Scribd
Upload
105 views19 pages

CC

The document discusses security aspects related to operating systems. It describes how operating systems allocate resources, manage tasks, and protect itself, users, and resources. Some key points are: - Operating systems translate programs, allocate resources, and manage scheduling. Jobs can be submitted directly or from queues. - Operating systems must protect itself, users, resources, and be protected from threats like accidental errors or malicious attacks. - Security involves policies, procedures and controls governing access, passwords, viruses, and audit trails. Access tokens contain user information and access control lists govern resource access. - Auditing examines control access privileges, password policies, virus controls, and audit trails to verify proper access and protection from threats

Uploaded by

Viney Villasor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
105 views19 pages

CC

The document discusses security aspects related to operating systems. It describes how operating systems allocate resources, manage tasks, and protect itself, users, and resources. Some key points are: - Operating systems translate programs, allocate resources, and manage scheduling. Jobs can be submitted directly or from queues. - Operating systems must protect itself, users, resources, and be protected from threats like accidental errors or malicious attacks. - Security involves policies, procedures and controls governing access, passwords, viruses, and audit trails. Access tokens contain user information and access control lists govern resource access. - Auditing examines control access privileges, password policies, virus controls, and audit trails to verify proper access and protection from threats

Uploaded by

Viney Villasor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 19

Security Part I: Auditing Operating

Systems and Network


Operating Systems- computer’s control
program

 Objectives:

 Translates high-level language


Compiler/Interpreter- language translator modules of the
Operating System
 Allocates computer resources to users, workgroups and
applications
 Manages the task of job scheduling and multiprogramming
Jobs are submitted to system in 3 ways:

 Directly by the system operator


 From various batch-job queues
 Telecommunications links from remote workstation
How to achieve an effective and efficient
use of finite computer resources?
Operating System- Control Objectives

 Operating System must protect itself from users.


 Operating System must protect the users from each
other
 Operating System must protect users from themselves
 Operating System must be protected from itself
 Operating System must be protected from its
environment
Operating System Security

Involves policies, procedures, and controls


that determine who can access the
operating system, which resources they
can use, and what actions they can take.
Security Components

 Log-On Procedure- Operating system’s first line of defense


against unauthorized access.
 Access Token- Contains key information about the user, including
user ID, password, user group and privileges granted to the user.
 Access Control List- assigned to each IT resource which controls
access to the resources.
 Discretionary Access Privileges – Resource owners in this setting
may be granted discretionary access privileges , which allow them to
grant access privileges to other user.
Threats to Operating System

Accidental threat

Intentional threat
 Privilege personnel who abuse their authority.
 Individual both internal and external to the organization
who browse the operating system to identify and exploit
security flaws.
 Individuals who intentionally ( or accidentally) insert
computed viruses or other forms of destructive program
into operating system.

Sources of Exposure:
Operating System Controls and Audit Test

Following Areas are examined:


Control Access Privileges
Password Control
Virus Control
Audit Trail Control
 Auditor’s Objective: Verify that access privileges are granted in a
manner that it is consistent with the need to separate incompatible
functions and is in accordance with the organizations policy.

 Audit Procedure:
 Review the organization’s policies separating incompatible
functions to ensure that they promote reasonable certainty.
 Review the user’s permitted log-on times. Permission should be
commensurate with the task being performed.

Controlling Access Privileges


 Password- a secret code the user enters to gain access to
systems, applications, data files, or a network server.
 Reusable Passwords- most common, the user defines the
password to the system once and then reuses it to gain
future access.
 One Time Password- user’s password changes continuously.

Password Control
 Audit Objective: To ensure that the organization has an adequate
and effective password policy for controlling access to the operating
system.
 Audit Procedure:
 Verify that all users are required to have password.
 Verify that new users are instructed in the use of passwords and
importance of password control
 Review password control procedures to ensure that passwords are
change regularly.

Password Control
Controlling against malicious and destructive
program
 It can be substantially reduced through a combination o technology
controls and administrative procedure. The following are relevant to most
operating systems:
 Purchase software only from reputable vendors and accept only those products
that are in their original factory-sealed packages.
 Examine all upgrades to vendor software for viruses before they are
implemented.
 Routinely make backup copies of key files stored on mainframes, servers, and
workstations.
Controlling against malicious and destructive
program
 Auditor’s Objective: To verify that effective management policies and
procedures are in place to prevent the introduction and spread of
destructive programs, including viruses, worms, back doors, logic bombs,
and Trojan horses.
 Auditor’s Procedure:
 Through interviews, determine that operations personnel have been
educated about computer viruses and are aware of the risky computing
practices that can introduce and spread viruses and other malicious
programs.
 Verify that new software is tested on standalone workstation prior to being
implemented on host or network server.
 Verify that the current version of antiviral software is installed on the server
and that upgrades are regularly downloaded to workstations.
System Audit Trail Controls

 System Audit Trail- are logs that record activity at the system, application,
and user level.

 Types of Audit Logs:


 Keystroke Monitoring- record both the user’s keystroke and the
system’s responses.
 Event Monitoring- summarizes the activities related to system
resources.
Setting Audit Trail Objectives:

 Detecting unauthorized access


 It can occur in real-time or after the fact.
 Reconstructing Events
 Personal Accountability
 Auditor’s Objective- To ensure that the established system audit trail is
adequate for preventing and detecting abuses, reconstructing key
events that precede system failures, and planning resource allocation.
 Audit Procedure:
 Verify that the audit trail has been activated according to
organizations policies.
 Organization’s security group has responsibility for monitoring and
reporting security violations. Auditor should select a sample of
security evaluation cases and evaluate their deposition to assess
the effectiveness of the security group.

System Audit Trails

You might also like