Operating System Protection and Security (Unit V), Lecture notes of Operating Systems

This unit explains the concepts of protection and security in operating systems. Protection ensures that only authorized users and processes can access system resources such as memory, files, CPU, and I/O devices. It covers the goals and principles of protection, domains of protection, access matrix, Access Control Lists (ACLs), capability lists, and different access control models like DAC, MAC, and RBAC. The unit also discusses revocation of access rights and capability-based systems. The security section focuses on protecting systems from unauthorized access and cyber threats. It covers common program threats such as viruses, worms, Trojan horses, logic bombs, buffer overflow attacks, and ransomware, along with system and network threats like Denial of Service (DoS), IP spoofing, session hijacking, and Man-in-the-Middle (MITM) attacks.

Typology: Lecture notes

2025/2026

Available from 06/26/2026

shay-75
shay-75 🇮🇳

6 documents

1 / 16

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
UNIT-V
Protection
Definition:
Protection in an OS refers to the mechanisms and policies that
ensure controlled access to system resources, such as memory, CPU,
files, and I/O devices. It ensures that only authorized processes or users
can access or modify resources, and prevents accidental or malicious
interference.
Protection is a subset of security focused specifically on correct and
safe usage of resources, while security also covers threats from external
sources.
Goals of Protection
The goals define what the OS aims to achieve through protection
mechanisms:
1. Prevent Unauthorized Access
oEnsure that only authorized users or processes can access
specific system resources.
oExample: Only an admin can modify system configuration files.
2. Ensure Data Integrity
oProtect data from being corrupted, altered, or deleted by
unauthorized or faulty processes.
oExample: A text editor should not allow one user’s process to
overwrite another user’s files.
3. Resource Isolation
oEach process should operate in its own private memory and
resource space to prevent interference.
oExample: Process A crashing should not affect Process B.
4. Accountability and Auditing
oTrack who accessed what resources and when, enabling
accountability.
1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download Operating System Protection and Security (Unit V) and more Lecture notes Operating Systems in PDF only on Docsity!

UNIT-V

Protection

Definition: Protection in an OS refers to the mechanisms and policies that ensure controlled access to system resources , such as memory, CPU, files, and I/O devices. It ensures that only authorized processes or users can access or modify resources, and prevents accidental or malicious interference. Protection is a subset of security focused specifically on correct and safe usage of resources , while security also covers threats from external sources.

Goals of Protection

The goals define what the OS aims to achieve through protection mechanisms:

  1. Prevent Unauthorized Access o Ensure that only authorized users or processes can access specific system resources. o Example: Only an admin can modify system configuration files.
  2. Ensure Data Integrity o Protect data from being corrupted, altered, or deleted by unauthorized or faulty processes. o Example: A text editor should not allow one user’s process to overwrite another user’s files.
  3. Resource Isolation o Each process should operate in its own private memory and resource space to prevent interference. o Example: Process A crashing should not affect Process B.
  4. Accountability and Auditing o Track who accessed what resources and when , enabling accountability.

o Example: Logging file access events for audit purposes.

  1. Availability o Ensure that critical resources are available to authorized users when needed. o Example: Prevent denial-of-service attacks that monopolize CPU or memory.
  2. Support for Controlled Sharing o Allow controlled sharing of resources among multiple processes without compromising security. o Example: Shared printer access with appropriate permissions.

Principles of Protection

Protection principles guide the design of mechanisms to achieve the above goals:

  1. Least Privilege o Each process or user should have only the minimum privileges needed to perform its task. o Example: A user running a word processor should not have permission to modify system files.
  2. Separation of Privileges o Important actions should require multiple permissions or checks to prevent misuse. o Example: A financial transaction might require both a manager and a user approval.
  3. Defense in Depth o Multiple layers of protection are applied, so if one layer fails, others provide backup.
  1. Single-domain systems – Only one domain exists; all processes share the same privileges.
  2. Multiple-domain systems – Each process operates in a specific domain with its own set of access rights.

Access Matrix

Definition: The Access Matrix is a conceptual table used to represent the access rights of subjects (users or processes) to objects (files, devices, or resources) in the system.  Structure: o Rows: Represent domains or subjects (users/processes). o Columns: Represent objects (files, devices, resources). o Cells: Contain access rights (e.g., read, write, execute) of the subject over the object.  Example of Access Matrix: This table shows who can access what and with what rights. Domain / Object File1 File2 Printer Databas e Domain A (User A) Read/ Write Read No Access Read Domain B (User B) No Access Read/ Write Print Read/ Write Domain C (User C) Read No Access Print No Access

Implementation of Access Matrix

Since storing the full matrix can be inefficient (large systems have many subjects and objects), OS typically uses two main implementation strategies : a) Access Control Lists (ACLs)Definition: Each object stores a list of subjects and their allowed operations.  Structure: o Object → List of subjects with access rights.  Example: o File1: User A (Read/Write), User C (Read) o Printer: User B (Print), User C (Print)  Advantages: o Easy to check who can access an object.  Disadvantages: o Harder to list all objects a user can access. b) Capability ListsDefinition: Each subject stores a list of objects it can access and the permitted operations.  Structure: o Subject → List of objects with access rights.  Example: o User A: File1 (Read/Write), File2 (Read), Database (Read) o User B: File2 (Read/Write), Printer (Print), Database (Read/Write)  Advantages: o Easy to check what a subject can access.  Disadvantages:

o Access decisions are made based on predefined rules or conditions. o Example: Firewall rules allowing or blocking network traffic.

