OS: SECURITY & PROTECTION

OS: SECURITY & PROTECTION

Confidentiality:: Ensuring that information is not

accessed in an unauthorized manner (reading)
Integrity:: Ensuring that information is not amended
or deleted in an unauthorized manner (writing or
deleting)
Availability::Ensuring that information is available to
authorized users at right time.
SECURITY THREATS

Tapping
Disclosure
Amendment
Fabrication
Denial
Tapping: Unauthorized use of service
Disclosure: Unauthorized disclosure of information

AA B
B

X
Amendment: Unauthorized alteration or
deletion of information

AA B
B

X
Fabrication: Unauthorized fabrication of
information

AA B
B

X
Denial: Denial of service to authorized
user

AA B
B

X
 ATTACKS ON SECURITY

1) AUTHENTICATION
Guess or steal password
May find password by trial & error method
Dummy Log-in program
Can use unattended terminal
Vendor supplied password
2) BROWSING
Accessing confidential files by using internet.
 ATTACKS ON SECURITY CONT…
3) TRAP DOORS
START
READ
-
-
- Trap door
EDIT
-
-
-
-
Write Trap door
-
-
-
END
 ATTACKS ON SECURITY CONT…

4) LINE TAPPING
Tapping of communication line by using different
hardware & techniques. (Security threats)
5) ELECTRONIC DATA CAPTURE
 Wire taps
 Pick up the screen radiation
6) LOST LINE
7) IMPROPER ACCESS CONTROLS
Access controls are not properly planned
 ATTACKS ON SECURITY CONT…
8) WASTE RECOVERY
Deleted files can be recovered by penetrator.
9) ROGUE SOFTWARE
Variety of S/W programs like virus, worms can
create problems.
10) THE COVERT CHANNEL
Despite of restrictions, unauthorized data transfer
may still occur because of unprotected signaling
devices.
11) INVALID PARAMETERS
Security can be violated by passing invalid
parameters.
 COMPUTER WORM

 It is a full program , which is written in such a way

that it spreads to other computers over a network &
consumes the network recourses to a large extent.
 Generally it does not harm any other program or
data.
 It spreads & consumes large recourses such as
transmission capacity or disk storage.
 It generally operates on a network
 COMPUTER WORM

 SAFEGUARD AGAINST WORMS

1) Prevent its creation : Have very strong security &
protection policies & mechanisms
2) Prevent its spreading: Introduce various check
points in the communication system. Force the user
to ‘sanction’ the transfer of executable file over a
network.
 COMPUTER VIRUS

• A computer virus is written with clear

intension of infecting other programs.
• Virus can not & does not operate
independently.
• It causes direct harm to the system.
• Virus can corrupt the code as well as data.
 TYPES OF VIRUSES

1) Boot sector infectors

2) Memory resident infectors
3) File specific infectors
4) Command processor infectors
5) General purpose infectors
 INFECTION METHODS

1) Append
2) Replace
3) Insert
4) Delete
5) Redirect
 VIRUS
1) Virus Detection: Virus detection program checks
for the integrity of the binary files. They monitor
certain memory & I/O devices.
2) Virus Removal: These programs scans the disk
files for known virus patterns & removes them.
3) Virus Prevention: Buy official, legal copies of
software from reliable sources. Frequent Back
ups & running monitoring programs.