Protection and Security in Operating System

Protection and security requires that computer resources such as CPU, software, memory etc. are protected. This extends to the operating system as well as the data in the system. This can be done by ensuring integrity, confidentiality and availability in the operating system. The system must be protected against unauthorized access, viruses, worms etc.

Threats to Protection and Security

A threat is a program that is malicious in nature and leads to harmful effects for the system. The following diagram shows the classification of common security threats −

Virus

Viruses are generally small snippets of code embedded in a system. They are very dangerous and can corrupt files, destroy data, crash systems etc. They can also spread further by replicating themselves and infecting other files.

Trojan Horse

A trojan horse can secretly access the login details of a system. Then a malicious user can use these credentials to enter the system appearing as a legitimate user and cause damage from within.

Trap Door

A trap door is a security vulnerability that may be present in a system without the knowledge of the users. It provides unauthorized access that can be exploited to harm the data or files in a system by malicious attackers.

Worm

A worm can destroy a system by consuming its resources to extreme levels. It can generate multiple copies which claim all available resources and prevent legitimate processes from accessing them. A worm can shut down an entire network in this way.

Denial of Service (DoS)

These attacks prevent legitimate users from accessing a system. They overwhelm the system with excessive requests so that it becomes unresponsive and cannot serve genuine user requests properly.

Protection and Security Methods

The different methods that provide protection and security for computer systems are −

Authentication

This deals with identifying each user in the system and making sure they are who they claim to be. The operating system ensures that all users are authenticated before they access the system. The different authentication methods are:

• Username/Password − Each user has a distinct username and password combination that must be entered correctly to access the system.

• User Key/Card − Users need to insert a smart card or use an individual key on a keypad to gain system access.

• Biometric Authentication − Uses unique user attributes like fingerprints, retina scans, or facial recognition. These are compared with stored templates in the database, and access is granted only upon successful matching.

Authorization

Authorization determines what resources an authenticated user can access. It involves setting permissions and access control lists (ACLs) that define user privileges for files, directories, and system resources.

One Time Password (OTP)

These passwords provide enhanced security for authentication. An OTP is generated exclusively for each login session and cannot be reused. Implementation methods include:

• Random Numbers − The system generates a random numeric code sent via SMS or generated by an authenticator app.

• Hardware Tokens − A physical device generates time-based or counter-based secret keys that change periodically.

Security Levels

Conclusion

Protection and security in operating systems involve multiple layers of defense against various threats including viruses, worms, and unauthorized access. Effective security combines authentication, authorization, and multiple protection mechanisms to ensure system integrity, confidentiality, and availability.