Professional Documents
Culture Documents
OS Features .......................................................................................................... 5
OS Functionalities ................................................................................................ 5
OS Security ............................................................................................................ 10
OS Threats.............................................................................................................. 15
Malware .............................................................................................................. 15
Network Intrusion............................................................................................... 15
Authentication .................................................................................................... 16
Firewalls ............................................................................................................. 17
PAGE 1
OS Security Policies and Procedures ..................................................................... 18
OS Reliability......................................................................................................... 19
Reliability Metrics.................................................................................................. 20
Conclusion ............................................................................................................. 22
References .............................................................................................................. 24
PAGE 2
Introduction
The operating system (OS), in simple terms, is the brain of the computer and is
responsible for regulating all interactions between hardware and end-users. The OS
is necessary in any smart environment nowadays and without it, a computer would
be useless metal scraps. The operating system is known as the communication link
between a computer's hardware and its user by textbook definition. The hardware is
given a number of programming instructions that make up the operating system,
which are used to run and operate the entirety of the computer. The kernel is the
fundamental operating system programming instruction. Central processing units,
circuit boards, monitors, keyboards, mice, and other disc drivers are some examples
of computer hardware that are programmed to be run using said OS. There are many
different types of operating systems, including desktop, mobile, server-based, and
embedded operating systems. Some of the most commonly used operating systems
and well known in the market are: Windows OS, Linux/UNIX OS, Mac OS,
Windows Server OS and Linux Server OS. (Marufuzzaman, 2019)
1. User
2. System and application programs
3. Operating system
4. Hardware
PAGE 3
Every general-purpose computer consists of hardware, an operating system(s),
system programs, and application programs. The hardware consists of memory,
CPU, ALU, I/O devices, peripheral devices, and storage devices. The system
program consists of compilers, loaders, editors, OS, etc. The application program
consists of business programs and database programs.
The figure above is a conceptual model of any computer system. To run other
programs, every computer has to have an operating system. The operating system
organizes how the many system programs and application programs for different
users utilize the hardware. It merely offers a setting for other programs to function
well.
PAGE 4
OS is made to accomplish two primary goals:
1. It controls the allocation and use of the computing System’s resources among
the various user and tasks.
2. It provides an interface between the computer hardware and the programmer
that simplifies and makes it feasible for coding and debugging of application
programs.
OS FEATURES
OS FUNCTIONALITIES
PAGE 5
Storage Management: The file system mechanism used for the management of
the storage. NIFS, CFS, CIFS, NFS, etc. are some file systems. All the data is
stored in various tracks of Hard disks that are all managed by the storage manager.
It included Hard Disk.
1. Provides the facilities to create and modify of programs and data files using
an editor.
2. Access to the compiler for translating the user program from high-level
language to machine language.
3. Provide a loader program to move the compiled program code to the
computer’s memory for execution.
4. Provide routines that handle the details of I/O programming.
I/O System Management: The module that keeps track of the status of devices is
called the I/O traffic controller. Each I/O device has a device handler that resides
in a separate process associated with that device.
PAGE 6
The I/O subsystem consists of:
Compiler and Interpreter: The High-level languages- examples are C, C++, Java,
Python etc. (around 300+ famous high level languages) are processed by
compilers and interpreters. A compiler is a program that accepts a source program
in a “high-level language “and produces machine code in one go. Some of the
compiled languages are FORTRAN, COBOL, C, C++, Rust and Go.
An interpreter is a program that does the same thing but converts high-level code
to machine code line-by-line and not all at once. Example of interpreted languages
are Python, Perl and Ruby.
PAGE 7
Loader: A Loader is a routine that loads an object program and prepares it for
execution. There are various loading schemes: absolute, relocating, and direct-
linking. In general, the loader must load, relocate and link the object program. The
loader is a program that places programs into memory and prepares them for
execution. In a simple loading scheme, the assembler outputs the machine
language translation of a program on a secondary device and a loader places it in
the core. The loader places into memory the machine language version of the
user’s program and transfers control to it. Since the loader program is much
smaller than the assembler, those make more core available to the user’s program.
OS DESIGN PROCESS
PAGE 8
Performance and Reliability: How well and smoothly a system performs
and how reliable it is in critical circumstances are a must when designing any
OS. They are often degraded and have an inverse relationship with
maintaining a decent operating system design. For example, to ensure
performance and reliability, it can often degrade how clean looking a GUI is
made and vice versa. The more futuristic and sleek it looks, the slower it
could perform and not be as reliable since maintenance could be trickier.
