Protection and Security

Protection and Security

Google Drive Link - Protection and Security

·        Protection

o    Mechanism for controlling the access of processes or users to the resources defined by a computer system.

o   Mechanism should specify - Controls to be imposed

o   Uses:

§  Improves reliability of the system by detecting errors and

§  Prevents contamination of a sub-system by another malfunctioning sub-system.

o   Unprotected data cannot defend against of use of unauthorized user whereas protection-oriented system can identify authorized and unauthorized usage.

o   Note:-A system can have adequate protection but still be prone to failure and allow inappropriate access.

§  Ex: - when genuine user authentication details are stolen.

·        Security:

o   To defend a system from external and internal attacks.

§  Ex;- virus, worm & Denial-of-Service

o   Prevention of some of these attacks is performed as operating system function on some systems, while others leave the prevention to additional software.

·        USER IDENTIFIERS:

o   Protection and security require the system to be able to distinguish among all its users.

o   Most operating systems maintain a list of user names and associated user identifiers (user IDs)

§  Ex:- Windows NT maintains SECURITY ID(SID)

o   IDs are used by processes & threads and picked when user is authenticated.

o   GROUP IDENTIFIERS:

§  Define a group name and the set of users belonging to that group.

§  Ex:-selected set of users may only be allowed to read the file.

§  A user can be in one or more groups

§  The user's group IDs are also included in every associated process and thread.

o   Escalate privileges:- to gain extra permissions for an activity

§  Ex:- In Unix, “setuid” attribute is used to modify the id of the current user as id of owner of the file ( until extra privileges turned off or program termination).