Unit-5

Chapter-1
System Protection

Goals of Protection

Today the computer systems have become more sophisticated and universal in their applications;
the need to protect their integrity has also grown. Protection was originally considered as an adjunct to
multiprogramming operating systems, so that unreliable users might safely share a common logical name
space, such as a directory of files, or share a common physical name space, such as memory. Modern
protection concepts have evolved to increase the reliability of any complex system that makes use of shared
resources. We need to provide protection for several reasons. The most obvious is the need to prevent the
mischievous, intentional violation of an access restriction by a user. Safe sharing of a common logical
address space(directory of files) or common physical address space(memory). If anyone want to share a file
or directory, it should be shared safely. Fair and reliable resource usage Program in the system resource can
use the reliable resource only accordance to the policies which are stated that particular process
E.g. Process P1--→ granted to use only Printer. P1→ is not granted to access using printer, using
scanner, and etc. that will be unfair

Principles & Domain of Protection

Principles of Protection

 The principle of least privilege dictates that programs, users, and systems be given just enough
privileges to perform their tasks.
 This ensures that failures do the least amount of harm and allow the least of harm to be done.
 For example, if a program needs special privileges to perform a task, it is better to make it a SGID
program with group ownership of "network" or "backup" or some other pseudo group, rather than
SUID with root ownership. This limits the amount of damage that can occur if something goes
wrong.
 Typically each user is given their own account, and has only enough privilege to modify their own
files.
 The root account should not be used for normal day to day activities - The System Administrator
should also have an ordinary account, and reserve use of the root account for only those tasks which
need the root privileges

Domain of Protection

 A computer can be viewed as a collection of processes and objects (both HW & SW).
 The need to know principle states that a process should only have access to those objects it needs to
accomplish its task, and furthermore only in the modes for which it needs access and only during the
time frame when it needs access.
 The modes available for a particular object may depend upon its type.

Domain Structure

 A protection domain specifies the resources that a process may access.

 Each domain defines a set of objects and the types of operations that may be invoked on each object.

1
  An access right is the ability to execute an operation on an object.
 A domain is defined as a set of < object, { access right set } > pairs, as shown below. Note that some
domains may be disjoint while others overlap.

Figure - System with three protection domains.

 The association between a process and a domain may be static or dynamic.

o If the association is static, then the need-to-know principle requires a way of changing the
contents of the domain dynamically.
o If the association is dynamic, then there needs to be a mechanism for domain switching.
 Domains may be realized in different fashions - as users, or as processes, or as procedures. E.g. if
each user corresponds to a domain, then that domain defines the access of that user, and changing
domains involves changing user ID.

An Example: UNIX

 UNIX associates domains with users.

 Certain programs operate with the SUID bit set, which effectively changes the user ID, and therefore
the access domain, while the program is running. ( and similarly for the SGID bit. ) Unfortunately
this has some potential for abuse.
 An alternative used on some systems is to place privileged programs in special directories, so that
they attain the identity of the directory owner when they run. This prevents crackers from placing
SUID programs in random directories around the system.
 Yet another alternative is to not allow the changing of ID at all. Instead, special privileged daemons
are launched at boot time, and user processes send messages to these daemons when they need
special tasks performed.

An Example: MULTICS

 The MULTICS system uses a complex system of rings, each corresponding to a different protection
domain, as shown below:

2
 Figure - MULTICS ring structure.

 Rings are numbered from 0 to 7, with outer rings having a subset of the privileges of the inner rings.
 Each file is a memory segment, and each segment description includes an entry that indicates the
ring number associated with that segment, as well as read, write, and execute privileges.
 Each process runs in a ring, according to the current-ring-number, a counter associated with each
process.
 A process operating in one ring can only access segments associated with higher ( farther out ) rings,
and then only according to the access bits. Processes cannot access segments associated with lower
rings.
 Domain switching is achieved by a process in one ring calling upon a process operating in a lower
ring, which is controlled by several factors stored with each segment descriptor:
o An access bracket, defined by integers b1 <= b2.
o A limit b3 > b2
o A list of gates, identifying the entry points at which the segments may be called.
 If a process operating in ring i calls a segment whose bracket is such that b1 <= i <= b2, then the call
succeeds and the process remains in ring i.
 Otherwise a trap to the OS occurs, and is handled as follows:
o If i < b1, then the call is allowed, because we are transferring to a procedure with fewer
privileges. However if any of the parameters being passed are of segments below b1, then
they must be copied to an area accessible by the called procedure.
o If i > b2, then the call is allowed only if i <= b3 and the call is directed to one of the entries
on the list of gates.
 Overall this approach is more complex and less efficient than other protection schemes.

Access Matrix

The Access Matrix is a security model for a computer system's protection state. It is described as a
matrix. An access matrix is used to specify the permissions of each process running in the domain for each
object. The rows of the matrix represent domains, whereas the columns represent objects. Every matrix cell
reflects a set of access rights granted to domain processes, i.e., each entry (i, j) describes the set of
operations that a domain Di process may invoke on object Oj.

3
 There are various methods of implementing the access matrix in the operating system. These methods
are as follows:

1. Global Table

2. Access Lists for Objects

3. Capability Lists for Domains

4. Lock-Key Mechanism

Global Table

It is the most basic access matrix implementation. A set of ordered triples <domain, object, rights-
set> is maintained in a file. When an operation M has been performed on an object Oj within domain Di, the
table is searched for a triple <Di, Oj, Rk>. The operation can proceed if this triple is located; otherwise, an
exception (or error) condition has arrived. This implementation has various drawbacks. The table is
generally large and cannot be stored in the main memory, so additional input and output are required.

Access Lists for Objects

Every access matrix column may be used as a single object's access list. It is possible to delete the
blank entries. For each object, the resulting list contains ordered pairs <domain, rights-set> that define all
domains for that object and a nonempty set of access rights.

We may start by checking the default set and then find the access list. If the item is found, we enable
the action; if it isn't, we verify the default set. If M is in the default set, we grant access. Access is denied if
this is not the case, and an extraordinary scenario arises.

Capability Lists for Domains

A domain's capability list is a collection of objects and the actions that can be done on them. A
capacity is a name or address that is used to define an object. If you want to perform operation M on
object Oj, the process runs operation M, specifying the capability for object Oj. The simple possession of
the capability implies that access is allowed.

In most cases, capabilities are separated from other data in one of two ways. Every object has a tag to
indicate its type as capability data. Alternatively, a program's address space can be divided into two portions.
The programs may access one portion, including the program's normal instructions and data. The other
portion is a capability list that is only accessed by the operating system.

Lock-Key Mechanism

It is a compromise between the access lists and the capability lists. Each object has a list of locks,
which are special bit patterns. On the other hand, each domain has a set of keys that are special bit patterns.
A domain-based process could only access an object if a domain has a key that satisfies one of the locks on
the object. The process is not allowed to modify its keys.

Now, let's take an example to understand the implementation of an access matrix in the operating
system.

Example:

4
 In this example, there are 4 domains and objects in the above matrix, and also consider 3 files
(including F1, F2, and F3) and one printer. Files F1 and F3 can be read by a process running in D1. A
process running in domain D4 has the same rights as D1, but it may also write on files. Only one process
running in domain D2 has access to the printer. The access matrix mechanism is made up of various policies
and semantic features. Specifically, we should ensure that a process running in domain Di may only access
the objects listed in row i.

The protection policies in the access matrix determine which rights must be included in the (i j)th
entry. We should also choose the domain in which each process runs. The OS usually decides this policy.
The Users determine the data of the access-matrix entries.

