Professional Documents
Culture Documents
system design
Jasmine Sardana
215/UCD/012
Btech Cse – Data Science
Secure operating system design refers to the process of creating an
operating system (OS) that minimizes vulnerabilities and provides
robust protection mechanisms against various threats. This design
approach encompasses multiple layers of security features,
architectural considerations, and best practices to ensure the
confidentiality, integrity, and availability of system resources and
user data.
Encryption • Data Integrity: Encryption can also provide data integrity by making
sure that the encrypted data remains unchanged during transmission.
Any unauthorized changes to the encrypted information will render it
undecipherable or will fail integrity checks.
• Authentication: Encryption may be used as part of authentication
mechanisms to verify the identification of the communication party.
• Non-Repudiation: Through encryption, events can make sure that they
cannot deny their involvement in growing or sending a selected piece of
data.
Symmetric key encryption relies on mathematical functions to encrypt and
decrypt messages. The encryption is called “symmetric” because it uses a
single key for both encryption and decryption. In comparison,
asymmetric key encryption, also called public key cryptography, uses two
separate keys to encrypt and decrypt messages.
A key is a random string of binary digits or bits created specifically to
Symmetric scramble and unscramble data. A key’s length and randomness are factors
in determining a symmetric encryption algorithm’s strength. The longer
Key and more unpredictable a key is, the harder it is for attackers to break the
Encryption encryption by guessing the key.
A sender and their designated recipients have identical copies of the key,
which is kept secret to prevent outsiders from decrypting their messages.
The sender uses this key to encrypt their messages through an encryption
algorithm, called a cipher, which converts plaintext to ciphertext. The
designated recipients then use the same key to decrypt the messages by
converting the ciphertext back to plaintext. For those without the key, the
encrypted message would look like a series of random letters, numbers,
and special characters.
• Security: Symmetric key encryption is essentially unbreakable and
requires users to keep track of only one key. In fact, the US government
encrypts classified information with this method — specifically, the
aforementioned AES implementation The most secure AES cipher has a
256-bit key size. Even with supercomputers, an attacker trying to
brute force through the encryption will need millions of years to crack it.
• Speed: Symmetric key encryption is simple in that it requires only one
key of a relatively short length. As a result, it’s much faster to execute. It
does not place a huge burden on a server during encryption and
Advantages decryption, and can efficiently handle large amounts of data.
Asymmetric cryptography, also known as public key cryptography, is a
process that uses a pair of related keys -- one public key and one private key
-- to encrypt and decrypt a message and protect it from unauthorized access
or use.
A public key is a cryptographic key a person can use to encrypt a message
so it can only be decrypted by the intended recipient with their private key.
Asymmetric A private key -- also known as a secret key -- is shared only with the key's
initiator.
Key
When someone wants to send an encrypted message, they pull the intended
Encryption recipient's public key from a public directory and use it to encrypt the
message before sending it. The recipient of the message can decrypt the
message using their related private key.
If the sender encrypts the message using their private key, the
message can be decrypted only using that sender's public key, thus
authenticating the sender. These encryption and decryption
processes happen automatically; users do not need to physically
lock and unlock the message.
• Enhanced Security: Asymmetric encryption provides a higher level of
security compared to symmetric encryption where only one key is used for
both encryption and decryption while for asymmetric encryption a different
key is used for each process and the private key used for decryption is kept
secret by the receiver making, it harder for an attacker to intercept and
decrypt the data.
• Authentication: The receiver can verify the sender’s identity. This is
achieved by the sender encrypting a message with their private key which
can only be decrypted with their public key if the receiver can successfully
decrypt the message, it proves that it was sent by the sender who has the
Organizations typically use audit logs to track the following types of activity:
1. Administrative activity
This includes events like creating or deleting a user account, such as deleting a user from
your CRM tool (e.g., Salesforce).
