SlideShare a Scribd company logo

Protection and security of operating system

Download as PPTX, PDF
Abdullah Khosa
Abdullah Khosa

Ways to protect and secure your operating system manually. different ways to protect software and hardware in operating system.

Education
1 of 28
Group No.5 Name • Muhammad Abdullah • Sarmad Ali • Hashaam Altaf • Hanif Shah • Noman Rasool • Imran Ahmed Roll No. • 02 • 01 • 38 • 45 • 25 • 46
Topic: Protection and Security of Operating System
Muhammad Abdullah
Protection: •Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system.
Goals of Protection: •As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. •We need to provide protection for several reasons. The most obvious is the need to prevent the mischievous, intentional violation of an access restriction by user. • An unprotected resource cannot defend against use (or misuse) by an unauthorized or incompetent user. •The role of protection in a computer system is to provide a mechanism for the enforcement of the policies governing resource use.
Principles of Protection: •The time-tested guiding principle for protection is the Principle of least privilege. It dictates that programs, users, and even systems be given just enough privileges to perform their tasks. •An operating system following the principle of least privilege implements its features, programs, system calls, and data structures so that failure or compromise of a component does the minimum damage and allows the minimum damage to be done.
Domain of Protection: •A computer system is a collection of processes and objects. By objects, we mean both hardware objects (such as the CPU, printer) and software objects(such as files, programs). •Each object has a unique name that differentiates it from all other objects in the system, and each can be accessed only through well-defined and meaningful operations.
Domain Structures. •Each domain defines a set of objects and the types of operations that may be invoked on each object. • The ability to execute an operation on an object is an access right. •A domain can be realized in a variety of ways: •Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user. •Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process.
Cont… •For example, if domain D has the access right <file F, {read, write}>, then a process executing in domain D can both read and write file F; it cannot, however, perform any other operation on that object.
Example: UNIX System: •In the UNIX operating system, a domain is associated with the user •In Unix operating system user ID’s use for identify the domain.
Hashaam Altaf
Access Matrix: •Our model of protection can be viewed abstractly as a matrix, called an Access Matrix. The column of the access matrix represent domains, and the rows represent objects. Each entry in the matrix consists of a set of access rights.
Access Control: •Access Control is to control which objects a given program can access, and in what ways. Objects are things like files, sound cards, other programs, the network, your modem etc. •When we talk about ``controlling access,'' we are really talking about four kinds of things: i) Preventing access. ii) Limiting access. iii) Granting access . iv) Revoking access.
Cont... •A good example of this is found in Solaris 10. •Solaris uses Role-based access control(RBAC) to adding the principle. •Role-based access control (RBAC) is a security feature for controlling user access to tasks that would normally be restricted to the root user. • In conventional UNIX systems, the root user, also referred to as superuser. The root user has the ability to read and write to any file, run all programs, and send kill signals to any process.
Syed Muhammad Hanif Shah
Capability-based Systems: •In a capability-based computer system, all access to objects is done through capabilities, and capabilities provide the only means of accessing objects. In such a system, every program holds a set of capabilities. •If program A holds a capability to talk to program B, then the two programs can grant capabilities to each other. •In most capability-based systems, a program can hold an infinite number of capabilities. Such systems have tended to be slow.
Cont... •A better design allows each program to hold a fixed (and small -- like 16 or 32) number of capabilities, and provides a means for storing additional capabilities if they are needed. •Here two example are discuss •Cambridge CAP System. •Hydra
Cambridge CAP System: •The Cambridge CAP computer was the first successful experimental computer that demonstrated the use of security capabilities, both in hardware and software . •The CAP system was designed such that any access to a memory segment or hardware required that the current process held the necessary capabilities. •CAP has two kinds of capabilities. •Data Capability. •Software Capability.
Cont… •Data Capability: It can be used to provide access to objects, but the only rights provided are the standard read, write, and execute of the individual storage segments associated with the object. •Software Capability: It is a protected procedure, which may be written by an application programmer as part of a subsystem. A particular kind of rights amplification is associated with a protected procedure. When executing the code, a process temporarily acquires the right to read or write the contents of a software capability itself.
Noman Rasool
Hydra: •Hydra is a capability-based protection system that provides considerable flexibility. The system implements a fixed set of possible access rights. • In addition, a user can declare other rights. The interpretation of user-defined rights is performed by the user's program, but the system provides access protection for the use of these rights.
Language Based Protection: •As operating systems have become more complex, and particularly as they have attempted to provide higher-level user interfaces, the goals of protection have become much more refined. The designers of protection systems have drawn heavily on ideas that originated in programming languages and especially on the concepts of abstract data types and objects. •There must be a protection policy to control the access of user defined programs.
Cont… • Protection systems are now concerned not only with the identity of a resource to which access is attempted but also with the functional nature of that access. •It is usually achieved through an operating-system kernel, which acts as a security agent to inspect and validate each attempt to access a protected resource.
SECURITY • ensure that each object is accessed correctly and only by those processes of authorized users that are allowed to do so. Security violation of the System can be categorized as: • Breach of Confidentiality: Unauthorized reading of data. • Breach of Integrity: Unauthorized modification of data. • Breach of Availability: Unauthorized destruction of data. • Theft of Service: Unauthorized use of resources. • Denial of service: Preventing legitimate use of the system.
Imran Ahmed
Security Measures • Physical: Both the machine rooms and the terminals or workstations that have access to the machines must be secures from physical entry. • Human: Authorization must be done carefully to ensure that only appropriate users have access to the system. • Operating System: The system must protect itself from accidental or purposeful security breaches. • Network: protection from the travel of data to private leased lines like Internet. • User Authentication: User should use some password or biometric authentications to protect the System.
Security Kernal • Responsible for implementing the security mechanisms of the entire operating system. • Provides the security interfaces among the hardware, the operating system, and the other parts of the computing system. Program Threats: • Virus dropper inserts virus onto the system. Use backdoor to access data. • Trojan Horse: A code segment that misuses its environment is called a Trojan horse. Trap Doors: user’s access privileges code into program. • Virus: A virus is a fragment of code embedded in a legitimate programs. They can wreck havoc in a system by modifying or destroying files and causing system crashes program malfunctions.
System and Network Threats • System and network threats create situation in which operating system resources and user files are misused. • Worms: A worm is a process that uses the spawn mechanism to duplicate itself. The worm spawns copies of itself using up system resources and perhaps locking out all other processes.