The relationship between the domain and the processes might be static or dynamic. The access
matrix provides a way for defining the control for this domain-process association. We perform a switch
action on an object when we switch a process from one domain to another. We may regulate domain
switching by containing domains between the access matrix objects. If they have access to switch rights,
processes must be enabled to switch from one domain (Di) to another domain (Dj).

According to the matrix, a process running in domain D2 can transition to domains D3 and D4. A
process in domain D4 may change to domain D1, and a process in domain D1 may change to domain D2.

5
Access control

Access control is an essential element of security that determines who is allowed to access certain
data, apps, and resources—and in what circumstances. In the same way that keys and pre-approved guest
lists protect physical spaces, access control policies protect digital spaces. In other words, they let the right
people in and keep the wrong people out. Access control policies rely heavily on techniques like
authentication and authorization, which allow organizations to explicitly verify both that users are who they
say they are and that these users are granted the appropriate level of access based on context such as device,
location, role, and much more.

Access control keeps confidential information—such as customer data and intellectual property—
from being stolen by bad actors or other unauthorized users. It also reduces the risk of data exfiltration by
employees and keeps web-based threats at bay. Rather than manage permissions manually, most security-
driven organizations lean on identity and access management solutions to implement access control policies.
There are four main types of access control – each of which administrates access to sensitive
information in a unique way.
 Discretionary Access Control (DAC)
In DAC models, every object in a protected system has an owner, and owners grant
access to users at their discretion. DAC provides case-by-case control over resources
 Mandatory Access Control (MAC)
In MAC models, users are granted access in the form of a clearance. A central
authority regulates access rights and organizes them into tiers, which uniformly expand in
scope. This model is very common in government and military contexts
 Role Based Access Control (RBAC)
In RBAC models, access rights are granted based on defined business functions,
rather than individuals’ identity or seniority. The goal is to provide users only with the data
they need to perform their jobs—and no more
 Attribute Based Access Control (ABAC)
In ABAC models, access is granted flexibly based on a combination of attributes and
environmental conditions, such as time and location. ABAC is the most granular access
control model and helps reduce the number of role assignments

Access Control involves identifying a user based on their credentials and then authorizing the
appropriate level of access once they are authenticated.
Passwords, pins, security tokens—and even biometric scans—are all credentials commonly used
to identify and authenticate a user. Multifactor authentication (MFA) adds another layer of security by
requiring that users be verified by more than just one verification method.
Once a user’s identity has been authenticated, access control policies grant specific permissions
and enable the user to proceed as they intended.
The goal of access control is to keep sensitive information from falling into the hands of bad
actors. Attacks on confidential data can have serious consequences—including leaks of intellectual
property, exposure of customers’ and employees’ personal information, and even loss of corporate
funds.
Access control is a vital component of security strategy. It’s also one of the best tools for
organizations who want to minimize the security risk of unauthorized access to their data—particularly
data stored in the cloud.
As the list of devices susceptible to unauthorized access grows, so does the risk to organizations
without sophisticated access control policies. Identity and access management solutions can simplify the

6
administration of these policies—but recognizing the need to govern how and when data is accessed is
the first step.

Implementation of Access Control

 Connect on goals
Align with decision makers on why it’s important to implement an access control solution. There
are many reasons to do this—not the least of which is reducing risk to your organization. Other
reasons to implement an access control solution might include:
• Productivity: Grant authorized access to the apps and data employees need to accomplish their
goals—right when they need them.
• Security: Protect sensitive data and resources and reduce user access friction with responsive
policies that escalate in real-time when threats arise.
• Self-service: Delegate identity management, password resets, security monitoring, and access
requests to save time and energy.
 Select a solution
Choose an identity and access management solution that allows you to both safeguard your data
and ensure a great end-user experience. The ideal should provide top-tier service to both your
users and your IT department—from ensuring seamless remote access for employees to saving
time for administrators.
 Set strong policies
Once you’ve launched your chosen solution, decide who should access your resources, what
resources they should access, and under what conditions. Access control policies can be designed
to grant access, limit access with session controls, or even block access—it all depends on the
needs of your business.

Some questions might arise along the way might include:

• Which users, groups, roles, or workload identities will be included or excluded from the
policy?
• What applications does this policy apply to?
• What user actions will be subject to this policy?
 Follow best practices
Set up emergency access accounts to avoid being locked out if you misconfigure a policy, apply
conditional access policies to every app, test policies before enforcing them in your environment,
set naming standards for all policies, and plan for disruption. Once the right policies are put in
place, you can rest a little easier.

Revocation of Access Rights

 The need to revoke access rights dynamically raises several questions:

o Immediate versus delayed - If delayed, can we determine when the revocation will take
place?
o Selective versus general - Does revocation of an access right to an object affect all users
who have that right, or only some users?
o Partial versus total - Can a subset of rights for an object be revoked, or are all rights
revoked at once?
o Temporary versus permanent - If rights are revoked, is there a mechanism for processes to
re-acquire some or all of the revoked rights?
 With an access list scheme revocation is easy, immediate, and can be selective, general, partial, total,
temporary, or permanent, as desired.

7
  With capabilities lists the problem is more complicated, because access rights are distributed
throughout the system. A few schemes that have been developed include:
o Reacquisition - Capabilities are periodically revoked from each domain, which must then re-
acquire them.
o Back-pointers - A list of pointers is maintained from each object to each capability which is
held for that object.
o Indirection - Capabilities point to an entry in a global table rather than to the object. Access
rights can be revoked by changing or invalidating the table entry, which may affect multiple
processes, which must then re-acquire access rights to continue.
o Keys - A unique bit pattern is associated with each capability when created, which can be
neither inspected nor modified by the process.
 A master key is associated with each object.
 When a capability is created, its key is set to the object's master key.
 As long as the capability's key matches the object's key, then the capabilities remain
valid.
 The object master key can be changed with the set-key command, thereby
invalidating all current capabilities.
 More flexibility can be added to this scheme by implementing a list of keys for each
object, possibly in a global table.

Chapter-2
System Security
System security

System security may be threatened through two violations, and these are as follows:

1. Threat
A program that has the potential to harm the system seriously.

2. Attack
A breach of security that allows unauthorized access to a resource.

There are two types of security breaches that can harm the system: malicious and accidental.
Malicious threats are a type of destructive computer code or web script that is designed to cause system
vulnerabilities that lead to back doors and security breaches. On the other hand, Accidental Threats are
comparatively easier to protect against.

Security may be compromised through the breaches. Some of the breaches are as follows:

1. Breach of integrity
This violation has unauthorized data modification.

2. Theft of service
It involves the unauthorized use of resources.

3. Breach of confidentiality
It involves the unauthorized reading of data.

4. Breach of availability

8
 It involves the unauthorized destruction of data.

5. Denial of service
It includes preventing legitimate use of the system. Some attacks may be accidental.

Goals of Security System

There are several goals of system security. Some of them are as follows:

1. Integrity
Unauthorized users must not be allowed to access the system's objects, and users with
insufficient rights should not modify the system's critical files and resources.

2. Secrecy
The system's objects must only be available to a small number of authorized users.
The system files should not be accessible to everyone.

3. Availability
All system resources must be accessible to all authorized users, i.e., no single
user/process should be able to consume all system resources. If such a situation arises, service
denial may occur. In this case, malware may restrict system resources and preventing
legitimate processes from accessing them.

