Sunday, December 2, 2012

Security

Introduction :


This topic is talking about security of operating system and classification of three key objectives with more details about kinds of malware and viruses.


Three key objectives are at the heart of computer security :

  •        Confidentiality
  •        Integrity
  •        Availability



Confidentiality:

Covering two related concepts:


  • Data confidentiality: Assures that private or confidential information is not     made available or disclosed to unauthorized individuals.
  • Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.

Integrity: 

Also covers two related concepts:


  • Data integrity: Assures that information and programs are changed only in a specified and authorized manner.
  • System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.

Availability:

Assures that systems work promptly and service is not denied to authorized users

  Two further concepts are often added to the core of computer security
Authenticity
Accountability


Threats

    RFC 2828, describes four kinds of threat consequences

Unauthorized Disclosure
      A circumstance or event whereby an entity gains access to data for which the entity is not authorized.
Deception
    A circumstance or event that may result in an authorized entity receiving false data and believing it to be true.
 Disruption 
            A circumstance or event that interrupts or prevents the correct operation of system services and functions.

 Usurpation
 A circumstance or event that results in control of system services or functions by an unauthorized entity

    Scope of System Security



Intruders

 Three main classes of intruders:

1.  Masquerader,
Typically an outsider
2.    Misfeasor
Often an insider and legitimate user
3.    Clandestine user

Malware

    General term for any Malicious softWareSoftware designed to cause damage Or use up the resources of a target computer.

      Some malware is parasitic , Contained within other software

    Some malware is self-replicating, others require some other means to propogate.

Backdoor

  Trapdoor

   Secret entry point

   Useful for programmers debugging

    But allows unscrupulous programmers to gain unauthorized access.


Trojan Horse

  Useful program that contains hidden code that when invoked performs some unwanted or harmful function

    Can be used to accomplish functions indirectly that an unauthorized user could not accomplish directly

User may set file permission so everyone has access

This link hlep you to know more information about operating system security.

http://books.google.com.sa/books/about/Operating_System_Security.html?id=P4PYPSv8nBMC&redir_esc=y

 



Now in your comments box down the code you must write five sentences about what did yuo learned With writing yourname and academic number





Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)