4. System-wide changes
Audit logs from sources like AWS Cloudtrail may capture larger events occurring within a
Whereas in the past audit logging was more common in specific industries like
finance and insurance, it is now front and center for all types of companies with a
digital footprint. Across industries, audit logging can be used to achieve the following
important goals:
1. Troubleshooting system issues Audit logs contain detailed historical
information that can be used to reconstruct the timeline of a system outage or
incident. For instance, logs can help distinguish between operator error and
system error. Audit trails can also be used to remediate a problem, such as
potentially restoring a corrupted file to its original state by examining what
Benefits of changes were made to it.
Audit Logging 2. Reconstructing security breaches -When breaches occur, an audit trail can
help organizations find out how they happened. For example, if an employee
complains that their bank account information is incorrect in the payroll system,
HR staff can examine audit logs to determine who changed the account
information and when.
3. Recommending new security and audit procedures - Organizations can
enforce individual accountability and reduce the likelihood of security breaches
or fraudulent activity by reviewing audit logs and recommending new security
procedures.
4. Providing legal evidence - In legal proceedings, audit logs can provide proof of
validity of a specific event, such as an individual’s e-signature on a document.
Vulnerability management means detecting and addressing
vulnerabilities within the infrastructure of an organization. The process
involves constant surveillance of both software and hardware for
potential security weaknesses that could be exploited by threat actors.
Vulnerability management is not limited to scanning and identifying
weaknesses but also involves the crucial steps of risk assessment,
remediation, and ongoing monitoring to reduce the attack surface.
Vulnerability
management
1- Security Posture Assessment
Vulnerability management extends beyond the digital realm to assess
the organization’s overall security posture. It takes into account physical
security, human factors, and the entire IT ecosystem, providing holistic
insights into non-technical vulnerabilities as well as technical bugs to
make sure all grounds of security are covered!
2-Continuous Monitoring and Adaptive Response
Vulnerability management is an ongoing process that involves
Importance continuous monitoring of vulnerabilities and adjustments to security
strategies as new threats emerge. This adaptability ensures that
organizations can respond to emerging threats effectively and in due
time.
3- Risk-Based Prioritization
In vulnerability management, not only do we consider the severity of
the vulnerability but also the context within which it happened. This
approach allows organizations to address vulnerabilities that pose the
greatest risk to their operations and business continuity.
Patch management, on a much smaller scale, focuses on the
systematic process of acquiring, testing, and deploying patches and
updates to software, operating systems, and applications. These
Patch patches are provided by software vendors to address known
security vulnerabilities. The primary objective of this process is to
management eliminate known vulnerabilities and maintain the security and
stability of software and systems.
1- Risk Mitigation
According to NinjaOne reports, 57% of data breaches could have been successfully
averted if available patches were installed and systems were up-to-date! When you
regularly apply patches, you significantly reduce the window of opportunity for
cybercriminals to exploit security weaknesses and save your company thousands or even
millions of dollars that otherwise, you would have to spend on the aftermath of a data
breach
2- Compliance Adherence
Various data protection regulations demand that organizations maintain up-to-date
software to protect sensitive information. Not only does complying with such standards
and requirements help you avoid costly penalties but it also demonstrates your
commitment to data privacy, earning trust among your stakeholders.
Importance 3- Reputation Preservation
In the business world, they often call customer trust the single most important currency
that, once lost, can’t be compensated! No matter what services you provide and what
benefits your product offers, your reputation can make or break your reputation. One of
the factors that can stand in your way is ignoring patch management, which can result in
data breaches, making headlines, and damaging your brand’s trustworthiness.
4- Cost Savings
While patch management comes at little or no cost, the costs associated with addressing
security incidents and recovering from breaches can be exorbitantPatch management
reduces the financial burden by preventing these incidents in the first place. It’s a cost-
effective strategy that minimizes the need for emergency responses, legal actions, and
the loss of revenue that often follows a successful cyberattack.
Security Development Lifecycle (SDL): A structured approach to
software development, SDL integrates security considerations
throughout the entire software development lifecycle. Secure OS
designs adhere to SDL principles, incorporating security
requirements, threat modeling, code review, and security testing
into the development process to identify and mitigate security risks
early on.
Thankyou