Program threats

The operating system's processes and kernel carry out the specified task as directed. Program Threats
occur when a user program causes these processes to do malicious operations. The common example of a
program threat is that when a program is installed on a computer, it could store and transfer user credentials
to a hacker. There are various program threats. Some of them are as follows:

1.Virus
A virus may replicate itself on the system. Viruses are extremely dangerous and can
modify/delete user files as well as crash computers. A virus is a little piece of code that is
implemented on the system program. As the user interacts with the program, the virus becomes
embedded in other files and programs, potentially rendering the system inoperable.

2. Trojan Horse
This type of application captures user login credentials. It stores them to transfer them to a
malicious user who can then log in to the computer and access system resources.

3. Logic Bomb
A logic bomb is a situation in which software only misbehaves when particular criteria are
met; otherwise, it functions normally.

4. Trap Door
A trap door is when a program that is supposed to work as expected has a security weakness
in its code that allows it to do illegal actions without the user's knowledge.

9
System Threats

System threats are described as the misuse of system services and network connections to cause user
problems. These threats may be used to trigger the program threats over an entire network, known as
program attacks. System threats make an environment in which OS resources and user files may be misused.
There are various system threats. Some of them are as follows:

1. Port Scanning
It is a method by which the cracker determines the system's vulnerabilities for an attack. It is
a fully automated process that includes connecting to a specific port via TCP/IP. To protect the
attacker's identity, port scanning attacks are launched through Zombie Systems, which previously
independent systems now serve their owners while being utilized for such terrible purposes.

2. Worm
The worm is a process that can choke a system's performance by exhausting all system
resources. A Worm process makes several clones, each consuming system resources and preventing
all other processes from getting essential resources. Worm processes can even bring a network to a
halt.

3. Denial of Service
Denial of service attacks usually prevents users from legitimately using the system. For
example, if a denial-of-service attack is executed against the browser's content settings, a user may
be unable to access the internet.

Network Threats

1. Unauthorized access

Unauthorized access refers to attackers accessing a network without receiving permission. Among
the causes of unauthorized access attacks are weak passwords, lacking protection against social
engineering, previously compromised accounts, and insider threats.

2. Distributed Denial of Service (DDoS) attacks

Attackers build botnets, large fleets of compromised devices, and use them to direct false traffic at
your network or servers. DDoS can occur at the network level, for example by sending huge volumes
of SYN/ACC packets which can overwhelm a server, or at the application level, for example by
performing complex SQL queries that bring a database to its knees.

3. Man in the middle attacks

A man in the middle attack involves attackers intercepting traffic, either between your network and
external sites or within your network. If communication protocols are not secured or attackers find a
way to circumvent that security, they can steal data that is being transmitted, obtain user credentials
and hijack their sessions.

4. Code and SQL injection attacks

Many websites accept user inputs and fail to validate and sanitize those inputs. Attackers can then fill
out a form or make an API call, passing malicious code instead of the expected data values. The code
is executed on the server and allows attackers to compromise it.

5. Privilege escalation
10
 Once attackers penetrate your network, they can use privilege escalation to expand their reach.
Horizontal privilege escalation involves attackers gaining access to additional, adjacent systems, and
vertical escalation means attackers gain a higher level of privileges for the same systems.

6. Insider threats
A network is especially vulnerable to malicious insiders, who already have privileged access to
organizational systems. Insider threats can be difficult to detect and protect against, because insiders
do not need to penetrate the network in order to do harm. New technologies like User and Even
Behavioral Analytics (UEBA) can help identify suspicious or anomalous behavior by internal users,
which can help identify insider attacks.

Cryptography for Security

Cryptography is the study of securing communications from outside observers. Encryption
algorithms take the original message, or plaintext, and convert it into cipher text, which is not
understandable. The key allows the user to decrypt the message, thus ensuring on they can read the message.
The strength of the randomness of an encryption is also studied, which makes it harder for anyone to guess
the key or input of the algorithm. Cryptography is how we can achieve more secure and robust connections
to elevate our privacy. Advancements in cryptography makes it harder to break encryptions so that
encrypted files, folders, or network connections are only accessible to authorized users.

Cryptography focuses on four different objectives:

1. Confidentiality: Confidentiality ensures that only the intended recipient can decrypt the message
and read its contents.

2. Non-repudiation: Non-repudiation means the sender of the message cannot backtrack in the future
and deny their reasons for sending or creating the message.

3. Integrity: Integrity focuses on the ability to be certain that the information contained within the
message cannot be modified while in storage or transit.

4. Authenticity: Authenticity ensures the sender and recipient can verify each other’s identities and the
destination of the message.

These objectives help ensure a secure and authentic transfer of information.

History of Cryptography
Cryptography began with ciphers, the first of which was the Caesar Cipher. Ciphers were a lot easier
to unravel compared to modern cryptographic algorithms, but they both used keys and plaintext. Though
simple, ciphers from the past were the earliest forms of encryption. Today’s algorithms and cryptosystems
are much more advanced. They use multiple rounds of ciphers and encrypting the ciphertext of messages to
ensure the most secure transit and storage of data. There are also methods of cryptography used now that are
irreversible, maintaining the security of the message forever.

The reason for more advanced cryptography methods is due to the need for data to be protected more
and more securely. Most of the ciphers and algorithms used in the early days of cryptography have been
deciphered, making them useless for data protection. Today’s algorithms can be deciphered, but it would
require years and sometimes decades to decipher the meaning of just one message. Thus, the race to create
newer and more advanced cryptography techniques continues.

11
 The intention of cryptography is to keep data and messages secure and inaccessible to potential
threats or bad actors. It is often working behind the scenes to encrypt and decrypt data you are sending
through social media, applications, interactions on websites, and email. Symmetric cryptography can be
used for these purposes:

 Card transactions and payment applications

 Random number generation
 Signature verification to ensure the sender is who they claim to be

Asymmetric cryptography can be used for the following purposes:

 Email messages
 SIM card authentication
 Web security
 Exchange of private keys

Types of Cryptography
Cryptography can be broken down into three different types:

 Secret Key Cryptography

 Public Key Cryptography
 Hash Functions

Secret Key Cryptography, or symmetric cryptography, uses a single key to encrypt data. Both
encryption and decryption in symmetric cryptography use the same key, making this the easiest form of
cryptography. The cryptographic algorithm utilizes the key in a cipher to encrypt the data, and when the data
must be accessed again, a person entrusted with the secret key can decrypt the data. Secret Key
Cryptography can be used on both in-transit and at-rest data, but is commonly only used on at-rest data, as
sending the secret to the recipient of the message can lead to compromise.
Examples:

 AES
 DES
 Caesar Cipher

12
 Public Key Cryptography, or asymmetric cryptography, uses two keys to encrypt data. One is used
for encryption, while the other key can decrypts the message. Unlike symmetric cryptography, if one key is
used to encrypt, that same key cannot decrypt the message, rather the other key shall be used.

One key is kept private, and is called the “private key”, while the other is shared publicly and can be
used by anyone, hence it is known as the “public key”. The mathematical relation of the keys is such that the
private key cannot be derived from the public key, but the public key can be derived from the private. The
private key should not be distributed and should remain with the owner only. The public key can be given to
any other entity.

Examples:

 ECC

13
  Diffie-Hellman
 DSS

Hash functions are irreversible, one-way functions which protect the data, at the cost of not being
able to recover the original message. Hashing is a way to transform a given string into a fixed length string.
A good hashing algorithm will produce unique outputs for each input given. The only way to crack a hash is
by trying every input possible, until you get the exact same hash. A hash can be used for hashing data (such
as passwords) and in certificates.

