security management in an operating system

-

security management in an operating system

security-management


Components of Security:

All of the latest operating systems have to provide the security mechanism to protect the resources against potential security threats. The major components of security are as follows:
  • User Authentication
  • Prevention 
  • Detected
  • Identification 
  • Correction 

Password Vulnerability:

Vulnerability means weakness or drawback. Although password protection is easy to implement it has problems too. It does not provide complete security. The major problems are as follows:
  • It can be stored through a guess or secret observation There are two ways to guess a password.

An Intruder:

It may be a human or a program, which tries to guess the password of a specific user by entering information about the user such as names of his children, wife, departments, friends, his favorite hobbies or fruits, birds, animal,s, etc.

Brute Force:

Using this way, the password is guessed by trying all combinations of valid password characters, until the password is found. Usually, it is done using a program.
A user can forget his/her password. For example, a file protected with a password cannot be accessed if its user has forgotten the password. 
The password may be disclosed from authorized users to unauthorized users, willingly or unwillingly.
A password can also be stolen by watching the keyboard as a enters the password.

Precautions for Password:

The following precautions should be considered about a password:
  1. Commonly used words or dictionary words should not be used as passwords.
  2. The password should be changed frequently (at least after one month) so that it may not be guessed easily by others.
  3. Abandoned or old password (or close to it) should not be used again.
  4. The password should be a combination of letters (lower case and upper case) and digit or special characters.
  5. Password should not be too short, but memorable. It should contain at least eight characters.

Encrypted Password:

Encrypted means encoded. The encrypted password is like an ordinary password, but the assigned password is encoded and stored inside the system. When the user enters the password, it is directly encoded and then compared to the stored encoded password inside the system. Encrypted provide more security than a simple password.
Encoding is mostly performed through the system. The user gives the password only in the ordinary form. However, the encrypted password has also some problems.

 For example:

An encrypted password stored in a file in the system may be illegal accessed by an unauthorized user through different tools (program).

One-Time Password:

Some computer systems require the user to change their passwords regularly, so that if a password is leaked out, the system may not be accessed. The most common method to implement this approach is the one-time password. In this approach, the user gets a list of passwords. Each time a user logs in, a different password is used from the list. The new password may also be calculated using some functions. If a password is stolen by someone, then he cannot reuse the password to access the system because the password can be used only for one time, and next time a different password must be used.

Using Smart Cards:

A smart card looks like a credit card. The mobile SIM and an ATM card are examples of smart cards. Smart card systems require the smart card and password or passcode (or Pin code). The user inserts the card into the input until the system and enters the password to access the system. The system verifies the authenticity of the user through the smart card and password. If the card and password are correct, then the user is allowed to access the system. An attacker must obtain both the card and passcode to access the system. For example, to draw money from banks using an ATM card, er must insert an ATM card into the ATM installed in a bank and then enter the passcode or pain code. If the correct card and passcode are supplied to ATM, then we can draw the money. We can also change the passcode of an ATM card through an ATM machine.

Biometrics:

  • Passwords and smart cards cannot identify the actual person who is logging on to the computer system. These can be leaked out or stolen: therefore, they are not completely secure methods to block illegal access.
  • Alternatively, some systems are using biometrics or physical authentication characteristics of users such as fingerprint, voiceprint, face, and signatures These methods are considered the most powerful and advanced security approaches. The most important methods of biometrics are fingerprint and voiceprint readers.
  • Some smart cards are normally used for the implementation of a physical authentication scheme. For example, a fingerprint is permanently stored on the smart card. Whenever a user wants to log in, he/she is required to insert his/her card into a card reader. He/she is also required to scan his fingerprints. Now if the saved fingerprint on the card and his/her actual fingerprints match with each other, he/she is given access otherwise access is defined.

PREVENTION:     

  • The basic purpose of a security system is to prevent the system from illegal access. Following are some mostly used ways for preventing a system from illegal access:
  • The password should be changed periodically.
  • Some strong encryption algorithms should be used so that if anyone gets access to the data, he/she should not be able to make any sense out of it.
  • The password should be used after a series of quality checks.
  • The system entry points should be reduced.

CORRECTION:

  • If an unauthorized user or intruder of a system and damaged some important data, then it becomes necessary to take corrective actions.
  • It is better to change the entry's security information. All users are required to change their password.
  • We should take a backup of the data regularly, so that system can be rolled back to its previous state.
  • Documentation of important information and software should be maintained and updated regularly. 

Comments

Post a Comment

Popular posts from this blog

Modern scenario of information technology:

-
Image
The modern scenario of information technology: Introduction: Information technology (IT) is the technology that merges the computing network system with high-speed communication links carrying any kind of data in the form of text, sound, images. and videos etc. Information can be defined as the facts and figures about anything that can transfer data of any kind. i.e. The know-how about any object of the universe that exists and plays its role in any network computer system. The system is any identified and known work that accepts data/information into itself, manipulates in the shape of certain output(s), and delivery so that it becomes useful and meaningful. Modern Scenario The modern impact of computer system Information Technology has broadened the base of comput ing and communication through satellite, fiber-optic, mobile phones. Thus enhancing the implications of this shift from single isolated technologies to a unified digital convergence and enabling the computer users to experi
Read more

Deadlock Questions and Answers pdf

-
Image
Deadlock Questions and Answers pdf Define a deadlock? A process is said to be in a state of deadlock if it is waiting for a particular event (e.g. allocation of resources) that will never occur. Name four necessary conditions for Deadlock? Mutual Exclusion  Hold-and-Wait No Preempting  Circular Wait Describe the Mutual Exclusion condition for deadlock? Mutual exclusion condition indicates the locking of resources in exclusive mode, also known as a non-shareable mode. Each resource may be allocated to only one process at a time. If another process needs to use that resources, then the requesting process must wait until the resources have been released. What is the Hold-and Wait condition for deadlock? In a deadlock, each involved process holds one or more resources and waits for additional resources, which are currently being held by other processes in the system. It means that a deadlock may occur only if every involved process holds one or more resources and further needs additional r
Read more

What is the bus interconnection?

-
Image
 What is the bus interconnection? Introduction: We know that a computer consists of a CPU, Main Memory MM, and I/O unit. For data to flow between these components we need some kind of interconnections, which is another very important component of the overall computer architecture. These components are interconnected by using a set of parallel lines to transmit the data from one location to another. Each of these lines can be used to transfer a sequence of bits from one component to the other component for data transfer. Definition: Each of these lines can be used to transfer a sequence of bits for communication from one component of the computer to the other component. This set of parallel lines is called a BUS. The system interconnection is used to communicate channel. System Bus: The bus used to connect the main components of a computer to the other component is called the system bus. Generally, the purpose of computers has a 70-100 line system bus.  The system bus is divided into th
Read more