Recommended

Protection and Security in Operating Systems
Protection and Security in Operating SystemsProtection and Security in Operating Systems
Protection and Security in Operating Systems
vampugani
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
sohaildanish
 
Protection and security
Protection and securityProtection and security
Protection and security
mbadhi
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
Pooja Dixit
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating System
Meghaj Mallick
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6AfiqEfendy Zaen
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
Abou Bakr Ashraf
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 

Recommended

Protection and Security in Operating Systems
Protection and Security in Operating SystemsProtection and Security in Operating Systems
Protection and Security in Operating Systems
vampugani
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
sohaildanish
 
Protection and security
Protection and securityProtection and security
Protection and security
mbadhi
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
Pooja Dixit
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating System
Meghaj Mallick
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6AfiqEfendy Zaen
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
Abou Bakr Ashraf
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 
Security models
Security models Security models
Security models
LJ PROJECTS
 
Access Controls
Access ControlsAccess Controls
Access Controls
primeteacher32
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
operating system structure
operating system structureoperating system structure
operating system structureWaseem Ud Din Farooqui
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
Kabul Education University
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
Vibrant Event
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Dheeraj Kataria
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
Zaheer720515
 
Database security
Database securityDatabase security
Database security
Arpana shree
 
File Protection
File ProtectionFile Protection
File Protection
Kriti Katyayan
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
Sachin Darekar
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
Unix.system.calls
Unix.system.callsUnix.system.calls
Unix.system.calls
GRajendra
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
PriSim
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
GulnurAzat
 
Database security
Database securityDatabase security
Database security
MaryamAsghar9
 
Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
File Management
File ManagementFile Management
File Management
ramya marichamy
 
Protection
ProtectionProtection
Protection
Mohanlal Sukhadia University (MLSU)
 