Some of the most famous hashing algorithms are:

 MD5
 SHA-1
 SHA-2 family which includes SHA-224, SHA-256, SHA-384, and SHA- 512
 SHA-3
 Whirlpool
 Blake 2
 Blake 3

User Authentication

There is a growing demand for different types of user authentication technologies for both online and
in physical systems. The motivation to authenticate users ranges from access control reasons to business
development purposes like adding e-commerce elements.

Organizations need to understand that passwords are not the only way to authenticate users. There is
a wide variety of authentication technologies and an even greater range of activities that require
authentication methods.

Authentication is the process of identifying users that request access to a system, network, or device.
Access control often determines user identity according to credentials like username and password. Other
authentication technologies like biometrics and authentication apps are also used to authenticate user
identity.

User authentication is a method that keeps unauthorized users from accessing sensitive information.
For example, User A only has access to relevant information and cannot see the sensitive information of
User B.

Cybercriminals can gain access to a system and steal information when user authentication is not
secure. The data breaches companies like Adobe, Equifax, and Yahoo faced are examples of what happens
when organizations fail to secure their user authentication.

Hackers gained access to Yahoo user accounts to steal contacts, calendars and private emails
between 2012 and 2016. The Equifax data breach in 2017 exposed credit card data of more than 147 million
consumers. Without a secure authentication process, any organization could be at risk.

Five Common Authentication Types

Cybercriminals always improve their attacks. As a result, security teams are facing plenty of
authentication-related challenges. This is why companies are starting to implement more
sophisticated incident response strategies, including authentication as part of the process. The list below
reviews some common authentication methods used to secure modern systems.

14
1. Password-based authentication

Passwords are the most common methods of authentication. Passwords can be in the form of
a string of letters, numbers, or special characters. To protect yourself you need to create strong
passwords that include a combination of all possible options.

However, passwords are prone to phishing attacks and bad hygiene that weakens
effectiveness. An average person has about 25 different online accounts, but only 54% of users use
different passwords across their accounts.

The truth is that there are a lot of passwords to remember. As a result, many people choose
convenience over security. Most people use simple passwords instead of creating reliable passwords
because they are easier to remember.

The bottom line is that passwords have a lot of weaknesses and are not sufficient in
protecting online information. Hackers can easily guess user credentials by running through all
possible combinations until they find a match.

2. Multi-factor authentication

Multi-Factor Authentication (MFA) is an authentication method that requires two or more

independent ways to identify a user. Examples include codes generated from the user’s smartphone,
Captcha tests, fingerprints, voice biometrics or facial recognition.

MFA authentication methods and technologies increase the confidence of users by adding
multiple layers of security. MFA may be a good defense against most account hacks, but it has its
own pitfalls. People may lose their phones or SIM cards and not be able to generate an authentication
code.

3. Certificate-based authentication

Certificate-based authentication technologies identify users, machines or devices by using

digital certificates. A digital certificate is an electronic document based on the idea of a driver’s
license or a passport.

15
 The certificate contains the digital identity of a user including a public key, and the digital
signature of a certification authority. Digital certificates prove the ownership of a public key and
issued only by a certification authority.

Users provide their digital certificates when they sign in to a server. The server verifies the
credibility of the digital signature and the certificate authority. The server then uses cryptography to
confirm that the user has a correct private key associated with the certificate.

4. Biometric authentication

Biometrics authentication is a security process that relies on the unique biological characteristics
of an individual. Here are key advantages of using biometric authentication technologies:

 Biological characteristics can be easily compared to authorized features saved in a database.

 Biometric authentication can control physical access when installed on gates and doors.
 You can add biometrics into your multi-factor authentication process.

Biometric authentication technologies are used by consumers, governments and private corporations
including airports, military bases, and national borders. The technology is increasingly adopted due to the
ability to achieve a high level of security without creating friction for the user. Common biometric
authentication methods include:

 Facial recognition—matches the different face characteristics of an individual trying to gain access to
an approved face stored in a database. Face recognition can be inconsistent when comparing faces at
different angles or comparing people who look similar, like close relatives. Facial liveness like ID
R&D’s passive facial liveness prevents spoofing.

 Fingerprint scanners—match the unique patterns on an individual’s fingerprints. Some new versions of
fingerprint scanners can even assess the vascular patterns in people’s fingers. Fingerprint scanners are
currently the most popular biometric technology for everyday consumers, despite their frequent
inaccuracies. This popularity can be attributed to iPhones.
 Speaker Recognition —also known as voice biometrics, examines a speaker’s speech patterns for the
formation of specific shapes and sound qualities. A voice-protected device usually relies on standardized
words to identify users, just like a password.
 Eye scanners—include technologies like iris recognition and retina scanners. Iris scanners project a
bright light towards the eye and search for unique patterns in the colored ring around the pupil of the eye.
The patterns are then compared to approved information stored in a database. Eye-based authentication
may suffer inaccuracies if a person wears glasses or contact lenses.

5. Token-based authentication

Token-based authentication technologies enable users to enter their credentials once and
receive a unique encrypted string of random characters in exchange. You can then use the token to
access protected systems instead of entering your credentials all over again. The digital token proves
that you already have access permission. Use cases of token-based authentication include RESTful
APIs that are used by multiple frameworks and clients.

Authentication technology is always changing. Businesses have to move beyond passwords and
think of authentication as a means of enhancing user experience. Authentication methods like biometrics
eliminate the need to remember long and complex passwords. As a result of enhanced authentication

16
methods and technologies, attackers will not be able to exploit passwords, and a data breach will be
prevented

Firewalling to protect Systems & Networks

It is a big challenge to protect our sensitive data from unwanted and unauthorized sources. There are
various tools and devices that can provide different security levels and help keep our private data secure.
One such tool is a 'firewall' that prevents unauthorized access and keeps our computers and data safe and
secure.

A firewall can be defined as a special type of network security device or a software program that
monitors and filters incoming and outgoing network traffic based on a defined set of security rules. It acts as
a barrier between internal private networks and external sources (such as the public Internet).

The primary purpose of a firewall is to allow non-threatening traffic and prevent malicious or
unwanted data traffic for protecting the computer from viruses and attacks. A firewall is a cyber security tool
that filters network traffic and helps users block malicious software from accessing the Internet in infected
computers.

This is one of the most problematic questions whether a firewall is a hardware or software. As stated
above, a firewall can be a network security device or a software program on a computer. This means that the
firewall comes at both levels, i.e., hardware and software, though it's best to have both.

Each format (a firewall implemented as hardware or software) has different functionality but the
same purpose. A hardware firewall is a physical device that attaches between a computer network and a
gateway. For example, a broadband router. On the other hand, a software firewall is a simple program
installed on a computer that works through port numbers and other installed software.

Apart from that, there are cloud-based firewalls. They are commonly referred to as FaaS (firewall as
a service). A primary advantage of using cloud-based firewalls is that they can be managed centrally. Like
hardware firewalls, cloud-based firewalls are best known for providing perimeter security.

Firewalls are primarily used to prevent malware and network-based attacks. Additionally, they can
help in blocking application-layer attacks. These firewalls act as a gatekeeper or a barrier. They monitor
every attempt between our computer and another network. They do not allow data packets to be transferred
through them unless the data is coming or going from a user-specified trusted source.

