Scribd
Upload
42 views

Protection N Security

This document discusses various aspects of computer security, including authentication methods, program threats, system threats, and security classifications. It describes how authentication identifies users through usernames/passwords, user cards/keys, or biometric attributes. Program threats may allow unauthorized access through trojan horses, trap doors, logic bombs, or viruses. System threats like worms, port scanning, and denial of service attacks can compromise network resources or prevent legitimate use. The document outlines four security classifications from the Department of Defense - Type A with formal verification, Type B with mandatory access controls, Type C with user accountability and access controls, and Type D with minimum protection.

Uploaded by

rash
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
42 views

Protection N Security

This document discusses various aspects of computer security, including authentication methods, program threats, system threats, and security classifications. It describes how authentication identifies users through usernames/passwords, user cards/keys, or biometric attributes. Program threats may allow unauthorized access through trojan horses, trap doors, logic bombs, or viruses. System threats like worms, port scanning, and denial of service attacks can compromise network resources or prevent legitimate use. The document outlines four security classifications from the Department of Defense - Type A with formal verification, Type B with mandatory access controls, Type C with user accountability and access controls, and Type D with minimum protection.

Uploaded by

rash
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Protection & Security

Security refers to providing a protection system to computer system


resources such as CPU, memory, disk, software programs and most
importantly data/information stored in the computer system. If a computer
program is run by an unauthorized user, then he/she may cause severe
damage to computer or data stored in it. So a computer system must be
protected against unauthorized access, malicious access to system memory,
viruses, worms etc. We're going to discuss following topics in this chapter.

 Authentication

 One Time passwords

 Program Threats

 System Threats

 Computer Security Classifications

Authentication
Authentication refers to identifying each user of the system and associating
the executing programs with those users. It is the responsibility of the
Operating System to create a protection system which ensures that a user
who is running a particular program is authentic. Operating Systems
generally identifies/authenticates users using following three ways −

 Username / Password − User need to enter a registered username and


password with Operating system to login into the system.
 User card/key − User need to punch card in card slot, or enter key generated
by key generator in option provided by operating system to login into the
system.
 User attribute - fingerprint/ eye retina pattern/ signature − User need to
pass his/her attribute via designated input device used by operating system to
login into the system.

One Time passwords


One-time passwords provide additional security along with normal
authentication. In One-Time Password system, a unique password is
required every time user tries to login into the system. Once a one-time
password is used, then it cannot be used again. One-time password are
implemented in various ways.

 Random numbers − Users are provided cards having numbers printed along
with corresponding alphabets. System asks for numbers corresponding to few
alphabets randomly chosen.
 Secret key − User are provided a hardware device which can create a secret id
mapped with user id. System asks for such secret id which is to be generated
every time prior to login.
 Network password − Some commercial applications send one-time passwords
to user on registered mobile/ email which is required to be entered prior to
login.

Program Threats
Operating system's processes and kernel do the designated task as
instructed. If a user program made these process do malicious tasks, then it
is known as Program Threats. One of the common example of program
threat is a program installed in a computer which can store and send user
credentials via network to some hacker. Following is the list of some well-
known program threats.

 Trojan Horse − Such program traps user login credentials and stores them to
send to malicious user who can later on login to computer and can access
system resources.
 Trap Door − If a program which is designed to work as required, have a
security hole in its code and perform illegal action without knowledge of user
then it is called to have a trap door.
 Logic Bomb − Logic bomb is a situation when a program misbehaves only
when certain conditions met otherwise it works as a genuine program. It is
harder to detect.
 Virus − Virus as name suggest can replicate themselves on computer system.
They are highly dangerous and can modify/delete user files, crash systems. A
virus is generatlly a small code embedded in a program. As user accesses the
program, the virus starts getting embedded in other files/ programs and can
make system unusable for user
System Threats
System threats refers to misuse of system services and network
connections to put user in trouble. System threats can be used to launch
program threats on a complete network called as program attack. System
threats creates such an environment that operating system resources/ user
files are misused. Following is the list of some well-known system threats.

 Worm − Worm is a process which can choked down a system performance by


using system resources to extreme levels. A Worm process generates its
multiple copies where each copy uses system resources, prevents all other
processes to get required resources. Worms processes can even shut down an
entire network.
 Port Scanning − Port scanning is a mechanism or means by which a hacker
can detects system vulnerabilities to make an attack on the system.
 Denial of Service − Denial of service attacks normally prevents user to make
legitimate use of the system. For example, a user may not be able to use
internet if denial of service attacks browser's content settings.

Computer Security Classifications


As per the U.S. Department of Defense Trusted Computer System's
Evaluation Criteria there are four security classifications in computer
systems: A, B, C, and D. This is widely used specifications to determine and
model the security of systems and of security solutions. Following is the
brief description of each classification.

S.N. Classification Type & Description

1
Type A

Highest Level. Uses formal design specifications and verification


techniques. Grants a high degree of assurance of process security.

2 Type B

Provides mandatory protection system. Have all the properties of a class


C2 system. Attaches a sensitivity label to each object. It is of three types.
 B1 − Maintains the security label of each object in the system. Label
is used for making decisions to access control.
 B2 − Extends the sensitivity labels to each system resource, such as
storage objects, supports covert channels and auditing of events.
 B3 − Allows creating lists or user groups for access-control to grant
access or revoke access to a given named object.

3 Type C

Provides protection and user accountability using audit capabilities. It is of


two types.

 C1 − Incorporates controls so that users can protect their private


information and keep other users from accidentally reading /
deleting their data. UNIX versions are mostly Cl class.
 C2 − Adds an individual-level access control to the capabilities of a
Cl level system.

4
Type D

Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this


category.

You might also like