is
important to store backups securely to prevent unauthorized access.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Conclusion
File protection mechanisms play a crucial role in maintaining the security and integrity of files.
Access control, file permissions, ownership, encryption, auditing, and backup mechanisms work
together to ensure that files are only accessed by authorized users, remain confidential, and can be
recovered in case of data loss. Implementing these mechanisms is essential for protecting sensitive
information and maintaining the overall security of a computer system.
User Authentication Designing Trusted
Unser Authentication:
User authentication is the process of verifying a person’s identity before allowing access to a
system, application, or network. It requires the user to provide credentials, such as a username and
password. These credentials are compared to an established database of authorized users. If the
entry is correct, access is granted.

Working of User Authentication:

Various user authentication methods exist, including password-based, biometric-based, and multi-
factor authentication. Each has strengths and weaknesses, which are dictated by the security
policies imposed by an individual organization.

For example, one organization may limit the number of sign-in attempts allowed per user, while
others allow three to five tries. When the maximum number of attempts is reached, the user is
either locked out of their account or prompted to complete additional verification steps to prove
their identity before they can try to sign in again.

Credential for Entry

Authorized users are given credentials to gain access to the system. Credentials can come in
different forms:

 Username and password

 Biometrics (fingerprint or facial recognition)
 Digital certificates
 Token-based credentials (one-time pin or hardware token)

User Authentication Benefits

 Increases security: User authentication secures systems, applications, and networks by

identifying identities and ensuring only authorized users can access sensitive data.
 Protects against identity theft: User authentication can help prevent identity theft by
requiring users to provide assigned credentials before accessing sensitive information.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

 Enhances trust: By providing a secure and reliable way of accessing information, user
authentication enhances the trust between users and organizations. It also builds confidence
in the system's security.

Three Steps to Improve User Authentication

1. Create Strong Passwords

2. Use a Passcode Manager
3. Use Multi-Layer Authentication

Follow these straightforward steps to improve the user authentication process:

1. Create Strong Passwords

Passwords can take many forms, with a combination of letters and numbers with a minimum length
of 8 characters. Upper- and lower-case letters and symbols make passwords even stronger. It is
equally important to avoid using the same password across multiple platforms.

2. Use a Passcode Manager

Password managers are secure briefcases that store all your passwords and eliminate the need to
remember them off the top of your head. Passwords are kept safe with a master key that cannot be
retrieved a crucial security measure that protects your data in case of a breach.

While free password managers are available, they are not necessarily the most secure option. The
best ones have advanced features that enhance password security and are worth the investment.

3. Use Multi-Layer Authentication

Multi-factor authentication (MFA) makes users go through additional verification steps to gain
access to secure data. This extra level of security is more important than ever in the digital age, as
cybercriminals use cutting-edge technology to attack individuals and businesses alike.

In addition to a password, MFA requires biometrics such as fingerprints, facial recognition, or eye
scans to authenticate verified requests. This makes it much more difficult for unauthorized users
to access sensitive information or systems.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Trusted System (Designing):

The term “Trusted system” means that it provides the user with an assurance that no malicious or
harmful software affects the computer system. Network Security plays a vital role in many
organizations, to keep the data safe and secure from being attacked by cyberattacks or malware.
Now Companies are using cloud storage, Wireless networks, and remote applications, so the
challenges in protecting them have also increased. Here the Trusted systems provide Multi-layered
security (MLS) for securing the networks. The trusted applications will not allow any changes in
the policy.

Responsibilities of Trusted Systems

The computer system comprises standard protocols and hardware devices then the Trusted
Network architecture is implemented for safeguarding the systems. Some of the Security services
it provides are user authentication, checking for regular updates of the system and policy-based
access control, and also checking the status of end devices. Traditionally the user can log in to the
system without checking for any security protocols.

 User Authentication − The Main Responsibility of the Trusted System is to grant the user to
access the system based on the security protocol. When the user first connects, the hardware
and the software are checked for secured connection. Based on the user’s details, the
identification of the user is made and access is granted.
 Role-Based Access control − The Algorithm allows only authorized persons to access using
the permission and privileges and other systems are restricted.
 Private Networks − When the system is connected to the trusted network then Virtual Private
Network (VPN) is established. So, all the actions carried out in the system are captured.
 Firewall − It is a type of device installed in the system to protect incoming data.

Requirements of any trusted design of user Authentication:

To provide effective protection against unauthorized login attempts, a user authentication design
must provide the following capabilities as the functional requirements:

 Register new users.

 Send confirmation emails.
 Provide secure options for recovering a forgotten password.
 Protect authentication data from unauthorized access.
 Support authentication via third-party services.
 Define roles and permission sets per role.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

Operating System:

Security Policies:

A security policy (also called an information security policy or IT security policy) is a document
that ensures the rules, expectations, and overall approach that an organization uses to maintain
the confidentiality, integrity, and availability of its data.

Security policies exist at many different levels, from high-level constructs that describe an
enterprise’s general security goals and principles to documents addressing specific issues, such as
remote access or Wi-Fi use.

You can think of a security policy as answering the “what” and “why,” while procedures,
standards, and guidelines answer the “how.”

