Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating system Security By Murtaza K. Madraswala.

Published byCora Young Modified over 8 years ago

Similar presentations

Presentation on theme: "Operating system Security By Murtaza K. Madraswala."— Presentation transcript:

1 Operating system Security By Murtaza K. Madraswala

2 Control access by limiting file types accessed by different users Only authorized processes can operate on memory segments, CPU and other resources Protection

3 Security Protect information integrity by ensuring authentication of system users Prevent unauthorized access Prevent malicious destruction of data Prevent accidental introduction of inconsistency

4 Security vs. Protection Security takes into consideration the protection system which is strictly internal, as well as the external environment in which the system operates Security violations can be malicious or accidental

5 Security (Contd.) Malicious violations Unauthorized reading of data Unauthorized writing of data Unauthorized destruction of data Preventing legitimate system use (Denial of service)

6 Security (Contd.) Four levels of security measures 1.Physical – Physical protection of the computer system 2.Human – Screening of users given access to the computer system 3.Network 4.Operating System – OS must be capable of protecting itself from accidental or intentional security breaches

7 Operating System Security User authentication Based on -User possession (of key or card) -User knowledge (user identifier + password) -User attribute (fingerprint, retina pattern, signature)

8 Passwords Password vulnerabilities Encrypted passwords One-Time passwords Biometrics

9 Program Threats A program written by one user and used by another may cause unexpected behavior Trojan horse – This problem is created by the operating system which allows the programs written by one user to be executed by another This is a code segment that can misuse it environment

10 Program Threats (contd.) Trap door Stack and buffer overflow

11 System threats Most operating systems allow processes to spawn other processes. This creates situations in which operating system resources and files are misused

12 System threats (Contd.) Worms Worms are programs that reduce system performance by spawning copies of themselves repeatedly, locking out system use by all other processes. In a network worms may reproduce across systems and bring down the entire network

13 System threats (Contd.) Viruses A virus is a fragment of code embedded in a legitimate program. It is capable of modifying/destroying files, causing program malfunctions and system crashes.

14 System threats (Contd.) Denial of Service The focus of this attack is to disable the legitimate use of a system/facility rather than gaining information or stealing resources

15 Intrusion detection Strives to detect attempted or successful intrusions into a computer system, and initiate a proper response. Two approaches: 1.Signature-based detection – Here system input or traffic is examined for specific behavior patterns 2.Anomaly detection – This approach attempts to detect anomalous behavior within the computer system.

16 Intrusion detection (Contd.) Signature-based detection attempts to characterize dangerous behavior and detects when such behavior occurs Anomaly detection attempts to characterize normal behaviors and detects when something abnormal occurs

17 Intrusion detection (Contd.) Auditing and logging In audit-trail processing, security relevant events are logged to an audit trail and matched against attack signatures (signature-based detection) or analyzed for anomalous behavior (anomaly detection)

18 Intrusion detection (Contd.) System-Call Monitoring Process system calls are monitored to detect instances when a process deviates from the expected system-call behavior Attacks that attempt to take over a process by exploiting the buffer-overflow vulnerability, and execute the attacker’s code rather than the original code can be detected using this technique

19 References Silberschatz, Galvin & Gagne, Operating System Concepts (6 ed.), John Wiley and Sons R. Summers, Secure Computing – Threats and Safeguards, McGraw-Hill M. Milenkovic, Operating Systems – Concepts and Designs, McGraw-Hill W. Stallings, Operating Systems – Internals and Design Principles, Prentice Hall

Download ppt "Operating system Security By Murtaza K. Madraswala."

Similar presentations

Chapter 15 Computer Security Techniques

Chapter 15 Computer Security Techniques
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.

1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Introducing Computer and Network Security

Introducing Computer and Network Security
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.

Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.

1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.

Similar presentations

Ads by Google