Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bzupages.com. Operating System: Presented To: Sir. Ahsan Raza Presented By: Shaista Sumreen (06-04) Aliya Zafar (06-06) Mamoona Sadia (06-08) Javaria.

Published byEric Neal Modified over 8 years ago

Similar presentations

Presentation on theme: "Bzupages.com. Operating System: Presented To: Sir. Ahsan Raza Presented By: Shaista Sumreen (06-04) Aliya Zafar (06-06) Mamoona Sadia (06-08) Javaria."— Presentation transcript:

1 bzupages.com

2 Operating System: Presented To: Sir. Ahsan Raza Presented By: Shaista Sumreen (06-04) Aliya Zafar (06-06) Mamoona Sadia (06-08) Javaria Qayyum (06-26) Sana Tareen (06-31) Sadia Riaz (06-33)

3 bzupages.com Services of Operating System: Process Management Multi-Tasking Interrupt Processing Memory Management Registers Random Access Memory Disk Storage Disk & File System Networking Security

4 bzupages.com

5 Outline Operating System Security Protection Mechanism H/W Security Protection of Memory Access Control Mechanism Auditing Fault Tolerance Summary

6 bzupages.com Shaista Sumreen 06-04 Topic Protection Mechanism H/W Security

7 bzupages.com Protection Mechanism:(1) Operating system security is provided by gates that users must pass through before entering the operating system environment, and permission matrixes that determine what they are able to do once inside.

8 bzupages.com Protection Mechanism:(2) Dialup gate Login gate Root gate Secure RPC gate File and directory matrix NIS+ objects matrix

9 bzupages.com Protection Mechanism: O.S provides protection with following Spectrum: No protection Isolation Share all Or Share nothing Share via access limitation Share via dynamic capabilities Limited use of an object

10 bzupages.com Hardware Security:(1) Problem??? Examples: Telephone SIM cards Smart cards (used for access, TV decoders, ID, money...) Public ATM machines

11 bzupages.com Hardware Security:(2) Install a version of the PROM monitor that either does not provide (or at least password protects) the commands to examine and change memory contents. Ensure that workstations cannot be taken into single-user mode without providing the "root" (or a PROM monitor "hardware") password.

12 bzupages.com Protecting data from hardware failures:(3) Use Backups. Use Redundant Arrays of Inexpensive Disks (RAID). Failure of a single disk should not cause any data loss. Beware of manufacturers.

13 bzupages.com Protection Of Memory: Memory Encryption Control Unit (MECU) encrypts all memory transfers between the level 2 cache and main memory. The keys used to encrypt memory blocks are derived from secret information present on removable authentication tokens, e.g., smart card, or other similar secure storage devices. This provides protection against physical attacks in absence of the token. User Oriented Data Oriented

14 bzupages.com User Oriented Access Control: User access control in distributed environment can be either centralized or decentralized. 1.In a centralized approach network provides a log on service, determining who is allowed to use the network and to whom the user is allowed to connect. 2.Decentralized user access control treats the network as a transport communication link, and the destination host carries out the usual log on procedure.

15 bzupages.com User Oriented Access Control: Authenticating users Commonly done using id and password Concern about eavesdropping May be centralized (network logon) or distributed (each host handles logon) May also limit who can access the network as a whole

16 bzupages.com Data Oriented Access Control: Each user has permitted actions Anyone in administration can see the list of employees, but only personnel staff can change someone’s salary Access matrix (Subjects x Objects) Subject — Entity that can access objects Object — Anything to which access is controlled Access Right — The way the object is accessed by the subject

17 bzupages.com Data Oriented Access Control: Generally matrix is sparse, so stored in a different fashion: Access Control List Who is allowed to do something with this object Capability List What can this user do?

18 bzupages.com Javeria Qayyum 06-26 Topic Access Control

19 bzupages.com Access Control:

20 bzupages.com Strategy: Try user info variants Try words from 60,000 entry dictionary Try permutations of above (0-O, 1-L, etc.) Try various capitalization of above

21 bzupages.com Protecting Password:

22 bzupages.com Sadia Riaz 06-33 Topic Auditing

23 bzupages.com Auditing: Record of ongoing activity Most systems include auditing files Intruder detection system may have additional files Detection-specific audit records Subject — Who is doing the action? Action — What is being done? Object — What is being used? Exception condition — Any problems? Resource usage Timestamp — When did it happen? Each record refers to an elementary action Easier to detect intrusions Simplifies model and implementation

24 bzupages.com Sana Tareen 06-31 Topic Fault Tolerance Introduction Requirements

25 bzupages.com Introduction: What is the System??? 3 Levels of Fault Tolerance 1.H/W fault tolerance 2.S/W fault tolerance 3.System fault tolerance

26 bzupages.com “A system is the entire set of components, both computer related, and non-computer related, that provides a service to a user.”

27 bzupages.com Requirements: Dependable System Approaches to achieve dependability 1.Fault avoidance 2.Fault Removal 3.Fault Tolerance Dependability Specification 1.Qualitative 2.Quantitative

28 bzupages.com Mamoona Sadia 06-08 Topic Classes of Fault Tolerance Mechanism

29 bzupages.com Fault Classes: Locality Effects (Timing & Date) Cause (Design, Damage) Duration (Transient, Persistent) Efforts On the System State 1.Crash 2.Amesia

30 bzupages.com Mechanism: Detection Diagnose Containment

31 bzupages.com Aliya Zafar 06-06 Summary of Presentation

32 bzupages.com Thanks

Download ppt "Bzupages.com. Operating System: Presented To: Sir. Ahsan Raza Presented By: Shaista Sumreen (06-04) Aliya Zafar (06-06) Mamoona Sadia (06-08) Javaria."

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Operating System Structures

Operating System Structures
CS426Fall 2010/Lecture 71 Computer Security CS 426 Lecture 7 Operating System Security Basics.

CS426Fall 2010/Lecture 71 Computer Security CS 426 Lecture 7 Operating System Security Basics.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Distributed System Structures Network Operating Systems –provide an environment where users can access remote resources through remote login or file transfer.

Distributed System Structures Network Operating Systems –provide an environment where users can access remote resources through remote login or file transfer.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Access Control Methodologies

Access Control Methodologies
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Database Management System

Database Management System
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.

Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.
1 Pertemuan 04 Pengamanan Akses Sistem Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 04 Pengamanan Akses Sistem Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Chapter 12 File Management Systems

Chapter 12 File Management Systems
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.

Similar presentations

Ads by Google