Protection Domain and Access Matrix Model -Operating System
Protection Domain and Access Matrix Model -Operating SystemProtection Domain and Access Matrix Model -Operating System
Protection Domain and Access Matrix Model -Operating System
LalfakawmaKh
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.ppt
miki304759
 

More Related Content

What's hot

Security models
Security models Security models
Security models
LJ PROJECTS
 
Access Controls
Access ControlsAccess Controls
Access Controls
primeteacher32
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
Kabul Education University
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
Vibrant Event
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Dheeraj Kataria
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
Zaheer720515
 
Database security
Database securityDatabase security
Database security
Arpana shree
 
File Protection
File ProtectionFile Protection
File Protection
Kriti Katyayan
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
Sachin Darekar
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
Unix.system.calls
Unix.system.callsUnix.system.calls
Unix.system.calls
GRajendra
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
PriSim
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
GulnurAzat
 
Database security
Database securityDatabase security
Database security
MaryamAsghar9
 
File Management
File ManagementFile Management
File Management
ramya marichamy
 
Protection
ProtectionProtection
Protection
Mohanlal Sukhadia University (MLSU)
 

What's hot (20)

Security models
Security models Security models
Security models
 
Access Controls
Access ControlsAccess Controls
Access Controls
 
Operating system security
Operating system securityOperating system security
Operating system security
 
operating system structure
operating system structureoperating system structure
operating system structure
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
 
Database security
Database securityDatabase security
Database security
 
File Protection
File ProtectionFile Protection
File Protection
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 
Unix.system.calls
Unix.system.callsUnix.system.calls
Unix.system.calls
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Database security
Database securityDatabase security
Database security
 
Database Security
Database SecurityDatabase Security
Database Security
 
File Management
File ManagementFile Management
File Management
 
Protection
ProtectionProtection
Protection
 

Similar to Protection and security of operating system

Protection Domain and Access Matrix Model -Operating System
Protection Domain and Access Matrix Model -Operating SystemProtection Domain and Access Matrix Model -Operating System
Protection Domain and Access Matrix Model -Operating System
LalfakawmaKh
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.ppt
miki304759
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
rahulkumarcscsf21
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models7wounders
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
Ankur Kumar
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
begmohsin
 
Introduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratIntroduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary Margarat
Mary Margarat
 
Least privilege, access control, operating system security
Least privilege, access control, operating system securityLeast privilege, access control, operating system security
Least privilege, access control, operating system security
G Prachi
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
GooglePay16
 
File Protection in Operating System
File Protection in Operating SystemFile Protection in Operating System
File Protection in Operating System
Meghaj Mallick
 
Design and Analyze Secure Networked Systems - 7
Design and Analyze Secure Networked Systems - 7Design and Analyze Secure Networked Systems - 7
Design and Analyze Secure Networked Systems - 7
Don Kim
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
Seth Nurul
 

Similar to Protection and security of operating system (20)

Protection Domain and Access Matrix Model -Operating System
Protection Domain and Access Matrix Model -Operating SystemProtection Domain and Access Matrix Model -Operating System
Protection Domain and Access Matrix Model -Operating System
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.ppt
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 
Os8
Os8Os8
Os8
 
Os8
Os8Os8
Os8
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
Introduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratIntroduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary Margarat
 
Least privilege, access control, operating system security
Least privilege, access control, operating system securityLeast privilege, access control, operating system security
Least privilege, access control, operating system security
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
 
File Protection in Operating System
File Protection in Operating SystemFile Protection in Operating System
File Protection in Operating System
 
Design and Analyze Secure Networked Systems - 7
Design and Analyze Secure Networked Systems - 7Design and Analyze Secure Networked Systems - 7
Design and Analyze Secure Networked Systems - 7
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
Thur Venture
Thur VentureThur Venture
Thur Venture
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Regression
RegressionRegression
Regression
 
Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha Venture
 

More from Abdullah Khosa

Chanel and H&M Brand Comparison.pdf
Chanel and H&M Brand Comparison.pdfChanel and H&M Brand Comparison.pdf
Chanel and H&M Brand Comparison.pdf
Abdullah Khosa
 