Elements of an Effective Security Policy:

Security policies are an essential component of an information security program and need to be
properly crafted, implemented, and enforced. An effective security policy should contain the
following elements:

1. Clear purpose and objectives

This is especially important for program policies. Remember that many employees have little
knowledge of security threats, and may view any type of security control as a burden. A clear
mission statement or purpose spelled out (बताना) at the top level of a security policy should help the
entire organization understand the importance of information security.

2. Commitment from senior management

Security policies are meant to communicate intent from senior management, ideally at the board
level. To succeed, your policies need to be communicated to employees, updated regularly, and
enforced consistently. A lack of management support makes all of this difficult if not impossible.

3. Clear definitions of important terms

Remember that the audience for a security policy is often non-technical. Concise and jargon-free
(शब्दजाल मुक्त) language is important, and any technical terms in the document should be clearly
defined.

4. Up-to-date information

Security policy updates are crucial to maintaining effectiveness. While the program or master
policy may not need to change frequently, it should still be reviewed regularly. Issue-specific
 INFORMATION SECURITY (UGCA1948)
UNIT-II

policies will need to be updated more often as technology, workforce trends, and other factors
change.

Security policy examples

A large and complex enterprise might have dozens of different IT security policies covering
different areas. The policies you choose to implement will depend on the technologies in use, as
well as the company culture and risk.

The following represent some of the most common policies:

Program or organizational policy: This high-level security blueprint is a must for all
organizations, and spells out the goals and objectives of an information security program.

Acceptable use policy: This is an issue-specific policy that defines the acceptable conditions
under which an employee can access and use the company’s information resources.

Remote access policy: This issue-specific policy spells out how and when employees can
remotely access company resources.

Data security policy: Data security can be addressed in the program policy, but it may also be
helpful to have a dedicated policy describing data classification, ownership, and encryption
principles for the organization.

Firewall policy: One of the most common system-specific policies, a firewall policy describes the
types of traffic that an organization’s firewall(s) should allow or deny.

Models of Security:

Information security models are systems that specify which people should have access to data and
the operation of the operating system, enabling management to organize access control. Effective
and efficient security models secure organizations' sensitive and relevant information or data. The
security policy is verified using information security models. They deliver a precise set of
directions to the computer to follow the implementation of vital security processes, procedures,
and concepts contained in a security program.

Objectives of the Security Model:

The core aim of any security model is to maintain the goals of Confidentiality, Integrity, and

Availability of data. It can achieve these goals by:

 Allowing admins to choose the resources to which users are allowed access.
 Verifying user identities with authentication mechanisms that incorporate password

strength and other variables.

 INFORMATION SECURITY (UGCA1948)
UNIT-II

 Allowing users who have been permitted to access resources provisioned and defined by

authorization systems.

 Regulating which functions and rights are given to accounts and users.

 Giving admins access to a user’s list of activities on a request or assignment basis.

 Safeguarding private data, such as account characteristics or user lists.

Types of Security Models

1.Bell-LaPadula Model
This model was invented by David Elliot Bell and Leonard.J. LaPadula and therefore, this
model is known as Bell-LaPadula. This model is used to ensure the confidentiality of information.
It defines the functions of a multilevel security system. It is the first mathematical model that
prevents secret information from being accessed in an unauthorized manner.

In this picture, the user and the files are arranged in a non-discretionary manner concerning
different layers of secrecy.

It follows three types of basic rules-

 Simple confidentiality rule

 Star confidentiality rule
 INFORMATION SECURITY (UGCA1948)
UNIT-II

 Strong star confidentiality rule

Simple confidentiality rule

This rule is called the NO READ-UP rule because it states that only the user can read the files
that are on the same layer and lower layer of secrecy but cannot read the files on the upper layer
of secrecy.

Star confidentiality rule

This rule is called the NO WRITE-DOWN rule because it states that the user can write the files
on the same layer of secrecy and upper layer of secrecy but cannot read the files on the lower
layer of secrecy.

Strong star confidentiality rule

This rule is called NO READ WRITE UP DOWN because the user can only read and write the
files on the same layer of secrecy but cannot read and write the files on the upper layer of
secrecy and the lower layer of secrecy. This is the highly secured and strongest rule in Bell-
LaPadula.

2. Biba Model

The Biba model was named so after its inventor Kenneth.J. Biba. This model is used to ensure the

integrity of information.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

It follows 3 rules:

 Simple integrity rules

 Star integrity rules
 Strong star integrity rule

Simple integrity rules

This rule is called the NO READ-DOWN rule because the user can read the files only on the
same layer of secrecy and the upper layer of secrecy but cannot read the files on the lower layer
of secrecy.

Star integrity rule

This rule is called the NO WRITE-UP rule because users can read the files only on the same and
lower layer of secrecy but cannot read the files on the upper layer of secrecy.

Strong star integrity rule

This rule is called the NO READ-WRITE-UP DOWN rule because the user can read and write
the files on the same layer of secrecy only but cannot read and write the files on the upper or
lower layer of secrecy. This rule is highly secured and is the strongest rule in Bell-LaPaulda.