17
 Firewalls are designed in such a way that they can react quickly to detect and counter-attacks
throughout the network. They can work with rules configured to protect the network and perform quick
assessments to find any suspicious activity. In short, we can point to the firewall as a traffic controller.

Some of the important risks of not having a firewall are:

1. Open Access

If a computer is running without a firewall, it is giving open access to other networks.

This means that it is accepting every kind of connection that comes through someone. In this
case, it is not possible to detect threats or attacks coming through our network. Without a
firewall, we make our devices vulnerable to malicious users and other unwanted sources.

2. Lost or Comprised Data

Without a firewall, we are leaving our devices accessible to everyone. This means that
anyone can access our device and have complete control over it, including the network. In this
case, cybercriminals can easily delete our data or use our personal information for their benefit.

3. Network Crashes

In the absence of a firewall, anyone could access our network and shut it down. It may
lead us to invest our valuable time and money to get our network working again.

Therefore, it is essential to use firewalls and keep our network, computer, and data safe and secure
from unwanted sources.

Firewalls have been the first and most reliable component of defense in network security for over 30
years. Firewalls first came into existence in the late 1980s. They were initially designed as packet filters.
These packet filters were nothing but a setup of networks between computers. The primary function of these
packet filtering firewalls was to check for packets or bytes transferred between different computers.

Firewalls have become more advanced due to continuous development, although such packet
filtering firewalls are still in use in legacy systems.

As the technology emerged, Gil Shwed from Check Point Technologies introduced the first stateful
inspection firewall in 1993. It was named as FireWall-1. Back in 2000, Netscreen came up with its purpose-
built firewall 'Appliance'. It gained popularity and fast adoption within enterprises because of increased
internet speed, less latency, and high throughput at a lower cost.

The turn of the century saw a new approach to firewall implementation during the mid-2010.
The 'Next-Generation Firewalls' were introduced by the Palo Alto Networks. These firewalls came up with a
variety of built-in functions and capabilities, such as Hybrid Cloud Support, Network Threat Prevention,
Application and Identity-Based Control, and Scalable Performance, etc. Firewalls are still getting new
features as part of continuous development. They are considered the first line of defense when it comes to
network security.

A firewall system analyzes network traffic based on pre-defined rules. It then filters the traffic and
prevents any such traffic coming from unreliable or suspicious sources. It only allows incoming traffic that
is configured to accept.

18
 Typically, firewalls intercept network traffic at a computer's entry point, known as a port. Firewalls
perform this task by allowing or blocking specific data packets (units of communication transferred over a
digital network) based on pre-defined security rules. Incoming traffic is allowed only through
trusted IP addresses, or sources.

As stated above, the firewall works as a gatekeeper. It analyzes every attempt coming to gain access
to our operating system and prevents traffic from unwanted or non-recognized sources.

Since the firewall acts as a barrier or filter between the computer system and other networks (i.e., the
public Internet), we can consider it as a traffic controller. Therefore, a firewall's primary function is to secure
our network and information by controlling network traffic, preventing unwanted incoming network traffic,
and validating access by assessing network traffic for malicious things such as hackers and malware.

Generally, most operating systems (for example - Windows OS) and security software come with
built-in firewall support. Therefore, it is a good idea to ensure that those options are turned on. Additionally,
we can configure the security settings of the system to be automatically updated whenever available.

Firewalls have become so powerful, and include a variety of functions and capabilities with built-in
features:

o Network Threat Prevention

o Application and Identity-Based Control

o Hybrid Cloud Support

o Scalable Performance

o Network Traffic Management and Control

o Access Validation

o Record and Report on Events

19
Limitations of Firewall

When it comes to network security, firewalls are considered the first line of defense. But the question
is whether these firewalls are strong enough to make our devices safe from cyber-attacks. The answer may
be "no". The best practice is to use a firewall system when using the Internet. However, it is important to use
other defense systems to help protect the network and data stored on the computer. Because cyber threats are
continually evolving, a firewall should not be the only consideration for protecting the home network.

The importance of using firewalls as a security system is obvious; however, firewalls have some
limitations:

o Firewalls cannot stop users from accessing malicious websites, making it vulnerable to internal
threats or attacks.
o Firewalls cannot protect against the transfer of virus-infected files or software.

o Firewalls cannot prevent misuse of passwords.

o Firewalls cannot protect if security rules are misconfigured.

o Firewalls cannot protect against non-technical security risks, such as social engineering.

o Firewalls cannot stop or prevent attackers with modems from dialing in to or out of the internal
network.
o Firewalls cannot secure the system which is already infected.

Therefore, it is recommended to keep all Internet-enabled devices updated. This includes the latest
operating systems, web browsers, applications, and other security software (such as anti-virus). Besides, the
security of wireless routers should be another practice. The process of protecting a router may include
options such as repeatedly changing the router's name and password, reviewing security settings, and
creating a guest network for visitors.

Types of Firewall

Depending on their structure and functionality, there are different types of firewalls. The following is
a list of some common types of firewalls:

o Proxy Firewall

o Packet-filtering firewalls

o Stateful Multi-layer Inspection (SMLI) Firewall

o Unified threat management (UTM) firewall

o Next-generation firewall (NGFW)

o Network address translation (NAT) firewalls

20
Difference between a Firewall and Anti-virus

Firewalls and anti-viruses are systems to protect devices from viruses and other types of Trojans, but
there are significant differences between them. Based on the vulnerabilities, the main differences between
firewalls and anti-viruses are tabulated below:

Attributes Firewall Anti-virus

Definition A firewall is defined as the system Anti-virus is defined as the special type of
which analyzes and filters software that acts as a cyber-security
incoming or outgoing data packets mechanism. The primary function of Anti-
based on pre-defined rules. virus is to monitor, detect, and remove any
apprehensive or distrustful file or software
from the device.

Structure Firewalls can be hardware and Anti-virus can only be used as software.
software both. The router is an Anti-virus is a program that is installed on
example of a physical firewall, the device, just like the other programs.
and a simple firewall program on
the system is an example of a
software firewall.

Implementation Because firewalls come in the Because Anti-virus comes in the form of
form of hardware and software, a software, therefore, Anti-virus can be
firewall can be implemented implemented only at the software level.
either way. There is no possibility of implementing
Anti-virus at the hardware level.

Responsibility A firewall is usually defined as a Anti-viruses are primarily responsible for

network controlling system. It detecting and removing viruses from
means that firewalls are primarily computer systems or other devices. These
responsible for monitoring and viruses can be in the form of infected files
filtering network traffic. or software.

Scalability Because the firewall supports both Anti-viruses are generally considered less-
types of implementations, scalable than firewalls. This is because anti-
hardware, and software, therefore, virus can only be implemented at the
it is more scalable than anti-virus. software level. They don't support
hardware-level implementation.

Threats A firewall is mainly used to Anti-virus is mainly used to scan, find, and
prevent network related attacks. It remove viruses, malware, and Trojans,
mainly includes external network which can harm system files and software
threats?for example- Routing and share personal information (such as
attacks and IP Spoofing. login credentials, credit card details, etc.)
with hackers.

Computer Security Classifications

As per the U.S. Department of Defense Trusted Computer System's Evaluation Criteria there are four
security classifications in computer systems: A, B, C, and D. This is widely used specifications to determine

21
and model the security of systems and of security solutions. Following is the brief description of each
classification.

S.NO Classification Type & Description

1 Type A
Highest Level. Uses formal design specifications and verification techniques. Grants a high degree
of assurance of process security.

