MCS20C001Advanced

Operating System
UNIT IV
DR.H.V.RAMAKRISHNAN
Professor Emeritus DRMGR
UNIT-IV :PROTECTION AND
SECURITY
Resource Security and Protection-Preliminaries-The Access Matrix
Model-Implementation of Access Matrix-Advanced Model of
Protection-The UNIX Operating Systems -Data Security Cryptography-A
Model of Cryptography-Conventional Cryptography-Modern
Cryptography-Private Key Cryptography-Public Key Cryptography-
Multiprocessor Operating Systems-Multi Processor System
Architectures-Motivation for Multiprocessor Systems-Multiprocessor
Operating Systems- Caching-Threads.
Security and protection
Cryptography as a security tool
• Cryptography can be utilised as a tool for computer security
• In a networked system, an operating system can never be
• absolutely sure about the identity of its communication
• partner.
• Cryptography can help here to remove the necessity to trust
• the network
• Constraints the number of potential senders/receivers of a
• message
• Typically based on keys that are selectively distributed to
• computers in a network
Security and protection
Cryptography as a security tool
Security and protection
Cryptography as a security tool
• Encryption
• Symmetric encryption :
• The same key is used to encrypt and to decrypt
• The secrecy of E(k) must be protected as well
• as D(k)
• If the same key is utilised for an extended
• amount of data, it becomes vulnerable to an
• attack
• Examples: AES (advanced encryption standard),
• DES (data-encryption standard)
Security and protection
Cryptography as a security tool
• Encryption
• Asymmetric encryption :
• Different encryption and decryption keys are used
• We distinguish between public and private keys
• Uses one-way function for which the inverse operation is much harder
to execute (e.g.factorisation)
Security and protection
Cryptography as a security tool
Security and protection
Cryptography as a security tool
• Encryption
• Asymmetric encryption :
• Exkurs: RSA Cryptosystems
Security and protection
Cryptography as a security tool
• Authentication
• Encryption constrains the amount of potential senders of a message
• onstraining the amount of possible receivers of a message is
• called authentication
• Authentication is complementary to encryption
• Observe, that an encrypted message can also prove the identity of the
sender.
• If D(kd , n)(E(ke ,N)(m) produces a valid
• Authentication is also useful for proving that a message has
not been modified
Security and protection
Cryptography as a security tool
• Key distribution
• With symmetric cryptography, the transmission of the key
becomes a great challenge and possible vulnerability
• Out-of-band transmission Paper document, conversation,
untypical transmission technique/band
• Since this might be insecure and is possible also very elaborate, public key cryptosystems
are utilized
• Since public keys need not be secured, a key distribution
center can be utilised.
• Vulnerable to man-in-the-middle-attacks
• With trusted authorities the authentication of individual communication partners can then
be verified