Mycin presentation
Mycin presentationMycin presentation
Mycin presentation
Abdullah Khosa
 
Policy directives of federal government of pakistan for Enterprise Architecture
Policy directives of federal government of pakistan for Enterprise ArchitecturePolicy directives of federal government of pakistan for Enterprise Architecture
Policy directives of federal government of pakistan for Enterprise Architecture
Abdullah Khosa
 
Face to Face Communication and Text Based Communication in HCI
Face to Face Communication and Text Based Communication in HCIFace to Face Communication and Text Based Communication in HCI
Face to Face Communication and Text Based Communication in HCI
Abdullah Khosa
 
STRATEGIC PAY PLANS
STRATEGIC PAY PLANSSTRATEGIC PAY PLANS
STRATEGIC PAY PLANS
Abdullah Khosa
 
AI services in google
AI services in googleAI services in google
AI services in google
Abdullah Khosa
 
Cloud Artificial Intelligence services
Cloud Artificial Intelligence servicesCloud Artificial Intelligence services
Cloud Artificial Intelligence services
Abdullah Khosa
 
Digital centralization
Digital centralizationDigital centralization
Digital centralization
Abdullah Khosa
 
Diamond water-paradox (A Theory)
Diamond water-paradox (A Theory)Diamond water-paradox (A Theory)
Diamond water-paradox (A Theory)
Abdullah Khosa
 
The 5th generation (5G)
The 5th generation (5G)The 5th generation (5G)
The 5th generation (5G)
Abdullah Khosa
 
Report of database of list of Pakistan international cricket stadiums
Report of database of list of Pakistan international cricket stadiumsReport of database of list of Pakistan international cricket stadiums
Report of database of list of Pakistan international cricket stadiums
Abdullah Khosa
 
Database of list of Pakistan international cricket stadiums
Database of list of Pakistan international cricket stadiumsDatabase of list of Pakistan international cricket stadiums
Database of list of Pakistan international cricket stadiums
Abdullah Khosa
 
Attitude and behavior
Attitude and behaviorAttitude and behavior
Attitude and behavior
Abdullah Khosa
 
Digital signature
Digital signatureDigital signature
Digital signature
Abdullah Khosa
 
Benefits of Search engine optimization
Benefits of Search engine optimizationBenefits of Search engine optimization
Benefits of Search engine optimization
Abdullah Khosa
 
Physical Database Design & Performance
Physical Database Design & PerformancePhysical Database Design & Performance
Physical Database Design & Performance
Abdullah Khosa
 
Advanced Normalization
Advanced NormalizationAdvanced Normalization
Advanced Normalization
Abdullah Khosa
 
Relational Algebra & Calculus
Relational Algebra & CalculusRelational Algebra & Calculus
Relational Algebra & Calculus
Abdullah Khosa
 
Advance database system(part 8)
Advance database system(part 8)Advance database system(part 8)
Advance database system(part 8)
Abdullah Khosa
 
Advance database system(part 7)
Advance database system(part 7)Advance database system(part 7)
Advance database system(part 7)
Abdullah Khosa
 

More from Abdullah Khosa (20)

Chanel and H&M Brand Comparison.pdf
Chanel and H&M Brand Comparison.pdfChanel and H&M Brand Comparison.pdf
Chanel and H&M Brand Comparison.pdf
 
Mycin presentation
Mycin presentationMycin presentation
Mycin presentation
 
Policy directives of federal government of pakistan for Enterprise Architecture
Policy directives of federal government of pakistan for Enterprise ArchitecturePolicy directives of federal government of pakistan for Enterprise Architecture
Policy directives of federal government of pakistan for Enterprise Architecture
 
Face to Face Communication and Text Based Communication in HCI
Face to Face Communication and Text Based Communication in HCIFace to Face Communication and Text Based Communication in HCI
Face to Face Communication and Text Based Communication in HCI
 
STRATEGIC PAY PLANS
STRATEGIC PAY PLANSSTRATEGIC PAY PLANS
STRATEGIC PAY PLANS
 
AI services in google
AI services in googleAI services in google
AI services in google
 