3. Clark-Wilson model
The Clark-Wilson security model is built upon protecting information integrity from hostile (प्रशतरोधी
) data-altering attempts. The security model states that the system should maintain consistency
between internal and external data and that only authorized users should be able to generate and
alter data unauthorized users should not be able to do so at all.

The primary goal of this model is to formalize the idea of information integrity by preventing data
corruption in a system due to errors or malicious intent.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

The Clark-Wilson security concept prohibits direct access to constrained data objects. You can use
these two processes to access constrained data objects:

1. Transformation process

The user can request constrained data items that are handled by the transformation process. The
process converts it into permission and then forwards it to the integration verification process.

Note:
Constrained data items:
Users cannot access constrained data items directly. It is accessed according to the Clarke
Wilson Security Model.

Unconstrained data item: Users can access it directly.

2. Integration verification process

It performs authorization and authentication. If this verification is successful, then the user is
given access to the constrained data items.

4. Brewer and Nash Model

The Brewer and Nash model, also known as the ‘Chinese Wall Model’ is built to establish a set of
rules to minimize conflict of interest. It aims to prevent access to any sensitive information that
could lead to significant consequences because of personal interest conflict. The model is however
not as widely used as other models.

Trusted Operating System Design:

A Trusted Operating System (TOS) is designed to provide a higher level of security and
trustworthiness compared to a regular operating system. It incorporates various security
mechanisms and features to protect sensitive data and ensure the integrity of system operations.
We say that an operating system is trusted if we have confidence that it provides these four
services consistently and effectively.
1. memory protection
2. file protection
3. general object access control
4. user authentication
Security Policies
Security policies in a Trusted Operating System define the rules and guidelines that govern the
system's behavior and enforce security requirements. These policies are designed to protect against
unauthorized access, ensure data confidentiality, integrity, and availability, and prevent malicious
activities. Some common security policies include:
 INFORMATION SECURITY (UGCA1948)
UNIT-II

1. Access Control: This policy determines who can access system resources and what actions
they can perform. It involves authentication (verifying user identities) and authorization
(granting or denying access based on user privileges).
2. Confidentiality: This policy ensures that sensitive information remains private and is not
disclosed to unauthorized entities. It involves encryption techniques to protect data from
unauthorized access or interception.
3. Integrity: This policy ensures that data remains unaltered and trustworthy. It involves
mechanisms such as checksums, digital signatures, and access controls to prevent unauthorized
modifications.
4. Availability: This policy ensures that system resources are accessible and usable when needed.
It involves measures to prevent denial-of-service attacks and ensure system resilience.

Assurance in Trusted Operating System:

Assurance in trusted operating systems refers to the level of confidence or trust that can be placed
in the security mechanisms and features of an operating system. It involves evaluating and
verifying the security properties and functionalities of the operating system to ensure that it meets
specific security requirements.
Assurance in trusted operating systems is important because it helps establish trust in the system's
ability to protect sensitive information, maintain system integrity, and resist attacks. It assures
users, administrators, and organizations that the operating system has been designed, implemented,
and tested to meet certain security standards.
There are several aspects to assurance in trusted operating systems:
1. Design Assurance: This involves evaluating the security features and mechanisms incorporated
into the design of the operating system. It includes analyzing the system's architecture, access
control mechanisms, secure communication protocols, and other security-related components.

2. Implementation Assurance: This focuses on the actual implementation of the operating system
and ensures that it adheres to the design specifications. It involves code reviews, vulnerability
assessments, and testing to identify and fix any security vulnerabilities or weaknesses.

3. Testing and Evaluation: This involves subjecting the operating system to rigorous testing and
evaluation processes to assess its security properties. This may include penetration testing,
vulnerability scanning, and formal verification techniques to identify and address any security
flaws.

4. Certification and Accreditation: Once an operating system has undergone the assurance process,
it may be certified and accredited by a recognized authority. Certification provides an independent
validation that the operating system meets specific security requirements and standards.

Conclusion
Assurance in trusted operating systems is crucial for organizations that handle sensitive data or
operate in high-security environments. It helps ensure that the operating system can be trusted to
protect critical information and maintain the confidentiality, integrity, and availability of the
system.
 INFORMATION SECURITY (UGCA1948)
UNIT-II

By establishing assurance in trusted operating systems, organizations can have confidence in the
security of their computer systems and mitigate the risks associated with cyber threats and attacks.
Examples of assurance OS implementation include:
 Change control processes:
Implementing strict procedures to manage and audit changes made to the operating
system, ensuring only authorized modifications are applied.
 Logging and auditing:
Actively logging system events and user actions to monitor for suspicious activity and
provide an audit trail for security analysis.
 Resource management controls:
Carefully managing system resources like memory and CPU access to prevent
unauthorized usage and potential vulnerabilities.
 Data encryption:
Encrypting sensitive data at rest and in transit to protect it from unauthorized access even
if the system is compromised.
 Regular security updates and patching:
Applying security patches promptly to address known vulnerabilities in the operating
system.
 Sandboxing technology:
Isolating applications and processes within a secure environment to prevent them from
interfering with other system components.