1 / 39

SECURITY AND THE OPERATING SYSTEM

SECURITY AND THE OPERATING SYSTEM. Y. Colette Lemard. Sept 2013. Security and the O/S. One of the roles of the operating system is to enforce security. Security and the O/S. In this presentation we will look at some of the mechanisms used by the operating system to enforce/manage security.

keith
Download Presentation

SECURITY AND THE OPERATING SYSTEM

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURITY AND THE OPERATING SYSTEM Y. Colette Lemard Sept 2013

  2. Security and the O/S One of the roles of the operating system is to enforce security

  3. Security and the O/S In this presentation we will look at some of the mechanisms used by the operating system to enforce/manage security

  4. Security and the O/S The Use of Passwords

  5. Security and the O/S An operating system has mechanisms for verifying that persons attempting to sign on to a computer are authorized to do so.

  6. Security and the O/S This is called ‘authenticating’ the users

  7. Security and the O/S Computer users need to identify themselves for the purposes of - • accounting, • security, • keeping logs and • resource management.

  8. Security and the O/S Each user is set up with an account

  9. Security and the O/S Each account has a • username / login name and • a password

  10. Security and the O/S Once the person is signed in the o/s uses a code (a number) called a user id to identify that user.

  11. Security and the O/S One’s user name is normally not a secret as both the system and other users use it to identify you.

  12. Security and the O/S A password should always be a secret, however.

  13. Security and the O/S A password is a string of characters, that is entered, often along with a username, into a computer system to log in to/gain access to the resources in that system.

  14. Security and the O/S Passwords are usually determined by the users themselves and can be classified as weak, medium or strong.

  15. Security and the O/S A strong password has the following characteristics – • It is long – more than 10 characters is good • It contains letters, numbers and special characters • It contains both upper and lower case letters

  16. Security and the O/S Some systems allow the use of a space in a password; this kind of password is called a pass phrase

  17. Security and the O/S - Lockwords Lockwords

  18. Security and the O/S - Lockwords A lockword is a password to a file or a folder. Lockwords are also used for screensavers

  19. Security and the O/S Access Control Lists

  20. Security and the O/S Managing security is not just about allowing a user to access a computer or not. It is also about controlling what the user is allowed to do after they have signed in.

  21. Security and the O/S An Access Control List is a table that the operating system keeps, which records what each user is allowed to do once they have signed in

  22. Security and the O/S An ACL says what access rights (permissions) the user has to particular files and folders

  23. Security and the O/S Access rights can be set at the file level or the folder(directory) level.

  24. Security and the O/S The 3 most common access rights are-

  25. Security and the O/S • Read (can read a file or can read the names of the files in the directory)

  26. Security and the O/S • Write (can modify a file or can modify entries in a directory i.e. create, delete, rename)

  27. Security and the O/S • Execute (can run an executable file i.e. a program)

  28. Security and the O/S Encryption

  29. Security and the O/S Encryption is the use of mathematical algorithms to translate data into secret codes.

  30. Security and the O/S Unencrypted data is called plain text Encrypted data is called cipher text.

  31. Security and the O/S To read an encrypted file you must have access to a secret key or password that enables you to decrypt it.

  32. Security and the O/S Decryption is the process of converting encrypted data to plain text, so that it can be read and understood.

  33. Security and the O/S Encryption is the most effective way to achieve data security

  34. Security and the O/S Activity Logs

  35. Security and the O/S These serve as an audit trail of every function or file that has been altered and every program which has been invoked.

  36. Security and the O/S Activity Logs can be viewed by the system administrator

  37. Security and the O/S Activity Logs can also sometimes be used to reverse dangerous changes to the system.

  38. Security and the O/S - Summary The O/S’ security measures include • Passwords • Lockwords • Access control indicators • Encryption • Logs

  39. Security and the O/S - Summary ~~The End ~~

More Related