Cloud Artificial Intelligence services
Cloud Artificial Intelligence servicesCloud Artificial Intelligence services
Cloud Artificial Intelligence services
 
Digital centralization
Digital centralizationDigital centralization
Digital centralization
 
Diamond water-paradox (A Theory)
Diamond water-paradox (A Theory)Diamond water-paradox (A Theory)
Diamond water-paradox (A Theory)
 
The 5th generation (5G)
The 5th generation (5G)The 5th generation (5G)
The 5th generation (5G)
 
Report of database of list of Pakistan international cricket stadiums
Report of database of list of Pakistan international cricket stadiumsReport of database of list of Pakistan international cricket stadiums
Report of database of list of Pakistan international cricket stadiums
 
Database of list of Pakistan international cricket stadiums
Database of list of Pakistan international cricket stadiumsDatabase of list of Pakistan international cricket stadiums
Database of list of Pakistan international cricket stadiums
 
Attitude and behavior
Attitude and behaviorAttitude and behavior
Attitude and behavior
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Benefits of Search engine optimization
Benefits of Search engine optimizationBenefits of Search engine optimization
Benefits of Search engine optimization
 
Physical Database Design & Performance
Physical Database Design & PerformancePhysical Database Design & Performance
Physical Database Design & Performance
 
Advanced Normalization
Advanced NormalizationAdvanced Normalization
Advanced Normalization
 
Relational Algebra & Calculus
Relational Algebra & CalculusRelational Algebra & Calculus
Relational Algebra & Calculus
 
Advance database system(part 8)
Advance database system(part 8)Advance database system(part 8)
Advance database system(part 8)
 
Advance database system(part 7)
Advance database system(part 7)Advance database system(part 7)
Advance database system(part 7)
 

Recently uploaded

June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
joachimlavalley1
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 

Recently uploaded (20)

