1. Home
  2. Operating systems
  3. Lecture notes
  4. Protection and security

1.8 Protection and security

<< Chapter < Page
  Operating systems     Page 3 / 5
Chapter >> Page >

Policies and mechanisms

Policies are real world statements about the protection that the system provides. These are all statements of (significantlydifferent) policies:

  • Users should not be able to read each other's mail
  • No student should be able to see answer keys before they are made public
  • All users should have access to all data.

The various systems in a computer system that control access to resources are the mechanisms that are used to implement apolicy. A good security system is one with clearly stated policy objectives that have been effectively translated into mechanisms.

The fact that data security does not stop with computer security cannot be understated. If your computer is perfectly secure,and an employee photocopies printouts of your new chip design, don't blame the computer security system.

Design principles

Although every security system is different, some overriding principles make sense. Here is a list generated by Saltzer andSchroeder from their experience on MULTICS that remain valid today (these are fun to apply to caper movies - next time you watch Mission Impossible orSneakers or War Games, try to spot the security flaws that let the intruders work their magic):

  • Public Design Surprisingly public designs tend to be more secure than private ones. The reason is that the security community as a while reviewsthem and reports flaws that can be fixed. Even if you take pains to keep the source code of your system secret, you should assume that attackers have accessto your code. The bad guys will share knowledge, the good guys should, too.
  • Default access is no access. This holds for subsystems just like login screens. It sounds like a platitude, but is a principle worth following atall levels. People who need a certain access will let you know about it quickly.
  • Test for current authority Just because the user had the right to perform an operation a millisecond ago doesn't mean they can do it now. Testthe authority every time so that revocation of that authority is meaningful.
  • Give each entity the least privilege required for it to do its job. This may mean creating a bunch of fine-grained privilege levels. The moreprivilege an entity possesses the more costly a mistake or misuse of that entity is. Printer daemons that run as root can cause logins that run as root.
  • Build in security from the start. Adding security later almost never works. There are too many holes to plug, and as a practical mattersecurity is nearly impossible to add to a fundamentally insecure system.
  • In order to make such a design integration, it must be simple and capable of being applied uniformly.
  • The system must be acceptable to the users. All security systems are a compromise between security and usability. The more features a system has,the more likely opportunities there are for exploitation. Furthermore, if a security feature is too onerous to the users, they will just invent ways tocircumvent them. These circumventions are then available for the attackers. An unacceptable security system is automatically attacked from within.

Questions & Answers

A golfer on a fairway is 70 m away from the green, which sits below the level of the fairway by 20 m. If the golfer hits the ball at an angle of 40° with an initial speed of 20 m/s, how close to the green does she come?
Aislinn Reply
cm
tijani
what is titration
John Reply
what is physics
Siyaka Reply
A mouse of mass 200 g falls 100 m down a vertical mine shaft and lands at the bottom with a speed of 8.0 m/s. During its fall, how much work is done on the mouse by air resistance
Jude Reply
Can you compute that for me. Ty
Jude
what is the dimension formula of energy?
David Reply
what is viscosity?
David
what is inorganic
emma Reply
what is chemistry
Youesf Reply
what is inorganic
emma
Chemistry is a branch of science that deals with the study of matter,it composition,it structure and the changes it undergoes
Adjei
please, I'm a physics student and I need help in physics
Adjanou
chemistry could also be understood like the sexual attraction/repulsion of the male and female elements. the reaction varies depending on the energy differences of each given gender. + masculine -female.
Pedro
A ball is thrown straight up.it passes a 2.0m high window 7.50 m off the ground on it path up and takes 1.30 s to go past the window.what was the ball initial velocity
Krampah Reply
2. A sled plus passenger with total mass 50 kg is pulled 20 m across the snow (0.20) at constant velocity by a force directed 25° above the horizontal. Calculate (a) the work of the applied force, (b) the work of friction, and (c) the total work.
Sahid Reply
you have been hired as an espert witness in a court case involving an automobile accident. the accident involved car A of mass 1500kg which crashed into stationary car B of mass 1100kg. the driver of car A applied his brakes 15 m before he skidded and crashed into car B. after the collision, car A s
Samuel Reply
can someone explain to me, an ignorant high school student, why the trend of the graph doesn't follow the fact that the higher frequency a sound wave is, the more power it is, hence, making me think the phons output would follow this general trend?
Joseph Reply
Nevermind i just realied that the graph is the phons output for a person with normal hearing and not just the phons output of the sound waves power, I should read the entire thing next time
Joseph
Follow up question, does anyone know where I can find a graph that accuretly depicts the actual relative "power" output of sound over its frequency instead of just humans hearing
Joseph
"Generation of electrical energy from sound energy | IEEE Conference Publication | IEEE Xplore" ***ieeexplore.ieee.org/document/7150687?reload=true
Ryan
what's motion
Maurice Reply
what are the types of wave
Maurice
answer
Magreth
progressive wave
Magreth
hello friend how are you
Muhammad Reply
fine, how about you?
Mohammed
hi
Mujahid
A string is 3.00 m long with a mass of 5.00 g. The string is held taut with a tension of 500.00 N applied to the string. A pulse is sent down the string. How long does it take the pulse to travel the 3.00 m of the string?
yasuo Reply
Who can show me the full solution in this problem?
Reofrir Reply
Got questions? Join the online conversation and get instant answers!
Jobilize.com Reply
<< Chapter < Page Page > Chapter >>

Read also:

Get Jobilize Job Search Mobile App in your pocket Now!

Get it on Google Play Download on the App Store Now




Source:  OpenStax, Operating systems. OpenStax CNX. Aug 13, 2009 Download for free at http://cnx.org/content/col10785/1.2
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Operating systems' conversation and receive update notifications?

Ask