Operating System - Security

What is Security?
 Security refers to providing a protection system to computer system
resources such as CPU, memory, disk, software programs and
most importantly data/information stored in the computer system.

 If a computer program is run by an unauthorized user, then he/she

may cause severe damage to computer or data stored in it.

 So a computer system must be protected against unauthorized

access, malicious access to system memory, viruses, worms etc.
Key Elements of an Information Security

 The C.I.A. triangle was the standard based on confidentiality, integrity,

and availability

 The C.I.A. triangle has expanded into a list of critical characteristics of

information

 The Parkerian hexad is a set of six elements of information security

namely confidentiality, possession/control, integrity, availability,
authenticity and utility.
Key Elements of an Information Security
 The C.I.A. triangle was the standard based on confidentiality, integrity,
and availability
 The C.I.A. triangle has expanded into a list of critical characteristics of
information
 The Parkerian hexad is a set of six elements of information security
namely confidentiality, possession/control, integrity, availability,
authenticity and utility.
 These attributes of information are atomic in that they are not broken
down into further constituents; they are non-overlapping in that they
refer to unique aspects of information.
 Any information security breach can be described as affecting one or
more of these fundamental attributes of information.
Key Elements of an Information Security

 Confidentiality-Information is available only to people with rightful

access.

 Possession/Control- Is loss of control. That situation illustrates a loss of

control or possession of information but does not involve the breach of
confidentiality.

 Integrity- The quality of correctness, completeness, wholeness,

soundness and compliance with the intention of the creators of the data.
Key Elements of an Information Security

 Availability- Of information, data, data channels, and input-output

devices in computers, the condition of being ready for use and not
immediately committed to other tasks

 Authenticity- Refers to correct labeling. Authentication is the act of

establishing or confirming something (or someone) as authentic, that is,
that claims made by or about the subject are true.
Key Elements of an Information Security

 Utility- Means usefulness. For example, suppose someone encrypted

data on disk to prevent unauthorized access or undetected modifications
and then lost the decryption key. That would be a breach of utility. The
data would be confidentiality, controlled, integral, authentic, and
available but they just would not be useful in that form.
Role of Operating System in Computer Security

 Operating systems provide security by preventing unauthorized access

to the computer’s resource. Many operating systems also prevent users
of a computer from accidentally or intentionally interfering with each
other.
 To establish identity there may be a process of authentication. Often a
username must be quoted and each username may have a password.
Other methods of authentication, such as magnetic cards or biometric
data, might be used instead.
Authentication

 Authentication refers to identifying each user of the system and

associating the executing programs with those users.
 It is the responsibility of the Operating System to create a protection
system which ensures that a user who is running a particular program is
authentic.
Authentication

 Operating Systems generally identifies/authenticates users using

following three ways −
– Username / Password − User need to enter a registered username and
password with Operating system to login into the system.
– User card/key − User need to punch card in card slot, or enter key
generated by key generator in option provided by operating system to login
into the system.
– User attribute - fingerprint/ eye retina pattern/ signature − User need to pass
his/her attribute via designated input device used by operating system to
login into the system.
One Time passwords

 One-time passwords provide additional security along with normal

authentication.

 In One-Time Password system, a unique password is required every

time user tries to login into the system.

 Once a one-time password is used, then it cannot be used again.

 One-time password are implemented in various ways.

One Time passwords

 One-time password are implemented in various ways.

– Random numbers − Users are provided cards having numbers printed

along with corresponding alphabets. System asks for numbers
corresponding to few alphabets randomly chosen.
– Secret key − User are provided a hardware device which can create a
secret id mapped with user id. System asks for such secret id which is to be
generated every time prior to login.
– Network password − Some commercial applications send one-time
passwords to user on registered mobile/ email which is required to be
entered prior to login.
Program Threats

 Operating system's processes and kernel do the designated task as

instructed.
 If a user program made these process do malicious tasks, then it is
known as Program Threats.
 One of the common example of program threat is a program installed in
a computer which can store and send user credentials via network to
some hacker.
Program Threats

 Following is the list of some well-known program threats.

– Trojan Horse − Such program traps user login credentials and

stores them to send to malicious user who can later on login to
computer and can access system resources.

– Trap Door − If a program which is designed to work as required,

have a security hole in its code and perform illegal action without
knowledge of user then it is called to have a trap door.
Program Threats

 Following is the list of some well-known program threats.

– Logic Bomb − Logic bomb is a situation when a program
misbehaves only when certain conditions met otherwise it works
as a genuine program. It is harder to detect.
– Virus − Virus as name suggest can replicate themselves on
computer system. They are highly dangerous and can
modify/delete user files, crash systems.
 A virus is generally a small code embedded in a program. As user
accesses the program, the virus starts getting embedded in other files/
programs and can make system unusable for user
System Threats

 System threats refers to misuse of system services and network

connections to put user in trouble.

 System threats can be used to launch program threats on a complete

network called as program attack.

 System threats creates such an environment that operating system

resources/ user files are misused.
System Threats

 Following is the list of some well-known system threats.

– Worm − Worm is a process which can choke down a system performance
by using system resources to extreme levels. A Worm process generates its
multiple copies where each copy uses system resources, prevents all other
processes to get required resources. Worms processes can even shut
down an entire network.
– Port Scanning − Port scanning is a mechanism or means by which a hacker
can detects system vulnerabilities to make an attack on the system.
– Denial of Service − Denial of service attacks normally prevents user to
make legitimate use of the system. For example, a user may not be able to
use internet if denial of service attacks browser's content settings.
Computer Security Classifications

 As per the U.S. Department of Defense Trusted Computer System's

Evaluation Criteria there are four security classifications in computer
systems: A, B, C, and D.
 This is widely used specifications to determine and model the security of
systems and of security solutions.
Type A

 Highest Level. Uses formal design specifications and verification

techniques. Grants a high degree of assurance of process security.
Type B

 Provides mandatory protection system. Have all the properties of a class

C2 system. Attaches a sensitivity label to each object. It is of three
types.

– B1 − Maintains the security label of each object in the system. Label is used
for making decisions to access control.

– B2 − Extends the sensitivity labels to each system resource, such as

storage objects, supports covert channels and auditing of events.

– B3 − Allows creating lists or user groups for access-control to grant access

or revoke access to a given named object.
Type C

 Provides protection and user accountability using audit capabilities. It is

of two types.

– C1 − Incorporates controls so that users can protect their private

information and keep other users from accidentally reading / deleting their
data. UNIX versions are mostly Cl class.

– C2 − Adds an individual-level access control to the capabilities of a Cl level

system.
Type D

 Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this

category.
Consequences of Lack of Security

 There are may be several forms of damage that are obviously

interrelated. These include:
 Damage or destruction of computer.
 Damage or instruction of internal data.
 Loss of sensitive information to hostile parties.
 Use of sensitive information to steal items of monetary value.
 Use of sensitive information against the organization’s customers that
may result in legal action by customers against the organization and loss
of customers.
 Damage to the reputation of an organization.
 Monetary damage due to all factors listed above.