System protection in the operating systems- Zoefact
by Ridzi Arora Article WriterSystem protection in the operating systems (OS) actually
refers to a mechanism that restricts the access of the resources specified by a
computer system to programs, processes, or users. It requires the security of
computer resources such as Processor, software, memory, etc. As a helper to
multiprogramming operating system, users should take security, so that several
users can safely share a common logical namespace such as directory or data
(file). Security and protection can be achieved by maintaining honesty,
confidentiality, and availability in the operating system (OS). It is important
to protect the device from unauthorized access, viruses, worms, etc.
· To
prevent access of unauthorized users and
· To
ensure that resources are used only as specified policy by each active program
or mechanism in the scheme,
· To
improve reliability by detecting latent errors.
Note that only the frameworks for implementing policies
and maintaining stable systems are supported by security systems. It’s up to
administrators and users to successfully enforce such processes.
The function of security is to provide a mechanism that
implements policies that determine the computer system’s use of resources. At
the time of system creation, some policies are defined, some are designed by
system management and some are defined by system users to protect their own
files and programs. A threat is a program that is malicious in nature and
causes the device to experience adverse effects. Some of the prevalent
threats that happen in a system are –
Virus:
Small fragments of code inserted in a device are common viruses. They are very
risky and can corrupt data, delete information, crash systems, etc. By
replicating themselves as needed, they can also spread further.
Trojan
Horse: A Trojan horse is able to secretly access a system’s
login data. These can then be used by a malicious user to access the system as
a harmless being and wreak havoc.
Trap
Door: A trap door is a violation of security that may be
present in a device without the users’ knowledge. It can be abused by malicious
people to damage the data or files in a system.
Worm:
Through using its resources to extreme levels, a worm will kill a machine. It
can create several copies that assert all resources and do not enable them to
be accessed by any other processes. In this way, a worm can shut down a whole
network.
Denial
of Service: These kinds (types) of attacks do not cause
a device to be accessed by legitimate users. It overwhelms the device with
requests so that it is overloaded and other users cannot operate properly.
Each application has different resource use policies and
they can change over time, so device security is not just a concern of the
operating system (OS) designer. The security mechanism should also be developed
by the application programmer to protect their device from misuse. The concept
of least
privilege dictates that only enough rights are provided to programs, users,
and systems to perform their tasks. It means that errors do the least amount of
damage and cause the least damage to be done.
Each user is typically granted their own account and only
has ample rights to edit their own files. The root account should not be used
for regular day-to-day activities; the system administrator should still have
an ordinary account, and the root account should be reserved for tasks that
require root privileges only. The policy is distinct from mechanism; processes
decide how to do something and policies determine what to do. Over time and
location to place, policies are changed. For the flexibility of the system, the
separation of mechanism and policy is essential.
The various techniques that can provide protection and
security for various computer systems are –
Authentication: It
deals with defining every consumer in the system and ensuring that they are who
they claim to be. The operating system ensures that before they enter the
system, all the users are authenticated.
One
Time Password: For authentication purposes, these passwords
provide a lot of protection. Any time a user wants to access the system, a
one-time password can be created exclusively for a login. It is not possible to
use it more than once.
It is possible to interpret a machine as a set of
processes and objects. The need to know principle states that only those
objects that it requires to accomplish its mission should be available to a
process and furthermore only in the modes for which it needs access and only
during the time frame when it needs access.
Sponsor Ads
Created on Mar 24th 2021 02:14. Viewed 386 times.