2 Type B
Provides mandatory protection system. Have all the properties of a class C2 system. Attaches a
sensitivity label to each object. It is of three types.
 B1 − Maintains the security label of each object in the system. Label is used for making
decisions to access control.
 B2 − Extends the sensitivity labels to each system resource, such as storage objects,
supports covert channels and auditing of events.
 B3 − Allows creating lists or user groups for access-control to grant access or revoke
access to a given named object.

3 Type C
Provides protection and user accountability using audit capabilities. It is of two types.
 C1 − Incorporates controls so that users can protect their private information and keep
other users from accidentally reading / deleting their data. UNIX versions are mostly Cl
class.
 C2 − Adds an individual-level access control to the capabilities of a Cl level system.

4 Type D
Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this category.

Chapter- 3
Case Studies
Linux

Linux is an open-source operating system like other operating systems such as Microsoft Windows,
Apple Mac OS, iOS, Google android, etc. An operating system is a software that enables the communication
between computer hardware and software. It conveys input to get processed by the processor and brings
output to the hardware to display it. This is the basic function of an operating system. Although it performs
many other important tasks, let's not talk about that.

22
 Linux is around us since the mid-90s. It can be used from wristwatches to supercomputers. It is
everywhere in our phones, laptops, PCs, cars and even in refrigerators. It is very much famous among
developers and normal computer users.

Evolution of Linux OS

The Linux OS was developed by Linus Torvalds in 1991, which sprouted as an idea to improve the
UNIX OS. He suggested improvements but was rejected by UNIX designers. Therefore, he thought of
launching an OS, designed in a way that could be modified by its users.

Nowadays, Linux is the fastest-growing OS. It is used from phones to supercomputers by almost all
major hardware devices.

Structure Of Linux Operating System

An operating system is a collection of software, each designed for a specific function.

Linux OS has following components:

1) Kernel

Linux kernel is the core part of the operating system. It establishes communication between devices
and software. Moreover, it manages system resources. It has four responsibilities:

23
 o device management: A system has many devices connected to it like CPU, a memory device, sound
cards, graphic cards, etc. A kernel stores all the data related to all the devices in the device driver
(without this kernel won't be able to control the devices). Thus kernel knows what a device can do
and how to manipulate it to bring out the best performance. It also manages communication between
all the devices. The kernel has certain rules that have to be followed by all the devices.
o Memory management: Another function that kernel has to manage is the memory management.
The kernel keeps track of used and unused memory and makes sure that processes shouldn't
manipulate data of each other using virtual memory addresses.
o Process management: In the process, management kernel assigns enough time and gives priorities
to processes before handling CPU to other processes. It also deals with security and ownership
information.
o Handling system calls: Handling system calls means a programmer can write a query or ask the
kernel to perform a task.

2) System Libraries

System libraries are special programs that help in accessing the kernel's features. A kernel has to be
triggered to perform a task, and this triggering is done by the applications. But applications must know how
to place a system call because each kernel has a different set of system calls. Programmers have developed a
standard library of procedures to communicate with the kernel. Each operating system supports these
standards, and then these are transferred to system calls for that operating system.

The most well-known system library for Linux is Glibc (GNU C library).
24
3) System Tools

Linux OS has a set of utility tools, which are usually simple commands. It is a software which GNU
project has written and publish under their open source license so that software is freely available to
everyone.

With the help of commands, you can access your files, edit and manipulate data in your directories or
files, change the location of files, or anything.

4) Development Tools

With the above three components, your OS is running and working. But to update your system, you
have additional tools and libraries. These additional tools and libraries are written by the programmers and
are called toolchain. A toolchain is a vital development tool used by the developers to produce a working
application.

5) End User Tools

These end tools make a system unique for a user. End tools are not required for the operating system
but are necessary for a user.

Some examples of end tools are graphic design tools, office suites, browsers, multimedia players,
etc.

Why use Linux?

This is one of the most asked questions about Linux systems. Why do we use a different and bit
complex operating system, if we have a simple operating system like Windows? So there are
various features of Linux systems that make it completely different and one of the most used operating
systems. Linux may be a perfect operating system if you want to get rid of viruses, malware, slowdowns,
crashes, costly repairs, and many more. Further, it provides various advantages over other operating
systems, and we don't have to pay for it. Let's have a look at some of its special features that will attract you
to switch your operating system.

25
Free & Open Source Operating System

Most OS come in a compiled format means the main source code has run through a program called a
compiler that translates the source code into a language that is known to the computer.

Modifying this compiled code is a tough job.

On the other hand, open-source is completely different. The source code is included with the
compiled version and allows modification by anyone having some knowledge. It gives us the freedom to run
the program, freedom to change the code according to our use, freedom to redistribute its copies, and
freedom to distribute copies, which are modified by us.

In short, Linux is an operating system that is "for the people, by the people."

And we can dive in Linux without paying any cost. We can install it on Multiple machines without
paying any cost.

It is secure

Linux supports various security options that will save you from viruses, malware, slowdowns,
crashes. Further, it will keep your data protected. Its security feature is the main reason that it is the most
favorable option for developers. It is not completely safe, but it is less vulnerable than others. Each
application needs to authorize by the admin user. The virus cannot be executed until the administrator
provides the access password. Linux systems do not require any antivirus program.

Favorable choice of Developers

Linux is suitable for the developers, as it supports almost all of the most used programming
languages such as C/C++, Java, Python, Ruby, and more. Further, it facilitates with a vast range of useful
applications for development.

Developers find that the Linux terminal is much better than the Windows command line, So, they
prefer terminal over the Windows command line. The package manager on Linux system helps
programmers to understand how things are done. Bash scripting is also a functional feature for the
programmers. Also, the SSH support helps to manage the servers quickly.

A flexible operating system

Linux is a flexible OS, as, it can be used for desktop applications, embedded systems, and server
applications. It can be used from wristwatches to supercomputers. It is everywhere in our phones, laptops,
PCs, cars and even in refrigerators. Further, it supports various customization options.

Linux Distributions

Many agencies modified the Linux operating system and makes their Linux distributions. There are
many Linux distributions available in the market. It provides a different flavor of the Linux operating system
to the users. We can choose any distribution according to our needs. Some popular distros are Ubuntu,
Fedora, Debian, Linux Mint, Arch Linux, and many more.

For the beginners, Ubuntu and Linux Mint are considered useful and, for the proficient developer,
Debian and Fedora would be a good choice.

26
How does Linux work?

Linux is a UNIX-like operating system, but it supports a range of hardware devices from phones to
supercomputers. Every Linux-based operating system has the Linux kernel and set of software packages to
manage hardware resources.

Also, Linux OS includes some core GNU tools to provide a way to manage the kernel resources,
install software, configure the security setting and performance, and many more. All these tools are
packaged together to make a functional operating system.

How to use Linux?

We can use Linux through an interactive user interface as well as from the terminal (Command Line
Interface). Different distributions have a slightly different user interface but almost all the commands will
have the same behavior for all the distributions. To run Linux from the terminal, press the "CTRL+ALT+T"
keys. And, to explore its functionality, press the application button given on the left down corner of your
desktop.

Microsoft Windows

Windows is a graphical operating system developed by Microsoft. It allows users to view and store
files, run the software, play games, watch videos, and provides a way to connect to the internet. It was
released for both home computing and professional works.

Microsoft introduced the first version as 1.0

It was released for both home computing and professional functions of Windows on 10 November
1983. Later, it was released on many versions of Windows as well as the current version, Windows 10.