Revocation of Access Rights

Definition: Revocation is the process of removing previously granted access rights from a user or process. Reasons for Revocation:  User leaves the organization.  Role or responsibility of a user changes.  Security breach or policy update. Types of Revocation:

  1. Immediate Revocation: o Access rights are revoked instantly when conditions change. o Example: Admin revokes a user’s login access immediately.
  2. Deferred Revocation: o Access rights are revoked after a certain condition or time. o Example: Access valid until the end of a project.

Capability-Based Systems

Definition: A capability-based system uses capability tokens as a means of access control.  A capability is an unforgeable token or key that gives the holder the right to access an object in a specific way. Features of Capability-Based Systems:

  1. Subject-Centric: o Each process/user holds a list of capabilities that specify what operations it can perform on which objects.
  2. Fine-Grained Access Control: o Capabilities can specify exact operations (e.g., read-only, write, execute).
  3. Easy Delegation: o Capabilities can be passed between processes securely.
  4. Revocation: o More complex than ACLs; requires special mechanisms such as revocation lists or expiration times. Example of Capability-Based Access: Subject / Process Capability List Process A File1 (Read/Write), File (Read) Process B File2 (Read/Write), Printer (Print) Process C File1 (Read), Database (Read)  Each capability grants specific rights to the holder for a particular object.

Comparison Table: ACL vs Capability-Based

Systems

Program Threats

Program threats are malicious or flawed software that can compromise system security. Types of Program Threats:

  1. Viruses o Programs that attach to other programs and execute when the host program runs. o Effect: Can destroy files, corrupt memory, or spread to other systems.
  2. Worms o Self-replicating programs that spread over networks without user intervention. o Effect: Consume bandwidth, slow down networks, or deliver payloads.
  3. Trojan Horses o Programs that appear legitimate but contain malicious code. o Effect: Can steal data, grant unauthorized access, or install backdoors.
  4. Trapdoors (Backdoors) o Hidden entry points left by programmers or attackers to bypass normal authentication. o Effect: Unauthorized access to system resources.
  5. Logic Bombs o Code that executes a malicious action when a specific condition occurs. o Effect: Data deletion, system shutdown, or disruption of services.
  1. Stack and Buffer Overflow Attacks o Exploit programming errors to overwrite memory , allowing execution of malicious code. o Effect: Can crash programs or gain unauthorized control.
  2. Time/Timing Attacks o Malicious programs exploit execution timing to deduce confidential information.
  3. Virulent Software (e.g., ransomware) o Programs that encrypt or lock data until a ransom is paid.

Prevention and Protection Techniques

 Keep software and OS updated with security patches.  Use antivirus and anti-malware programs.  Implement access control mechanisms and least privilege policies.  Perform regular backups to recover from attacks.  Monitor systems with audit trails and intrusion detection systems.

System and Network Threats

1. System Threats System threats are attacks or vulnerabilities that exploit the operating system or its resources directly. These threats often compromise confidentiality, integrity, or availability. Common System Threats: 1. Unauthorized Access o Occurs when a user or process accesses files, memory, or resources without permission.

Network threats target networked systems , communication channels, or data in transit. They often exploit vulnerabilities in protocols, services, or misconfigured devices. Common Network Threats:

  1. Eavesdropping / Sniffing o Unauthorized interception of network traffic. o Effect: Confidential data such as passwords, emails, or credit card numbers can be stolen.
  2. Man-in-the-Middle (MITM) Attack o Attacker intercepts and potentially modifies communication between two parties. o Effect: Data theft, session hijacking, or injecting malicious content.
  3. Denial of Service (DoS) / Distributed DoS (DDoS) o Floods network resources to make services unavailable. o Effect: Website downtime, service interruption.
  4. IP Spoofing o Attacker sends packets with forged source addresses to impersonate another system. o Effect: Bypass authentication, launch DoS attacks.
  5. ARP Poisoning / Cache Poisoning o Attacker sends fake Address Resolution Protocol messages to intercept or redirect traffic.
  6. Session Hijacking o Attacker takes over a valid session between client and server. o Effect: Unauthorized actions performed in the user’s name.
  7. Malware Distribution via Network o Viruses, worms, or ransomware spread over shared networks.

Cryptography and User Authentication

1. Cryptography as a Security Tool Definition: Cryptography is the practice of securing information by converting it into a form that is unreadable to unauthorized users, ensuring confidentiality, integrity, and authenticity. Objectives in OS Security: 1. Confidentiality: Prevent unauthorized access to data. 2. Integrity: Ensure data is not altered during storage or transmission. 3. Authentication: Verify the identity of users or systems. 4. Non-repudiation: Ensure that a user cannot deny sending a message. Types of Cryptography: 1. Symmetric Key Cryptography (Secret Key) o Same key is used for encryption and decryption. o Examples: AES, DES. o Pros: Fast and efficient. o Cons: Key distribution problem. 2. Asymmetric Key Cryptography (Public Key) o Uses a pair of keys : public key (encryption) and private key (decryption). o Examples: RSA, ECC. o Pros: Secure key distribution. o Cons: Slower than symmetric encryption.

o Pros: More secure than passwords alone. o Cons: Can be lost or stolen.

  1. Biometric Authentication o User provides something they are , such as fingerprints, iris, or facial recognition. o Pros: Difficult to forge. o Cons: Requires specialized hardware; privacy concerns.
  2. Multi-Factor Authentication (MFA) o Combines two or more methods of authentication. o Example: Password + OTP (One-Time Password) sent to phone. o Pros: Very secure. o Cons: Slightly less convenient for users. Authentication in OS:Login Passwords: Common method in personal computers and servers.  Kerberos Protocol: Network authentication using tickets and symmetric cryptography.  Biometric Devices: Used in laptops or secure terminals for user login.  Smart Cards/USB Tokens: Often used in corporate or government systems.