Nevertheless, an OS should have both strong performance and great
reliability/dependability at whatever cost.
Security: One of the most essential operating system design considerations
that can never be compromised is security. The need to protect data from
outside interference has increased along with workloads and data flow across
devices. The operating system must guarantee this security. In addition, a
number of operating systems have been developed in response to the
development of the internet of things (IoT). Energy efficiency and memory
management are two of these operating systems' top priorities.
(Marufuzzaman, 2019)
PAGE 9
OS Security
Operating system security is the manner of guaranteeing OS accessibility,
confidentiality, integrity and authenticity. This entails the actions or precautions
used to safeguard the operating system from threats including viruses, worms,
malware, and remote hacker intrusions are referred to as OS security. Operating
system security refers to all preventive measures taken to safeguard any system
assets that might be taken, altered, or deleted if OS security were to be
compromised. Two infractions can put system security at danger, and they are as
follows:
Security lapses and breaches normally classify under two main umbrellas:
Malicious and Accidental. Malicious and unintentional security breaches both
have the potential to cause harm to the system. A damaging computer program or
web script known as a malicious threat is intended to make system vulnerabilities
that open back doors and security gaps. Accidental Threats, on the other hand, are
considerably simpler to defend against.
PAGE 10
Some of the most common examples of security breaches that pose threads include
but are not limited to:
PAGE 11
Computer Security Classifications
There are four security classes for computer systems, according to the U.S.
Department of Defense's Trusted Computer System's Evaluation Criteria: A, B, C,
and D. These requirements are frequently used to assess and simulate the security
of systems and security measures. The succinct summary of each classification is
provided below:
(DoD, 1985)
PAGE 12
Classifications of Threats
SYSTEM THREATS
System threats are actions that employ network connections and system functions
improperly to harm users. Software attacks, often referred to as system attacks, can
be used to launch program threats over the entire network. System threats foster an
atmosphere where user files and operating system resources are misused. Some
common system threats include but are not limited to:
PAGE 13
PROGRAM THREATS
Trojan Horse − Such program traps user login credentials and stores them to
send to malicious users.
Trap Door – It find a security hole in a program’s code and performs illegal
action without knowledge of user.
Logic Bomb − it is a situation when a program misbehaves only when certain
conditions met otherwise it works as a genuine program making it harder to
detect.
Virus − Virus as name suggest can replicate themselves on computer system.
They are highly dangerous and can modify/delete user files, crash systems.
(Operating Systems Security Basics , n.d.)
PAGE 14
OS Threats
MALWARE
It contains viruses, worms, Trojan horses, and other dangerous software. These are
generally short code snippets that may corrupt files, delete the data, replicate to
propagate further, and even crash a system. The malware frequently goes unnoticed
by the victim user while criminals silently extract important data.
NETWORK INTRUSION
BUFFER OVERFLOW
It is also known as buffer overrun. It is the most common and dangerous security
issue of the operating system. It is defined as a condition at an interface under which
more input may be placed into a buffer and a data holding area than the allotted
capacity, and it may overwrite other information. Attackers use such a situation to
crash a system or insert specially created malware that allows them to take control
of the system.
PAGE 15
Methods to ensure OS Security
AUTHENTICATION
The process of identifying every system user and associating the programs
executing with those users is known as authentication. The operating system is
responsible for implementing a security system that ensures the authenticity of a
user who is executing a specific program. In general, operating systems identify and
authenticate users in three ways:
3. User card and Key: To login into the system, the user must punch a card into a
card slot or enter a key produced by a key generator into an option provided by the
operating system.
PAGE 16
One-time passwords may be implemented in several ways:
1. Secret Key: The user is given a hardware device that can generate a secret id that
is linked to the user's id. The system prompts for such a secret id, which must be
generated each time you log in.
2. Random numbers: Users are given cards that have alphabets and numbers printed
on them. The system requests numbers that correspond to a few alphabets chosen at
random.
FIREWALLS
Firewalls are essential for monitoring all incoming and outgoing traffic. It imposes
local security, defining the traffic that may travel through it. Firewalls are an
efficient way of protecting network systems or local systems from any network-
based security threat.
