Scribd
Upload
38 views

Fundamentals of Security in Operating Systems

The document discusses several topics related to operating system and data security: 1. The basis of OS protection is separation through physical, temporal, logical, and cryptographic means. 2. Developing a secure OS involves 6 steps: analyzing the system, defining a security policy, creating a security model, choosing an implementation method, designing conceptually, verifying the design, implementing, and verifying the implementation. 3. Data security concerns protecting data from unauthorized modification, destruction, or disclosure through physical security, administrative controls, logical controls, and other safeguards. Ways to secure data include encryption, masking, erasure, and backup.

Uploaded by

Charly Llanes
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
38 views

Fundamentals of Security in Operating Systems

The document discusses several topics related to operating system and data security: 1. The basis of OS protection is separation through physical, temporal, logical, and cryptographic means. 2. Developing a secure OS involves 6 steps: analyzing the system, defining a security policy, creating a security model, choosing an implementation method, designing conceptually, verifying the design, implementing, and verifying the implementation. 3. Data security concerns protecting data from unauthorized modification, destruction, or disclosure through physical security, administrative controls, logical controls, and other safeguards. Ways to secure data include encryption, masking, erasure, and backup.

Uploaded by

Charly Llanes
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Fundamentals of security in operating systems

The basis of OS protection is separation. The separation can be of four different kinds:
– Physical: physical objects, such as CPU’s, printers, etc.
– Temporal: execution at different times
– Logical: domains, each user gets the impression that she is ”alone” in the system
– Cryptographic: hiding data, so that other users cannot understand them

The development of secure OS can be made in six steps:


– analyze of the system
– choose/define a security policy
– choose/create a security model (based on the policy)
– choose implementation method
– make a (conceptual) design
– verify the correctness of the design
– make an implementation
– verify the implementation

What is data security?

Data Security concerns the protection of data from accidental or intentional but unauthorised
modification, destruction or disclosure through the use of physical security, administrative
controls, logical controls, and other safeguards to limit accessibility. Ways of securing your
data include:

Data Encryption - converting the data into a code that cannot be easily read without a key that
unlocks it.
Data Masking – masking certain areas of data so personnel without the required authorisation
cannot look at it.
Data Erasure – ensuring that no longer used data is completely removed and cannot be
recovered by unauthorised people.
Data Backup – creating copies of data so it can be recovered if the original copy is lost.
What is cyber security?

Cyber security consists of technologies, processes and controls that are designed to protect
systems, networks and data from cyber attacks. Effective cyber security reduces the risk of
cyber attacks, and protects organisations and individuals from the unauthorised exploitation of
systems, networks and technologies.

Robust cyber security involves implementing controls that are based around three pillars:
people, processes and technology. This three-pronged approach helps organisations defend
themselves from both highly organised attacks and common internal threats, such as accidental
breaches and human error.

People: Every employee needs to be aware of their role in preventing and reducing cyber
threats, and specialised technical cyber security staff need to stay fully up to date with the latest
skills and qualifications to mitigate and respond to cyber attacks.

Processes: Processes are crucial in defining how the organisation’s activities, roles and
documentation are used to mitigate the risks to the organisation’s information. Cyber threats
change quickly, so processes need to be continually reviewed to be able to adapt with them.
Technology: By identifying the cyber risks that your organisation faces you can then start to
look at what controls to put in place, and what technologies you’ll need to do this. Technology
can be deployed to prevent or reduce the impact of cyber risks, depending on your risk
assessment and what you deem an acceptable level of risk.

What is cryptography?
Cryptography involves creating written or generated codes that allow information to be kept secret.
Cryptography converts data into a format that is unreadable for an unauthorized user, allowing it to be
transmitted without unauthorized entities decoding it back into a readable format, thus compromising
the data.
Information security uses cryptography on several levels. The information cannot be read without a key
to decrypt it. The information maintains its integrity during transit and while being stored.
Cryptography also aids in nonrepudiation. This means that the sender and the delivery of a message can
be verified.

Three types of cryptographic techniques used in general.

1. Symmetric-key cryptography

2. Hash functions.
3. Public-key cryptography

Security models in data bases

Basic model for the access control


Extended basic model
Multilevel model
Flux of data model

https://studylib.net/doc/5813592/operating-system-security-fundamental

http://www.cse.chalmers.se/edu/course/EDA263/oh15/L06%20OS%20Security.pdf

https://www.edq.com/uk/glossary/data-security/
https://www.itgovernance.co.uk/what-is-cybersecurity
https://economictimes.indiatimes.com/definition/cyber-security
https://www.techopedia.com/definition/1770/cryptography
https://economictimes.indiatimes.com/definition/cryptography
Security models in data bases

You might also like