Professional Documents
Culture Documents
Op System
Op System
semester)
Topic No:2
Operating system security
o OS Security generally refers to the protection of Information stored, as
well as the Data we deal with in real time, while using a Computer System.
o Security Issue
Operating systems provide various mechanisms to protect data and programs.
A system is secure if and when the resources are used and accessed as
intended under all circumstances.
Security is never assured to be one hundred percent.
Security violation are either maliciously intentional or accidental.
o Some examples of malicious accessing are as follows:
Unauthorized reading of data.
Unauthorized modification of data.
Unauthorized destruction of data.
o Among the issues to be considered these are the important ones:-
Physical Security
Authentication
Software Vulnerabilities
Malwares
Authentication:
Verifies user identity
Permits access to the operating system
Physical authentication:
Allows physical entrance to company property
Magnetic cards and biometric measures
Digital authentication: verifies user identity by
digital means
A user can be identified by:
User possession, using such as a key or card
User knowledge, using an identifier or password
And user attributes, such as fingerprint, retina pattern, or signature
Detection
o If a break-in occurs, it should be detected as soon as possible. Effective
detection measures also discourage intrusion attempts.
Correction
o If a system has been penetrated, it is necessary to take corrective action.
Periodic backup should be performed to rollback the system to a previous state.
If backup does not exist or its integrity is unknown, entire system may be
reloaded.
The cause that allowed the system to be penetrated should be fixed.
It may involve deactivating a services, installing bug fix or modifying the system
configuration.
Identification
The source of attack should be identified to discourage intruders. It
is the most difficult security task.
Audit records provide useful identification information. But the information in audit
logs may have been tamped with by the intruder.
System accessed through modems can keep track of source of incoming calls
using user-id.
System accessed through a network can record the address of the connecting
computer.
Attacks through a series of computers must be traced to their origin.
Program Threats
Virus dropper inserts virus onto the system.
Many categories of viruses, literally many thousands of viruses
Armored
Multipartite
Tunneling
Stealth
Encrypted
Source code
Boot
Trojan Horse
Code segment that misuses its environment
Exploits mechanisms for allowing programs written by users to be executed by
other users.
Trap Door
Specific user identifier or password that circumvents normal security procedures.
Logic Bomb
Program that initiates a security incident under certain circumstances.
System Threats
Worms – use spawn mechanism; standalone program.
Topic No:3
Virtual memory
o What is Virtual Memory?
The term virtual memory refers to something which appears to be present but
actually it is not.
The virtual memory technique allows users to use more memory for a program
than the real memory of a computer.
Demand Paging
Demand Paging Bring a page into memory only when it is
needed.
Less I/O needed
Less memory needed
Faster response
More users
reference to itPage is needed
Page Fault
If there is ever a reference to a page, first reference will trap to
OS page fault
OS looks at another table to decide:
Invalid reference. abort.
Just not in memory.
Get empty frame.
Swap page into frame.
Reset tables, validation bit = 1.
Restart instruction
Page Replacement
Prevent over-allocation of memory by modifying page-fault service routine to
include page replacement.
Use modify (dirty) bit to reduce overhead of page transfers – only modified pages
are written to disk.
First-In-First-Out (FIFO)
Simplest page replacement algorithm.
Each page associated with time –brought into memory.
Replace the oldest page.
First-In-First-Out(FIFO) Algorithm. FIFO is easy to understand and program.
Page Optimal Replacement
(POR)
In this algorithm, pages are replaced which would not be used for the longest
duration of time in the future.