Operating Systems

Report - Security Models

Instructor: Professor Midori Sugaya

Fabio Harada Kubo

ID: XE14609

Microsoft Windows v.s. Linux: Security model

Used by a large share of the personal computer market, the Microsoft Windows
operating systems are well known for being user-friendly. But when it comes to
servers, Linux based systems are prevalent. In this environment, it's preferable that
systems are secure and robust.
It's common to find as argument to say that Linux systems are more secure, that this
system does not run as a 'root', the Windows 'administrator' equivalent. In this way,
only an authorized user, with the root password, can make changes to the system.
Although, the Windows UAC, launched in Windows Vista (2007), has similar
capabilities.
Another common argument is that there are more viruses and malwares for a
Windows environment than for a Linux system. It's true, but it doesn't assure that
Linux systems are not vulnerable and, therefore, safer. It just ensures that Linux
users are considerable less likely to get infected.

And what about their models?

Microsoft Windows
The Windows security model is a collection of user-mode and kernel-mode process
that deals with the different OS security components.

Components
1. Security Reference Monitor (SRM): SRM is a component running in kernelmode that checks for proper authorization before granting access to objects.
2. Local Security Authority Subsystem (Lsass): Lsass is a user-mode component
that is responsible for the local system security policy, user authentication,
and sending security audit messages to the event log.
3. Security Accounts Manager (SAM): SAM service is a set of subroutines
responsible for managing the database that contains the username and
groups defined on the local machine.
4. Logon Process (Winlogon): Winlogon is a user-mode process that is
responsible for responding to the Lsass and for managing interactive logon
sessions.
5. User Account Control (UAC): UAC is a component that limit applications to
standard user privileges until an administrator authorizes an elevation.

Linux
The Linux security model is a collection of several active process, daemon services,
and libraries that provide a secure framework for the Linux kernel work in.

Components
1. Pluggable Authentication Module (PAM): PAM provide dynamic
authentication support for applications and services. It separate the tasks of
authentication into four independent management groups (listed below).
2. Authentication Module: It is a module used to authenticate users and for set
or destroy credentials.
3. Account Management Module: It performs actions related to access, account
and credential expiration.
4. Password Management Module: It handles and manages user's passwords
including setting, resetting, and changing passwords.
5. Session Management Module: It is used for initializing and terminating
sessions. It also deals with creating the appropriate log entries for every
initialized session.

Comparison
Both systems are modularized in a way that their security components are sort of
independent services and process working in the kernel mode and user mode. These
process are used by the operating system to accomplish a specific task such as
authentication, logging, enforcing policies, and account management. Such
modularization makes the system more stable and easier to maintain.

References
Bassil, Youssef. Windows and Linux Operating Systems From a Security Perspective.
URL: http://arxiv.org/abs/1204.0197
Srivistava, Vishal. Understanding and configuring PAM. URL:
http://www.ibm.com/developerworks/library/l-pam/
Noyes, Katherine. Why Linux Is More Secure Than Windows. URL:
http://www.pcworld.com/article/202452/why_linux_is_more_secure_than_window
s.html
Usage share of operations. URL:
http://en.wikipedia.org/wiki/Usage_share_of_operating_systems#Market_share_by
_category
The Windows Security Model. URL: http://msdn.microsoft.com/enus/library/bb385791.aspx