June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 

Protection and security of operating system

  • 1. Group No.5 Name • Muhammad Abdullah • Sarmad Ali • Hashaam Altaf • Hanif Shah • Noman Rasool • Imran Ahmed Roll No. • 02 • 01 • 38 • 45 • 25 • 46
  • 2. Topic: Protection and Security of Operating System
  • 4. Protection: •Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system.
  • 5. Goals of Protection: •As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. •We need to provide protection for several reasons. The most obvious is the need to prevent the mischievous, intentional violation of an access restriction by user. • An unprotected resource cannot defend against use (or misuse) by an unauthorized or incompetent user. •The role of protection in a computer system is to provide a mechanism for the enforcement of the policies governing resource use.
  • 6. Principles of Protection: •The time-tested guiding principle for protection is the Principle of least privilege. It dictates that programs, users, and even systems be given just enough privileges to perform their tasks. •An operating system following the principle of least privilege implements its features, programs, system calls, and data structures so that failure or compromise of a component does the minimum damage and allows the minimum damage to be done.
  • 7. Domain of Protection: •A computer system is a collection of processes and objects. By objects, we mean both hardware objects (such as the CPU, printer) and software objects(such as files, programs). •Each object has a unique name that differentiates it from all other objects in the system, and each can be accessed only through well-defined and meaningful operations.
  • 8. Domain Structures. •Each domain defines a set of objects and the types of operations that may be invoked on each object. • The ability to execute an operation on an object is an access right. •A domain can be realized in a variety of ways: •Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user. •Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process.
  • 9. Cont… •For example, if domain D has the access right <file F, {read, write}>, then a process executing in domain D can both read and write file F; it cannot, however, perform any other operation on that object.
  • 10. Example: UNIX System: •In the UNIX operating system, a domain is associated with the user •In Unix operating system user ID’s use for identify the domain.
  • 12. Access Matrix: •Our model of protection can be viewed abstractly as a matrix, called an Access Matrix. The column of the access matrix represent domains, and the rows represent objects. Each entry in the matrix consists of a set of access rights.
  • 13. Access Control: •Access Control is to control which objects a given program can access, and in what ways. Objects are things like files, sound cards, other programs, the network, your modem etc. •When we talk about ``controlling access,'' we are really talking about four kinds of things: i) Preventing access. ii) Limiting access. iii) Granting access . iv) Revoking access.
  • 14. Cont... •A good example of this is found in Solaris 10. •Solaris uses Role-based access control(RBAC) to adding the principle. •Role-based access control (RBAC) is a security feature for controlling user access to tasks that would normally be restricted to the root user. • In conventional UNIX systems, the root user, also referred to as superuser. The root user has the ability to read and write to any file, run all programs, and send kill signals to any process.
  • 16. Capability-based Systems: •In a capability-based computer system, all access to objects is done through capabilities, and capabilities provide the only means of accessing objects. In such a system, every program holds a set of capabilities. •If program A holds a capability to talk to program B, then the two programs can grant capabilities to each other. •In most capability-based systems, a program can hold an infinite number of capabilities. Such systems have tended to be slow.
  • 17. Cont... •A better design allows each program to hold a fixed (and small -- like 16 or 32) number of capabilities, and provides a means for storing additional capabilities if they are needed. •Here two example are discuss •Cambridge CAP System. •Hydra
  • 18. Cambridge CAP System: •The Cambridge CAP computer was the first successful experimental computer that demonstrated the use of security capabilities, both in hardware and software . •The CAP system was designed such that any access to a memory segment or hardware required that the current process held the necessary capabilities. •CAP has two kinds of capabilities. •Data Capability. •Software Capability.
  • 19. Cont… •Data Capability: It can be used to provide access to objects, but the only rights provided are the standard read, write, and execute of the individual storage segments associated with the object. •Software Capability: It is a protected procedure, which may be written by an application programmer as part of a subsystem. A particular kind of rights amplification is associated with a protected procedure. When executing the code, a process temporarily acquires the right to read or write the contents of a software capability itself.
  • 21. Hydra: •Hydra is a capability-based protection system that provides considerable flexibility. The system implements a fixed set of possible access rights. • In addition, a user can declare other rights. The interpretation of user-defined rights is performed by the user's program, but the system provides access protection for the use of these rights.
  • 22. Language Based Protection: •As operating systems have become more complex, and particularly as they have attempted to provide higher-level user interfaces, the goals of protection have become much more refined. The designers of protection systems have drawn heavily on ideas that originated in programming languages and especially on the concepts of abstract data types and objects. •There must be a protection policy to control the access of user defined programs.
  • 23. Cont… • Protection systems are now concerned not only with the identity of a resource to which access is attempted but also with the functional nature of that access. •It is usually achieved through an operating-system kernel, which acts as a security agent to inspect and validate each attempt to access a protected resource.
  • 24. SECURITY • ensure that each object is accessed correctly and only by those processes of authorized users that are allowed to do so. Security violation of the System can be categorized as: • Breach of Confidentiality: Unauthorized reading of data. • Breach of Integrity: Unauthorized modification of data. • Breach of Availability: Unauthorized destruction of data. • Theft of Service: Unauthorized use of resources. • Denial of service: Preventing legitimate use of the system.
  • 26. Security Measures • Physical: Both the machine rooms and the terminals or workstations that have access to the machines must be secures from physical entry. • Human: Authorization must be done carefully to ensure that only appropriate users have access to the system. • Operating System: The system must protect itself from accidental or purposeful security breaches. • Network: protection from the travel of data to private leased lines like Internet. • User Authentication: User should use some password or biometric authentications to protect the System.
  • 27. Security Kernal • Responsible for implementing the security mechanisms of the entire operating system. • Provides the security interfaces among the hardware, the operating system, and the other parts of the computing system. Program Threats: • Virus dropper inserts virus onto the system. Use backdoor to access data. • Trojan Horse: A code segment that misuses its environment is called a Trojan horse. Trap Doors: user’s access privileges code into program. • Virus: A virus is a fragment of code embedded in a legitimate programs. They can wreck havoc in a system by modifying or destroying files and causing system crashes program malfunctions.
  • 28. System and Network Threats • System and network threats create situation in which operating system resources and user files are misused. • Worms: A worm is a process that uses the spawn mechanism to duplicate itself. The worm spawns copies of itself using up system resources and perhaps locking out all other processes.