Operating System

OPERATING SYSTEM SECURITY

INTRODUCTION

In the world of computer systems, security and protection are two techniques used to (prevent
any misbehavior or mischief) safeguard data/information stored in the computer system and
computer system resources such as disk, CPU, memory, software programs. Any resource can
be attacked (damaged) in either of two ways: external or internal. For instance, if a computer program
is run by an unauthorized user, then severe damage may be caused to the computer or data
stored in it.
To prevent threat or damage to any resource, there must be a protection; and security should
be in place (implemented). There are two types of threat to any computer system, namely:
internal and external. Protection techniques are used in dealing with internal threats while
security techniques deals with external threats. Protection puts in place mechanisms to
control the access of programs and processes defined by the operating system. Computer
systems must therefore be protected against unauthorized access, malicious access to system
memory, viruses, worms etc. Thus security is used in preventing malicious systems from
entering into a system.

Security of Operating System

As indicated in the introduction, security deals with external (environment) threats. The
Operating System contains a number of resources/files (information) which can be stolen by
external sources. Thus any of the following can happen to the information:

 Theft of Information: A malicious hacker will try to steal any part of the information.
 Modification of data by an unauthorized user: A malicious user can try modifying
data on the system
 Destruction of data: In this case data is destroyed and cannot be accessed

LEVELS OF SECURITY:
Generally there are different security levels with the following being the main ones:
 Physical: This deals with the situation where security guards for instance are kept at the
site containing the computer system(Server rooms, etc)
 Human: In this case, authorization or authentication mechanisms should be in place to
enable normal/recognised users have access to the system
 Network: Data being transmitted on a network should get to the receiver as sent, thus
data being transmitted should be secured for example encryption.
 Operating System Security: In this level, there should be a security system built into
the Operating System to help in protecting itself and the system.

MAJOR AREAS TO CONSIDER

Computer systems must be protected against unauthorized access, malicious access to system
memory, viruses, worms etc. The following are some of the ways employed:

1
 Operating System
Authentication
One Time passwords
Program Threats
System Threats
Computer Security Classifications

Authentication
In authentication each user of a system is first identified and thereafter the users are connected to
the executing programs. One of the responsibilities of the Operating System is to create a
protection system which guarantees that a user who is running a particular program is
authentic. Operating Systems generally employ the following three ways in the
identification/authentication of users:

 Username / Password – To login into a system, it is required of a user to enter a

registered username and password with the Operating
system.

 User card/key – To login into a system, the user punches a card in card slot; or enters
a key generated by key generator in option provided by operating
system.

 User attributes (fingerprint / eye retina pattern/ signature etc) – To login into the
system, users passes their attributes via designated input device used by the
operating system. .

One Time passwords

In this case, the one-time passwords provide additional security alongside the normal
authentication. A unique password is always required every time the user tries to login into
the system. A one-time password is used once, and cannot be used again. One-time
passwords are employed in several ways. The main ways are by the use of:
1. Random numbers - Users are given cards having numbers printed along with
corresponding alphabets. The system asks for numbers
corresponding to few alphabets chosen randomly.

2. Secret key – In this case u sers are supplied with a hardware device which can
create a secret id mapped with user id. The system asks for the secret id
which is generated every time prior to login.

3. Network password – In this case, one-time passwords required to be used or entered

prior to login are sent by some commercial applications to users on
registered mobile/ email.

2
 Operating System
THREATS

Generally, threats are classified into two categories:

1. Program
2. System

Program Threats
Any program that has the potential to cause serious damage to a system is a program threat. It
is generally a program written by a cracker to hijack the security or to change the behavior of
a normal process
Following is the list of some well-known program threats.
Trojan Horse - It is a code segment that misuses its environment. User login credentials
are trapped, stored and sent to a malicious user who uses them to login to computer
and access system resources. They pretend to be attractive and harmless cover
program but are a really harmful hidden program.

Trap Door – trap doors are like holes left by a designer of a program or system in
software. If a program designed to work as required, have a security hole in its code
which perform illegally without knowledge of user then it is called a trap door. The
They are quite difficult to detect and to analyze them, one needs to go through the
source code of all the components of the system.

Logic Bomb – It is a program that initiates a security attack only under specific
situation/condition. That is to say it is a program that misbehaves only when certain
conditions are met otherwise it works as a genuine program. It is harder to detect.

Virus - Virus can replicate itself on computer system. They are very dangerous and can
modify/delete user files; and even crash/destroy systems. It is generally a small code
embedded in a program. Generally, virus starts getting embedded in other files/
programs as user accesses the program containing the virus, and can make system
useless for user.

System Threats
These threats involve the abuse of system services and network connections. They try to
create situations or an environment in which an operating-system resources and user files are
misused. They are also used as a medium/base to launch program threats (also known as
program attack).

Following is the list of some well-known system threats.

Worm - to an extreme level, a worm is a process which can obstruct the performance of a
system by using system resources. It generates multiple copies where each copy uses system

3
 Operating System
resources and prevents all other processes to get the required resources. Worms’ processes can
even shut down a whole network.
In contrast to virus, they target mainly LANs. A computer affected by a worm attacks the
target system and writes a small program on it. This small program is further used to spread
the worm to the target computer. The process repeats recursively, and soon enough all the
systems of the LAN become affected.

Port Scanning –
Port scanning is a mechanism or means by which a cracker detects/identifies system
vulnerabilities and uses it to make an attack on the system. It is a means by which the cracker
identifies the vulnerabilities of the system to attack. Normally the process is automated and
involves creating a TCP/IP connection to a specific port. To protect the identity of the attacker,
port scanning attacks are launched from previously independent systems which systems were
also serving their owners while being used for such infamous purposes.

Denial of Service - Denial of service attacks a r e normally n o t u s e d i n t h e collecting of

information or destroying system files but to prevent user to make legitimate use of the
system. For example, a user may not be able to use internet if denial of service attacks
browser's content settings. They are generally networked based and of two categories:
 In the first category use is made of so many system resources that no useful work can
be performed example, downloading a file from a website that proceeds with the use
of all available CPU time.
 In the second category, the network facility is disrupted and is mostly due to
fundamental functionality of the TCP/IP

Computer Security Classifications

As per the U.S. Department of Defense Trusted Computer System's Evaluation Criteria there
are four security classifications in computer systems namely A, B, C, and D. This is widely
used specifications to determine and model the security of systems and of security solutions.
The brief description of each classification as follows:

S.N. Classification Description

Type

Highest Level. Uses formal design specifications and

1 Type A verification techniques. Grants a high degree of assurance of
process security.

4
 Operating System
Provides mandatory protection system. Have all the properties
of a class C2 system. Attaches a sensitivity label to each
object. It is of three types.

 B1 - Maintains the security label of each object

in the system. Label is used for making
decisions to access control.
2 Type B
 B2 - Extends the sensitivity labels to each
system resource, such as storage objects,
supports covert channels and auditing of
events.

 B3 - Allows creating lists or user groups for

access- control to grant access or revoke
access to a given named object.

Provides protection and user accountability using audit

capabilities. It is of two types.

C1 - Incorporates controls so that users can protect their

3 Type C private information and keep other users from accidentally
reading / deleting their data. UNIX versions are mostly Cl class.

C2 - Adds an individual-level access control to the capabilities

of a Cl level system

Lowest level. Minimum protection. MS-DOS, Window 3.1 fall

4 Type D in this category.

5
 Operating System

https://www.tutorialspoint.com/operating_system/os_security.htm
https://www.geeksforgeeks.org/system-security/