PHYSICAL SECURITY
PAGE 17
OS Security Policies and Procedures
Various operating system security policies may be implemented based on the
organization that you are working in. In general, an OS security policy is a document
that specifies the procedures for ensuring that the operating system maintains a
specific level of integrity, confidentiality, and availability.
OS Security protects systems and data from worms, malware, threats, ransomware,
backdoor intrusions, viruses, etc. Security policies handle all preventative activities
and procedures to ensure an operating system's protection, including steal, edited,
and deleted data.
As OS security policies and procedures cover a large area, there are various
techniques to addressing them. Some of them are as follows:
OS security policies and procedures are developed and implemented to ensure that
you must first determine which assets, systems, hardware, and date are the most
vital to your organization. Once that is completed, a policy can be developed to
secure and safeguard them properly.
PAGE 18
OS Reliability
Reliability as a whole refers to the capability of computer hardware or software to
perform as user expectancy in a consistent manner throughout a specified system
lifetime, without the occurrence of errors or erratic behavior. Reliability can be
jeopardized by a failure (the system no longer satisfies its design criteria), an error
(an intrinsic weakness in the system that causes inaccurate results), a fault (erratic
or mistaken behavior produced by a system state that designers failed to anticipate),
or human error. Safety and reliability must be distinguished from one another; a
system that is safe to use but has a risk associated with it (a situation where an
accident could happen) and for which no backup plans, no matter how unlikely, are
in place, is still unsafe. Additionally, availability should be distinguished from
reliability. Chemical plant engineers in Bhopal, India, turned off plant safety
mechanisms to improve the availability of processing systems, which resulted to a
tragic death toll. (Spencer, 2019)
PAGE 19
Reliability Metrics
The reliability of a software product is expressed quantitatively using reliability
metrics. Depending on the system type to which it pertains & the demands of the
application domain, one can choose which metric to utilize.
MTTF: it is as the time interval between the two successive failures. It’s
suitable for computer-aided design systems where work will proceed for
several hours.
MTTR: Once failure occurs, some-time is required to fix the error. MTTR
measures the average time it takes to track the errors causing the failure and
to fix them.
MTBF: We can merge MTTF & MTTR metrics to get the MTBF metric.
Therefore, it could be calculated as follows: MTBF = MTTF + MTTR
PAGE 20
ROCOF: it is the frequency of occurrence with which unexpected role is
likely to appear. It is also referred to as the failure intensity metric.
POFOD: it is described as the probability that the system will fail when a
service is requested and is relevant where services are demanded
occasionally.
AVAIL: Availability is the probability that the system is applicable for use
at a given time. It takes into account the repair time & the restart time for the
system.
PAGE 21
Conclusion
To conclude, after finalizing the aforementioned documentation one would be able
to attain the following added value:
The OS is the heart and soul of any computer device and therefore its security
and reliability are key factors to ensure it is up and running successfully
without any interruptions, intrusions or malfunctions.
Reliability of the OS varies according to how powerful the hardware is, how
responsive the system is and what exactly is the OS needed for in order to
run the desired programs.
OS Security measures are highly important in order to ensure safety of
information and prevent the misuse of it no matter how sensitive the
information may be; security should guarantee that even the most basic of
facts is kept safe and sound.
The document initially describes in a brief manner what is the OS and what are the
main types, features, specifications, etc. Then it dives into what is Security,
Reliability, what OS Security and Reliability are in full depth.
Regarding Security, the research paper covers what is meant by security, what are
threats and attacks an OS can face and what measures a user can take to prevent
them.
PAGE 22
Operating system security is the manner of guaranteeing OS accessibility,
confidentiality, integrity and authenticity. Security measures are meant to cover two
main divisions: threats and attacks.
To avoid such security issues there are some methods to ensure OS security is top
notch and they are summarized as:
Authentication
OTP
Firewalls
Physical Security
Policies and Procedures
MTTF
MTTR
MTBF
ROCOF
POFOD
AVAIL
PAGE 23
References
DoD, D. C. (1985, December 26). The Orange Book. Bedford, United States of
America. Retrieved from
https://csrc.nist.gov/csrc/media/publications/conference-
paper/1998/10/08/proceedings-of-the-21st-nissc-1998/documents/early-cs-
papers/dod85.pdf
Introduction to OS. (2023, March 23). Retrieved from Geeks for Geeks:
https://www.geeksforgeeks.org/introduction-of-operating-system-set-1/
PAGE 24