In 1993, the first business-oriented version of Windows was released, which is known as Windows
NT 3.1. Then it introduced the next versions, Windows 3.5, 4/0, and Windows 2000. When the XP Windows
was released by Microsoft in 2001, the company designed its various versions for a personal and business
environment. It was designed based on standard x86 hardware, like Intel and AMD processor. Accordingly,
it can run on different brands of hardware, such as HP, Dell, and Sony computers, including home-built PCs.

Editions of Windows

Microsoft has produced several editions of Windows, starting with Windows XP. These versions have
the same core operating system, but some versions included advance features with an additional cost. There
are two most common editions of Windows:

o Windows Home

o Windows Professional

Windows Home

Windows Home is basic edition of Windows. It offers all the fundamental functions of Windows,
such as browsing the web, connecting to the Internet, playing video games, using office software, watching
videos. Furthermore, it is less expensive and comes pre-installed with many new computers.

27
Windows Professional

Windows Professional is also known as Window Pro or win Pro. It is an enhanced edition of Windows,
which is beneficial for power users and small to medium-size businesses. It contains all features of Windows
Home as well as the following:

o Remote Desktop: Windows Professional editions allow users to create a remote desktop connection.
It provides users the option to connect with another computer remotely, including share the control
of its mouse, keyboard, and view display. It is mainly accessed with the help of port 3389.
Additionally, we can also use the TeamViewer or VNC application to create a remote desktop
connection.
o Trusted Boot: It provides security as encrypting to the boot loader and protects the computer
from rootkits (Collection of software tools that allow users to enter another computer through an
unauthorized way known as rootkits).
o Bitlocker: It allows users to encrypt a storage drive by using AES (Advanced Encryption Standard)
algorithm. This feature is present in Windows 7, and Windows Vista (Only ultimate and Enterprise
versions), including Windows Server 2008.

Business laptops or computers mainly use the Bitlocker feature to protect their data on the computer. As
if your computer has been stolen, it is very difficult to break the Bitlocker password. It can be unlocked by
entering the correct password only. Furthermore, if you forget your Bitlocker password, it cannot be
retrieved.

o Windows Sandbox: A sandbox is located on a computer, network, or an online service enables users
to experiment or test computer security without interrupting the system.
o Hyper-V: It stands for a hypervisor, and developed by Microsoft Corporation on 26 June 2008. It is
also called Windows Server Virtualization. Hyper-V is used for virtualization of x86-64 servers,
running virtual machines and third party software like VirtualBox.
o Group policy management: An admin can specify group policies in an organization to manage
different Windows users.
o It provides support for the systems that have more than 128 GB of RAM.

o Furthermore, it also offers more Windows update installation options as well as flexible scheduling
and postponement around 34 days.

When Microsoft Windows was not introduced, all of the Microsoft users were used MS-DOS
operating system. Microsoft gave one word to most of its products; it required a new Word that can
represent its new GUI operating system. Microsoft decided to call it Windows because it has the ability to
perform several tasks and run applications simultaneously.

28
 Another reason behind calling it Windows was that you could not trademark a common name like
Windows. Its official name was Microsoft Windows, the first version 1.0 of Windows was introduced in
1995.

History of Microsoft Windows

Since 1983, Microsoft is producing Windows. The founder of Microsoft 'Bill Gates' announced for
Microsoft Windows on 10 November 1983 and released the first version of Windows in 1985. The
following table contains history of Windows from edition 1 to 10.

Version History

Windows 1.0 Microsoft introduced Windows with its first version 1.0. It was released on
20 November 1985, and at the beginning, it was sold for $100.00.
Additionally, it was the first effort by Microsoft to produce a graphical user
interface in 16-bit.

Windows 2.0 The second version, Windows 2.0, was produced by Microsoft on 9
December 1987 as well as it also introduced the Window 386 on the same
day. Initially, the price was the same $100.00 for both of the Windows in
the market.
It came with new features such as it was able to overlap each other, and it
also introduced the new way to maximize and minimize the window,
instead of using 'zooming' and 'iconizing' respectively.

Furthermore, it also included the control panel feature where several

system settings and configuration options are available in one place. Even
Microsoft Word and Excel were also used for the first time on Windows 2.

Windows 286 It was released in June 1988, and at the beginning, its price was $100.00.

Windows 3.0 It was the first Windows that needed a hard drive. It was launched by
Microsoft on 22 May 1990. Its full version was sold for $149.95, and the
updated version was $79.95. Additionally, the multimedia
supported Windows 3 was introduced in October 1991.

Windows version 3.0 gained more success, and it became a challenge for
Apple's Macintosh and the Commodore Amiga GUI as it was provided
pre-installed on computers by PC compatible manufacturers as well as
Zenith Data Systems.
It was also able to run the MS-DOS program in Windows that allowed
multitasking in legacy programs as well as supported 256 colors, which
made the interface more colorful and advanced.

29
Windows 3.1 It was launched in April 1992, when it was in development its code name
was Sparta. It was the commonly used operating system for the PC
graphical user interface. In the first two months after its release, more than
one million copies were sold. It made the Windows usable publishing
platform for the first time by introducing the TrueType fonts. Minesweeper
was also used for the first time on the Windows 3.1.
It was needed only 1MB of RAM to run, and it allowed users to control the
MS-DOS programs with the help of a mouse for the first time.
Furthermore, it was also the first operating system to be distributed on a
CD-ROM.
Some other generations of version 3.1 are as follows:

o In 1992, the Windows for Workgroups 3.1 was launched.

o Microsoft introduced Windows NT 3.1 on 27 July 1993.

o An updated version of Windows 3.1, Windows 3.11, was

introduced on 31 December 1993.
o In February 1994, the Windows for Workgroups 3.11 was
launched.
o On 21 September 1994, the Windows NT 5 was introduced.

o The next version Windows NT 3.51, was introduced on 30 May

1995.

Windows 95 As the name specifies, Windows 95 was launched on 24 August 1995, and
within four days of its release, more than one million copies were sold. It
introduced the Start button and Start menu features for the first time,
including important features such as a 32-bit environment, multitasking,
and taskbar. Furthermore, MS-DOS still played a vital role in Windows 95,
with the help of some programs and elements.
Internet Explorer was also used on the Windows 95 for the first time, but it
could not be installed by default, it needed the Windows 95 plus pack for
it. Later, Windows 95 improved and included the IE browser by default.

Windows 95 It was introduced on 24 February 1996.

Service Pack

Windows NT On 29 July 1996, Windows NT 4.0 was launched.

4.0

30
Windows CE
o The first version 0 of Windows CE was introduced in November
1996.
o The Second version 0 of Windows CE was launched in November
1997.
o The next version 1 of Windows CE was released in July 1998.

o The third version, 3.0 of Windows CE, was introduced in 1999.

Windows 98 It was developed on Windows 95, and introduced in June 1998. It was
released, including Internet Explorer 4, Windows Address Book, Outlook
Express, Microsoft Chat, and NetShow Player.
The second version of Windows 98 was introduced on 5 May 1999, in this
version the NetShow Player was replaced by Windows Media Player 6.2. It
was also brought with the address bar and back/forward navigation buttons
in Windows Explorer, and more other features.
Windows 98 came with the new feature Windows Driver model for
computer components and accessories, which offered support to all future
editions of Windows. Furthermore, it was improved USB support
including USB mice and USB hubs.

Windows 2000 On 17 February 2000, it was launched.

