Scribd Logo
Upload

Welcome to Scribd!

  • Protection and Security

    Uploaded by

    Preeti Toppo
    20 views15 pages
    This document discusses computer system protection and security. It defines protection domains which specify the resources a process can access, including access rights for different objects. Protection is implemented using an access matrix where rows are domains and columns are objects, with access rights defining what operations can be done. Different types of rights like copy rights, owner rights, and control rights are also discussed. System and network threats like worms and denial of service as well as user authentication methods like passwords and biometrics are briefly covered.

    Original Description:

    Original Title

    Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses computer system protection and security. It defines protection domains which specify the resources a process can access, including access rights for different objects. Protection is implemented using an access matrix where rows are domains and columns are objects, with access rights defining what operations can be done. Different types of rights like copy rights, owner rights, and control rights are also discussed. System and network threats like worms and denial of service as well as user authentication methods like passwords and biometrics are briefly covered.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    20 views15 pages

    Protection and Security

    Uploaded by

    Preeti Toppo
    This document discusses computer system protection and security. It defines protection domains which specify the resources a process can access, including access rights for different objects. Protection is implemented using an access matrix where rows are domains and columns are objects, with access rights defining what operations can be done. Different types of rights like copy rights, owner rights, and control rights are also discussed. System and network threats like worms and denial of service as well as user authentication methods like passwords and biometrics are briefly covered.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 15

    Protection

    And
    Security

    www.dextutor.com
    To prevent violation of
    an access restriction of
    Why user
    protecti
    on To ensure every program
    component in a system
    uses resources in an
    intended manner only

    Baljit Singh Saini (www.dextutor.com)


    Principle of least privilege

    • It dictates that programs, users and even systems be given just


    enough privileges to perform their tasks.

    Baljit Singh Saini (www.dextutor.com)


    Computer system is a collection of

    • Processes

    Domain
    • Objects – hardware or software

    Each object has a


    of • unique name – for identification
    • Well defined operations – for access
    protecti E.g.

    on • CPU – can only execute


    • Memory segments – read and write
    • Data files – created, opened, read, written,
    closed and deleted

    Baljit Singh Saini (www.dextutor.com)


    Protection domain specifies the resources that the
    process may access.

    Access right – ability to execute an operation on

    Domain an object

    Domain defines a set of objects and types of

    Structur operations that may be invoked on each object.


    Domain is a collection of access rights, each of

    e
    which is an ordered pair <object-name, rights-
    set>.
    E.g. domain D has the access right <file F,
    {right,write}>
    • Means any process executing in domain D can both read and
    write in file F

    Baljit Singh Saini (www.dextutor.com)


    Example

    Baljit Singh Saini (www.dextutor.com)


    Domain

    1 2 3
    Each user can Each process Each
    be a domain can be a procedure can
    domain be a domain

    Baljit Singh Saini (www.dextutor.com)


    Access Matrix

    • View protection as a
    matrix (access matrix)
    • Rows represent domains
    • Columns represent
    objects
    • Access(i, j) is the set of
    operations that a
    process executing in
    Domaini can invoke on
    Objectj

    Baljit Singh Saini (www.dextutor.com)


    Access
    matrix with
    domains as
    objects
    • Process from one
    domain can switch
    to another domain

    Baljit Singh Saini (www.dextutor.com)


    Access matrix with copy rights

    A copy right allows the access right


    to be copied only within the column.

    Denoted by *

    A process executing in domain D2 can


    copy the read operation into any entry
    associated with file F2.

    Baljit Singh Saini (www.dextutor.com)


    Access matrix with owner
    rights

    Owner right – permission to


    add new rights or remove
    some rights

    If access(I,j) includes the


    owner right, then a a process
    executing in domain Di can
    add and remove any right in
    any entry in column j.

    Baljit Singh Saini (www.dextutor.com)


    Access matrix with control right

    Baljit Singh Saini (www.dextutor.com)


    Worms
    System
    and
    Network Port scanning
    threats
    Denial of
    service
    Baljit Singh Saini (www.dextutor.com)
    Passwords

    • Password vulnerabilities
    User
    authenticati One time passwords
    on

    Biometrics

    Baljit Singh Saini (www.dextutor.com)


    References

    • Silberschatz, Abraham, et al. Operating system concepts.


    Edition-8. Reading: Addison-Wesley

    Baljit Singh Saini (www.dextutor.com)

    You might also like