Security in Operating System article covers types of security threats, malicious programs, access control, and preventive measures used in modern operating systems.
Security in Operating Systems
Access and Security aspect of OS
Why is security needed in OS?
Computers store data and programs. Without security, data can be misused, stolen or altered. The OS ensures that only authorised users/processes can access information. There are three elements of security:
- Confidentiality: Prevents unauthorised users from accessing files or computers. For example, only an authorised person can access a Gmail account.
- Integrity: Integrity ensures the data is not changed in an unauthorised way. For example, marks in a student database cannot be altered by anyone.
- Availability: Data are available to authorised users when they are required. For example, back server data is availabe, so customers can check theiravailable, account using online banking.
A type of security attack
- Tampering: Without permission, changing or deleting information in the computer. For example, a hacker changes marks in the exam database.
- Disclosure: If any person reads or copies confidential data without permission. For example, someone secretly opens your email or bank account.
- Fabrication: If any person creates false information or fake data. For example, Adding a fake student record in the school system.
- Denial: Denial means when the hacker blocksadding data or services so the authorised user is not able to access the file or services. For example, a website is overloaded with fake requests and becomes unavailable.
Other Security Issues
- Tap in Communication Lines: Hackers listen to network cables to steal data.
- Electronic Data Capture: Spyware records whatβs on your screen.
- Lost Line: If a user is inactive, OS logs them off for safety.
- Improper Access Control: Some users get rights they should not have.
- Rogue Software: Malicious programs (viruses, Trojans) created to harm systems.
Types of malicious programmes in OS
- Trojan Horse: A Trojan horse is a type of malware (harmful software). It looks safe, but it can be secretly harmful. For example, if you install a free game, then a Trojan can secretly steal your passwords.
- Logical Bomb: A logical bomb is a type of malicious hidden code that activates when a condition is met. For example, a program that deletes a file on a certain date.
- Trap Door (Backdoor): The trap door is a secret entry point that bypasses security. For example, a hidden password that lets hackers enter your system.
- Worm: A worm is a malicious program whose primary function is to self-replicate automatically. For example, a worm that keeps sending spam email automatically.
- Virus: A computer virus is a type of malicious software, or malware, that spreads between computers and causes damage to data and software. For example, a virus attached to a Word file infects other files when opened.
Computer Worm
A computer worm is malware that can self-replicate from one computer to another without human activation. Worm can spread through a network and consume bandwidth and system resources. The first idea of a computer worm was invented at Xerox Palo Alto Research Center, a famous computer research lab in the U.S.
Computer Virus
A virus is a program which spreads between computers and causes damage to data and software. A computer virus can attach itself to valid files or programs. When you run the file or program, then the virus executes maliciously. There are multiple types of computer viruses β
- Boot Sector Virus
- Memory-Resident Virus
- File Virus
- Command Processor Virus
- General-purpose virus
Infection method
- Append: In this method, the viral code is added to the executable file.
- Replace: In this method, the viral code is replaced with the original code partly or fully.
- Insert: In this method, the code inserts inside the other program.
- Delete: In this case, the code diverts execution flow to viral code.
- Redirect: In this case the normal program changes the logic of the program and causes errors.
Disclaimer: We have provide you with the accurate handout of βSecurity in Operating Systemsβ. If you feel that there is any error or mistake, please contact me at anuraganand2017@gmail.com. The above study material present on our websites is for education purpose, not our copyrights.
Images and content shown above are the property of individual organisations and are used here for reference purposes only. To make it easy to understand, some of the content and images are generated by AI and cross-checked by the teachers.