Upload
jollusudarshanreddy
View
164
Download
1
Embed Size (px)
Citation preview
Operating systemA system having basic kernel functions of process and memory management ,file, i/o device and network management functions and many other functions.
Protection of memory and resources from any unauthorized into the PCB or resource ,or mix up of access of one by another becomes imperative.
Introduction to OS security issues
The OS security issue is a critical issue.
Each process determines whether it has a control of a system resoure exclusively or whether it is isolated from the other processes or whether it shares a resource common to a set of processes.
The OS then configures when a resource is isolated from from one process and a resource is shared with a defined with a define set of processes.
The OS should also have the flexibility to change this configuration when needed, to full fill the requirements all the process.
For example, a process has 32 memory blocks at an instance and the OS configures the system accordingly.
The OS should provide protection mechanism and implement a system administration(s) –defined security policy.
An application software programmer can find a hole in the protection mechanism and an unauthorized access.
Important security issues Protection mechanism
Flexibility to of change.
Control resource sharing
Confinement mechanism
Security policy (strategy).
Authentication mechanism.
Authorization.
Encryption
Protection Mechanism
OS should provide protection mechanisms
and implement a system administrator (s)
defined security
Flexibility to of change when needed to fulfill the need
requirements of all the processes.
For example, a process has control of 32
memory blocks at an instance and the OS
configured the system accordingly. t
Later when more processes are created, this
can be reconfigured.
Controlled resource sharing Controlling read and write of the resources
and parameters by user processes.
For example, some resources write only for
a process and some read only for a set of
processes
Another example, memory buffer to which
one process writes at an instant till that
buffer is emptied by other process
Confinement Mechanism Mechanism that restricts sharing of
parameters to a set of processes only .
Security Policy (Strategy) Rules for authorizing access to the OS,
system and information.
A policy example is that a communication
system may having a policy of peer-to-peer
communication (connection establishment preceding the data packets flow).
Authentication Mechanism External authentication mechanism for the user
and a mechanism meant to prevent an
application run unless the user registers and the
system administrator (software) authorizes
Internal authentication for the process, and the
process should not appear (impersonate) as some
like other processes.
User authentication can become difficult if the
user disseminates password passwords or other
authentication methods
Authorization User or process (s) allowed to use the
system resources as per the security policy
Encryption A tool to change information to make it
unusable by any other user or process unless
without the appropriate key is used for
deciphering it.
CONCLUSION
OS security issues are important
considerations.
Protection of memory and resources from
any unauthorized and without explicit
authorization write into the PCB or
resource
Mix up of accesses of one by
another, becomes imperative from an OS
security and protection mechanism