Chapter 6

Operating System Security

 Security
• Security refers to providing a protection system to
computer system resources such as CPU, memory,
disk, software programs and most importantly
data/information stored in the computer system.
• If a computer program is run by unauthorized user
then he/she may cause severe damage to computer
or data stored in it.
• So a computer system must be protected against
unauthorized access, malicious access to system
memory, viruses, worms etc.
 Elements of Security
• Authentication
• One Time passwords
• Program Threats
• System Threats
• Computer Security Classifications
 Authentication
• Authentication refers to identifying each user of the system and
associating the executing programs with those users.
• It is the responsibility of the Operating System to create a protection
system which ensures that a user who is running a particular program
is authentic.
• Operating Systems generally identifies/authenticates users using
following three ways:
– Username / Password - User need to enter a registered username and
password with Operating system to login into the system.
– User card/key - User need to punch card in card slot, or enter key generated
by key generator in option provided by operating system to login into the
system.
– User attribute - fingerprint/ eye retina pattern/ signature - User need to pass his/her
attribute via designated input device used by operating system to login into the system.
 One Time passwords
• One time passwords provides additional security along with normal
authentication.
• In One-Time Password system, a unique password is required every time
a user tries to login into the system.
• Once a one-time password is used then it can not be used again. One
time password are implemented in various ways.
– Random numbers - Users are provided cards having numbers printed along with
corresponding alphabets. System asks for numbers corresponding to few
alphabets randomly chosen.
– Secret key - Users are provided a hardware device which can create a secret id
mapped with user id. System asks for such secret id which is to be generated
every time prior to login.
– Network password - Some commercial applications send one time password to
user on registered mobile/ email which is required to be entered prior to login.
 Program Threats
• Operating system's processes and kernel do the designated task as instructed.
• If a user program made these process do malicious tasks then it is known as Program
Threats.
• One of the common example of program threat is a program installed in a computer
which can store and send user credentials via network to some hacker.
• Following is the list of some well known program threats:
– Trojan Horse - Such program traps user login credentials and stores them to send
to malicious user who can later on login into a computer and can access system
resources.
– Trap Door - If a program which is designed to work as required, have a security
hole in its code and perform illegal action without the knowledge of user then it is
called to have a trap door.
– Logic Bomb- - Logic bomb is a situation when a program misbehaves only when
certain conditions met otherwise it works as a genuine program. It is harder to
detect.
– Virus - Virus as name suggest can replicate themselves on computer system .They
are highly dangerous and can modify/delete user files, crash systems. A virus is
generally a small code embedded in a program.
– As user accesses the program, the virus starts getting embedded in other files/
programs and can make systems unusable.
 System Threats
• System threats refers to misuse of system services and network connections to put
user in trouble.
• System threats can be used to launch program threats on a complete network
called as program attack.
• System threats creates such an environment that operating system resources/ user
files are mis-used.
• Following is the list of some well known system threats.
– Worm -Worm is a process which can choked down a system performance by
using system resources to extreme levels.
• A Worm process generates its multiple copies where each copy uses
system resources, prevents all other processes to get required resources.
Worms processes can even shut down an entire network.
– Port Scanning - Port scanning is a mechanism or means by which a hacker can
detects system vulnerabilities to make an attack on the system.
– Denial of Service - Denial of service attacks normally prevents user to make
legitimate use of the system. For example user may not be able to use internet
if denial of service attacks browser's content settings.
 Computer Security Classifications
• As per the U.S. Department of Defense
Trusted Computer System's Evaluation Criteria
there are four security classifications in
computer systems: A, B, C, and D.
• This is widely used specifications to determine
and model the security of systems and of
security solutions.
 Assignment
• Computer Security classifications
– Type A, B, C, D
 Assignment…
• Kerberos protocol
• Calendar/Scheduler Demon- case study Linux