Windows ME It was invented in September 2000, and it was the last operating system,
which was based on MS-DOS and in the Windows 9x line. According to
the enterprise market, it was considered consumer-aimed Windows with
the Windows 2000. It was also provided some useful features for
consumers as well as more automated system recovery tools.
Additionally, an Internet Explorer, Windows Movie Maker, and Windows
Media Player 7 were used on Windows ME for the first time.

Windows 2000 It was introduced on 17 February 2000. Basically, it was based on

Microsoft business-oriented system Windows NT, and later it provided the
base for the Windows XP. Furthermore, the automatic updating feature
made their appearance for the first time on Windows 2000, and it was the
first operating system to support hibernation.

Windows XP Windows XP was considered the best edition of Windows; it was

introduced on 25 October 2001. It followed Windows ME and provided
consumer-friendly elements. The 64-bit version of Windows XP was
introduced on 28 March 2003. Furthermore, Its Professional x64 version

31
 was introduced on 24 April 2005.

The start button and taskbar were replaced by including the green Start
button, blue task bar, and vista wallpaper, as well as several shadows and
more visual effects.
It also brought some important features, such as ClearType, which helps to
read content on LCD screens, autoplay from CDs and other media,
different automated update, and recovery tools.

Additionally, It was used for the longest time, and even when it was
discontinued, it was used at an estimated 430 m PC.

Windows Vista It was introduced by Microsoft In January 2007. It was brought the better
look and feel user interface and included transparent elements, security,
and search. When it was in the development phase, its code name was
"Longhorn." Windows Media Player 11 and Internet Explorer 7 were made
their appearance for the first time on Windows Vista, included Windows
Defender, an anti-spyware program. It was also provided some useful
features such as Windows DVD Maker, speech recognition, and Photo
Gallery. Furthermore, it was the first operating system to be distributed on
DVD.

Windows On 27 February 2008, Microsoft introduced Windows Server 2008.

Server 2008

Windows 7 It was introduced on 22 October 2009 to overcome all problems that were
faced by Windows Vista. It was released with user-friendly features and
less dialogue box overload. It was more stable, faster, and easy to use as
compared to release other previous versions. Additionally, the handwriting
recognition feature was used for the first time on Windows 7.

As IE was the default browser in Microsoft Windows, the antitrust

investigations used Microsoft in Europe for making it a default browser.
Consequently, it had to provide the users the option to choose and install
the browser on the first boot.

Windows On 4 September 2012, Microsoft was released Windows Server 2012.

Server 2012

Windows 8 It was introduced by Microsoft on 26 October 2012. It was released with

new features, such as a fast operating system, support for the USB 3.0

32
 devices, and Web store. The Web store is a place where you can download
different types of Windows applications; its full-screen mode was run for
the first time on Windows 8.

Windows 8.1 It was launched by Microsoft on 17 October 2013. It was re-launched the
Start button, which was able to display the Start screen from the desktop
view of Windows 8.1. Furthermore, it provided a way to select boot
directly into the desktop.

Windows 10 On 29 July 2015, Microsoft introduced Windows 10. It was released with
some new features such as switching between a keyboard and mouse mode
and a tablet mode, which was beneficial for the users who use computers
like surface Pro 3 with a detachable keyboard. It was designed for all
Windows platforms across several devices, as well as Windows tablets and
Phones, including common applications.

Features of Windows

Microsoft Windows includes a lot of features to help users. Some of its excellent features are as
follows:

1. Control Panel: Windows provides a Control Panel feature that includes many tools to configure and
manage the resources on their computer. For example, users can change settings for audio, video,
printers, mouse, keyboard, network connections, date and time, power saving options, user accounts,
installed applications, etc.

33
2. Cortana: Windows 10 introduced a feature named Cortana, which is able to accept voice
commands. It can perform various tasks such as it can answers your questions, search data on your
computer, online purchases, set reminders, and appointments, etc. Furthermore, it acts like other
voice-activated services such as Google Assistant, Alexa, or Siri, including one more benefit of
searching the information on your computer. To open the Cortana in Windows 10, press Window
key + S.

34
3. File Explorer: It is also known as Windows Explorer, which displays your files and folders on the
computer. It allows users to browse the data on the hard drive, SSD and other inserted removable
disks like pen drives and CDs, and you can manage the content according to the requirements such as
delete, rename, search, and transfer the data.

4. Internet browser: As the internet browser is very important to search for anything, view pages,
online shopping, play games, watch videos, etc. Windows come with a pre-installed internet browser.
in Windows 10, the Edge internet browser is the default browser. Furthermore, Internet Explorer was
the default browser in Microsoft Windows from the Windows edition 95 to 8.1 version.

5. Microsoft Paint: Since November 1985, Microsoft Windows comes with pre-installed Microsoft
Paint. It is a simple software to create, view, and edit an image. It offers several tools to draw an
image, crop, resize, and save an image with a different file extension.

35
6. Taskbar: Windows comes with a taskbar that displays currently opened programs, it also allows
users to access any specific programs. Additionally, it includes the notification area on the right side
that shows date and time, battery, network, volume, and other background running applications.

7. Start menu: Microsoft Windows contains a start menu to the left side of the taskbar. It displays
programs and utilities that are installed on the computer. It can be simply opened by clicking on the
Start menu button or pressing the start key on the keyboard.

8. Task Manager: Windows includes the task manager feature that provides detail of the running
applications or programs on the computer. You can also check how much of the system resources,
such as RAM, CPU, disk I/O, are being used by each of the applications.

36
 9. Disk Cleanup: It is used to free up disk space with the help of deleting temporary or unnecessary
files. It also helps to enhance the performance of the computer, and boost storage space to download
the programs and documents. To open Disk Cleanup, follow the below steps:
o Open the File Explorer by pressing Window + E.

o Then, right-click on any disk drive and select Properties option from the drop-down list.

o Now, click on the Disk Cleanup.

Difference between Linux and Windows OS

Below is a table to describe the major factors about Linux and Windows operating systems:

37
 Topic Windows Linux

Command Windows allows users to use the Although the Linux command-line offers
Line command line, but not as a Linux more features for administration and daily
command line. To open the command tasks, it does not offer much to end-users.
line, click on the Run dialog box and
type CMD in the run search bar and
press Enter key.

Reliability Windows has improved its reliability in Linux is more reliable and secure then
the past few years, but still it is less Windows OS. It mainly focuses on system
reliable as compared to Linux. security, process management, and up-time.

Usability Windows is easier to use as it provides a Although Linux has the ability to perform
simple user interface. But its installation complex tasks easier, its installation
process can take more time. process is complicated.

Security Microsoft has enhanced the security Linux is a more secure operating system as
features in Windows over recent years. compared to Microsoft Windows. Even
As it has a huge user base, mostly for attackers found difficulty in breaking the
new computer users, it can be easily security with the help of Linux.
targeted for malicious coders.
Furthermore, among all of the operating
systems, Microsoft Windows can be part
of developing malware and viruses.

Support It provides users the online and A wide number of books are available to
integrated help systems, as well as a offer help about Linux, including online
large number of informative books, are support.
available to provide help for people at
all skill levels.

Updates Regular Windows update makes users Linux provides users full control over
frustrated by alerting the Windows updates. They can update it accordingly,
update for inconvenient times. and it takes less time to get an update as
Additionally, it takes more time to get well as without any reboot the system.
an update.

Licensing Microsoft Windows with license does Linux operating system with a license
not allow to modify the software (don't offers users the benefit to re-use the source
have access to the source code). It can code on any number of systems. It is also

38
 be installed only on the systems with a allowed the users to modify the software
Windows license key. and sell its modified version.

39