Protection & Security of

Operating Systems
Stream: CSE
Section: B
Group:11
Subject: Operating System

Name: University Roll Number:

Avijit Rakshit 11500122064
Barin Ghosh 11500122065
Akashdeep Naha 11500122070
Paramjit Banerjee 11500122086
 Why we need Security and protection of OS?
We need Security and protection because their can be:
• Breach of confidentiality
• Unauthorized reading of data
• Breach of integrity
• Unauthorized destruction of data
• Breach of availability
• Unauthorized destruction of data
• Theft of service
• Unauthorized use of resource
• Denial of service(DOS)
• Prevention of legitimate use
 Main Goals of Protection and Security of OS

1.Confidentiality: Ensure that sensitive information is accessible only

to authorized users and processes
2.Integrity: Protect system data and resources from unauthorized
modification or corruption
3.Availability: Ensure that system resources and data are available to
authorized users when needed
4.Authentication: Verify the identity of users and processes to prevent
unauthorized access
5.Access Control: Define and enforce policies that determine who can
access specific resources and what actions they can perform
 Principles of Protection
• Guiding principle-Principle of least privileges
• Programs, user and systems should be given just enough
privileges to perform their tasks
• Limits damage if entity has a bug gets abused
• Can be static (during life of system, during life of process) or
dynamic (change process as needed) – domain switching,
privilege escalation
• Need to Know a similar concept regarding access to data
Different type of Protection and Security mechanisms are:
• Access control
• Authentication and Authorization
• Encryption and Cryptography
• Auditing and Logging
• Malware Protection
• Secure Boot and Trusted Computing
Access Control
Access control mechanisms define rules specifying which users or system processes
are granted access to files and directories. They can also specify the type of
operations (read, write, execute) permitted. This mechanisms are divided into
segments like User Accounts, File System Permission, Process Isolation

1 User Accounts
Operating systems implement user accounts to control and
restrict access to system resources. Each user is assigned specific
permissions and privileges based on their role and
responsibilities.

2 File System Permissions

The file system in an operating system utilizes permissions to
determine who can read, write, or execute files and directories.
This helps prevent unauthorized access and data breaches.

3 Process Isolation
Processes running on an operating system are isolated from each
other, preventing one process from interfering with or accessing
the memory and resources of another process.
Authentication and Authorization
Authentication
Authentication is the process of verifying the
identity of a user, device, or process. Operating
systems employ various authentication
methods, such as passwords, biometrics, or
multi-factor authentication, to ensure that only
authorized entities can access the system.
Authorization
Authorization is the process of granting or
denying permissions to users, devices, or
processes to perform specific actions or access
certain resources. Operating systems use access
control lists, role-based access control, and
other mechanisms to manage and enforce
authorization policies.
Encryption and Cryptography
Data Encryption
Operating systems often provide built-in encryption capabilities to protect
sensitive data, such as files, directories, or entire disk volumes. This helps prevent
unauthorized access and ensures the confidentiality of information.

Secure Communication
Operating systems may integrate cryptographic protocols, such as SSL/TLS, to
secure network communications and protect data in transit from eavesdropping
or tampering.

Hashing and Signing

Operating systems may use hashing and digital signing techniques to verify the
integrity of system files, software updates, and other critical components,
ensuring that they have not been tampered with.
Auditing and Logging
1 Event Logging
Operating systems maintain detailed logs of system events, user
activities, and security-related incidents. These logs help in
monitoring, troubleshooting, and investigating potential security
breaches.

2 Audit Trails
Audit trails in operating systems track and record user actions,
system changes, and security-relevant events. This information can
be used for compliance, forensics, and accountability purposes.

3 Intrusion Detection
Some operating systems integrate intrusion detection capabilities
that analyze system logs and network traffic to identify and alert on
suspicious activities, helping to detect and prevent security
incidents.
Malware Protection

Antivirus
Operating systems often include or integrate with antivirus software to detect,
prevent, and remove malware, such as viruses, worms, and Trojans, protecting the
system from malicious code.

Firewalls
Firewalls in operating systems monitor and control incoming and outgoing network
traffic, helping to block unauthorized access, prevent network-based attacks, and
protect the system from external threats.

Automatic Updates
Operating systems provide automatic update mechanisms to ensure that the
system, its applications, and security components are kept up-to-date, addressing
known vulnerabilities and improving overall security posture.
Disaster Recovery and Backup
System Restore
Operating systems often include system restore capabilities
that allow users to revert the system to a previous, known-
good state, enabling quick recovery from system failures,
software issues, or malware infections.
Backup and Recovery
Operating systems provide built-in or integrated backup
and recovery tools to help users and administrators
regularly create backups of critical data, system
configurations, and applications, ensuring the ability to
restore the system in the event of a disaster or data loss.
Conclusion
Operating systems play a crucial role in ensuring the protection and
security of computer systems. By implementing various security
mechanisms, such as access control, authentication, encryption, auditing,
and malware protection, operating systems help safeguard against a wide
range of threats and vulnerabilities. As technology continues to evolve,
operating system security will remain a critical aspect of maintaining the
integrity, confidentiality, and availability of computer systems and the
data they store.