Protection & Security In Operating Systems

Garvit SinghGarvit Singh
3 min read

Table of contents

Protection & Security in Operating Systems

Introduction
In the digital world, operating systems (OS) act as the foundation for secure computing. Protection and security are crucial aspects of an OS, safeguarding its resources and ensuring seamless, reliable operation.

Understanding the Terms

  1. Protection: refers to controlling access and usage of system resources (CPU, memory, disk, etc.) by processes and users. It focuses on internal threats, preventing interference and errors caused by unauthorized access or program malfunction.

  2. Security: encompasses broader aspects, protecting the OS from external threats like malware, hackers, and unauthorized physical access. It ensures the system's confidentiality, integrity, and availability (CIA triad):

  3. Confidentiality: Data should be accessible only to authorized users.

  4. Integrity: Data and system resources should remain unaltered and consistent.

  5. Availability: Authorized users should have uninterrupted access to system resources.

Protection Mechanisms

  • User Authentication: Mechanisms like usernames/passwords, biometrics, or multi-factor authentication verify user identity before granting access.
  • Resource Access Control: Access permissions define which users and programs can access specific resources (files, devices, etc.).
  • Memory Management: Techniques like memory isolation and virtualization prevent processes from interfering with each other's memory space.
  • System Integrity Protection: Features like code signing and secure boot verify the authenticity and integrity of system software.

Security Measures

  • Firewall: Monitors incoming and outgoing network traffic, blocking unauthorized access attempts.
  • Anti-malware Software: Detects and removes malware like viruses, worms, and trojans.
  • System Updates: Regular updates patch vulnerabilities and address security flaws.
  • Physical Security: Measures like access control lists and surveillance cameras prevent unauthorized physical access to the system.

Goals of protection

  • In one protection model, computer consists of a collection of objects, hardware or software.
  • Each object has a unique name and can be accessed through a well defined set of operations.
  • Protection problem - ensure that each object is accessed correctly and only by those processes that are allowed to do so.

Security Violation Categories

  • Breach of confidentiality - Unauthorized reading of data.
  • Breach of Integrity - Unauthorized modification of data.
  • Breach of Availability - Unauthorized destruction of data.
  • Theft of Service - Unauthorized use of resources.
  • Denial of Service(DOS) - Prevention of legitimate use.

Key Points

  • Protection and security are essential for reliable and secure computing.
  • They address both internal and external threats.
  • The CIA triad (confidentiality, integrity, and availability) serves as a guiding principle.
  • Various mechanisms and measures work together to achieve protection and security.

Further Exploration

  • Explore specific protection and security features in different operating systems (Windows, Linux, macOS).
  • Research emerging security threats and how OSes adapt to combat them.
  • Understand the role of encryption in secure communication and data storage.

Conclusion

You can read other articles written by me through these links.

Operating System Series
1. Introduction & Types of OS
2. Process States & Lifecycle
3. System Calls
4. User Mode vs Kernel Mode
5. CPU Process Scheduling
6. Process Synchronization
7. Deadlocks
8. Memory Management
9. Disk Management & Scheduling
10. File System in OS
11. Protection & Security

System Design Series
Introduction To Parallel Computing
Deep Dive Into Virtualization
Insights Into Distributed Computing

Cloud Computing Series
1. Cloud Service Models
2. Cloud Deployment Models
3. Cloud Security
4. Cloud Architecture
5. Cloud Storage
6. Networking In The Cloud
7. Cloud Cost Management
8. DevOps In Cloud & CI/CD
9. Serverless Computing
10. Container Orchestration
11. Cloud Migration
12. Cloud Monitoring & Management
13. Edge Computing In Cloud
14. Machine Learning In Cloud

Computer Networking Series
1. Computer Networking Fundamentals
2. OSI Model
3. TCP/IP Model : Application Layer
4. TCP/IP Model : Transport Layer
5. TCP/IP Model : Network Layer
6. TCP/IP Model : Data Link Layer

Version Control Series
1. Complete Guide to Git Commands
2. Create & Merge Pull Requests
3. Making Open Source Contributions

Linux
Complete Guide to Linux Commands

Thanks For Reading! ๐Ÿ’™
Garvit Singh

20
Subscribe to my newsletter

Read articles from Garvit Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.

technologyComputer Scienceinformation technologyoperating systemosProtectionSecuritytech

Written by

Garvit Singh
Garvit Singh

๐Ÿ‘‹ Hi, I'm Garvit, an IT Undergraduate. I'm passionate about expanding my knowledge in the field of Computer Science. ๐Ÿ’ป Computer Science Skills and the topics I write blogs on โœ… Proficient in Linux. โœ… Git/GitHub for version control. โœ… Networking Fundamentals. โœ… Proficient in Java, C and Python. โœ… Object-Oriented Programming in Java. โœ… Data Structures & Algorithms in Java. โœ… MERN Stack Web Development. โœ… System Design. โœ… Bash scripting and automation. โœ… Python for Scripting, Mini Projects. โœ… Cyber Warfare & Ethical Hacking. โœ… Cloud Computing. โœ… Distributed Computing, Parallel Computing, Real Time Systems, Virtualization. โœ… DevOps - Docker, Kubernetes โœ… Operating Systems. โœ… Software Testing. โœ… Databases - SQL, NoSQL and more...