system security

Security refers to providing a protection

system to computer system resources such
as CPU, memory, disk, software programs
and most importantly data/information
stored in the computer system.
Security
If a computer program is run by an
unauthorized user, then he/she may cause
severe damage to computer or data stored
in it.
 Authentication

Policies and One Time passwords

mechanism of
system security Program Threats

System Threats
 Authentication One Time passwords Program Threats System Threats
• Authentication • One-time • Operating system's • System threats
refers to passwords provide processes and refers to misuse of
identifying each additional security kernel do the system services
user of the system along with normal designated task as and network
and associating authentication. instructed. If a connections to put
the executing • In One-Time user program user in trouble.
programs with Password system, made these • System threats can
those users a unique password process do be used to launch
is required every malicious tasks, program threats
time user tries to then it is known as on a complete
login into the Program Threats. network called as
system. program attack.
 Protection refers to a mechanism
which controls the access of programs,
processes, or users to the resources
defined by a computer system.

System
protection
Need of Protection:
To ensure that each active
To prevent the access of programs or processes in To improve reliability by
unauthorized users the system uses resources detecting latent errors.
only as the stated policy,
Models of protection

• Protection models represent the protected objects in a system,

how users or subjects (their proxies in the computer system)
may request access to them, how access decisions are made,
and how the rules governing access decisions may be altered.

• The access matrix model is the primary example of a protection

model.
 In Memory protection, we have to protect the operating
system from user processes and which can be done by
using a relocation register with a limit register.

Here, the relocation register has the value of the

smallest physical address whereas the limit register has
the range of the logical addresses.
Memory
protection These two registers have some conditions like each
logical address must be less than the limit register.

The memory management unit is used to translate the

logical address with the value in the relocation register
dynamically after which the translated (or mapped)
address is then sent to memory.
 Memory
protection
 Encryption
Encryption is a method of securing data by scrambling the bits of a computer's
files so that they become illegible. The only method of reading the encrypted files
is by decrypting them with a key; the key is unlocked with a password.

Types of Encryption

There are two types of encryptions schemes as listed below:

Symmetric Key encryption Public Key encryption

 • Symmetric key encryption algorithm uses
same cryptographic keys for both encryption
Symmetric and decryption of cipher text.
Key
encryption
 • Public key encryption algorithm uses pair of
keys, one of which is a secret key and one of
which is public.
Public Key • These two keys are mathematically linked with
each other.
encryption
 Recovery Management is the process of
planning, testing, and implementing the
recovery procedures and standards
required to restore service in the event
of a component failure;

Recovery
Management either by returning the component to
normal operation, or taking alternative
actions to restore service