<< Chapter < Page Chapter >> Page >
Protection and Security

Protection and security

The purpose of a protection system is to prevent accidental or intentional misuse of a system.

  • Accidents: Problems of this kind are easy to anticipate (It’s possible to take action to minimize the likelihood of an accident).
  • Malicious abuse: Problems of this kind are very hard to completely eliminate (In order to protect completely against malicious abuse, one mustanticipate and eliminate every loophole and resist any temptation to play on probabilities).

There are three aspects to a protection mechanism:

  • User identification (authentication): make sure we know who is doing what.
  • Authorization determination: must figure out what the user is and is not allowed to do. Need a simple database for this.
  • Access enforcement: must make sure there are no loopholes in the system.

Even the slightest flaw in any of these areas may ruin the whole protection mechanism.

Authentication

User identification is most often done with passwords. This is a relatively weak form of protection.

  • A password is a secret piece of information used to establish the identity of a user.
  • Passwords should not be stored in a readable form. One-way transformations should be used. A 1-way function is an interesting function thatis relatively easy to compute, but difficult to invert (essentially the only way to invert it is to compute all the forward transforms looking for one thatmatches the reverse).
  • Passwords should be relatively long and obscure.
  • Systems like UNIX(R) don't store the password, but the result of a 1-way function on the password. To check a user's password, the system takesthe password as input, computes the 1-way function on it, and compares it with the result in the password file. If they match, the password was (with highprobability) correct. Note that even knowing the algorithm and the encrypted password, it's still impossible to easily invert the function.

Although it's theoretically reasonable to leave a hashed password file in the open, it is rarely done anymore. There are a couplereasons:

  • In practice, bad passwords are not uncommon enough, so rather than having to try all the passwords (or half the passwords on average), tryinga large dictionary of common passwords is often enough to break into an account on the system.
  • Password file can be attacked off-line, with the system under attack completely unaware that it is under attack. By forcing the attacker toactually try passwords on the system that they're invading, the system can detect an attack.

Another form of identification: badge or key.

  • Does not have to be kept secret.
  • Should not be able to be forged or copied.
  • Can be stolen, but the owner should know if it is.

Key paradox: key must be cheap to make, hard to duplicate. This means there must be some trick (i.e. secret) that has to beprotected.

Once identification is complete, the system must be sure to protect the identity since other parts of the system will rely on it.

Authorization determination

Must indicate who is allowed to do what with what. Draw the general form as an access matrix with one row per user, one column perfile. Each entry indicates the privileges of that user on that object. There are two general ways of storing this information: access lists and capabilities.

Questions & Answers

what does nano mean?
Anassong Reply
nano basically means 10^(-9). nanometer is a unit to measure length.
Bharti
do you think it's worthwhile in the long term to study the effects and possibilities of nanotechnology on viral treatment?
Damian Reply
absolutely yes
Daniel
how to know photocatalytic properties of tio2 nanoparticles...what to do now
Akash Reply
it is a goid question and i want to know the answer as well
Maciej
characteristics of micro business
Abigail
for teaching engĺish at school how nano technology help us
Anassong
Do somebody tell me a best nano engineering book for beginners?
s. Reply
what is fullerene does it is used to make bukky balls
Devang Reply
are you nano engineer ?
s.
fullerene is a bucky ball aka Carbon 60 molecule. It was name by the architect Fuller. He design the geodesic dome. it resembles a soccer ball.
Tarell
what is the actual application of fullerenes nowadays?
Damian
That is a great question Damian. best way to answer that question is to Google it. there are hundreds of applications for buck minister fullerenes, from medical to aerospace. you can also find plenty of research papers that will give you great detail on the potential applications of fullerenes.
Tarell
what is the Synthesis, properties,and applications of carbon nano chemistry
Abhijith Reply
Mostly, they use nano carbon for electronics and for materials to be strengthened.
Virgil
is Bucky paper clear?
CYNTHIA
so some one know about replacing silicon atom with phosphorous in semiconductors device?
s. Reply
Yeah, it is a pain to say the least. You basically have to heat the substarte up to around 1000 degrees celcius then pass phosphene gas over top of it, which is explosive and toxic by the way, under very low pressure.
Harper
Do you know which machine is used to that process?
s.
how to fabricate graphene ink ?
SUYASH Reply
for screen printed electrodes ?
SUYASH
What is lattice structure?
s. Reply
of graphene you mean?
Ebrahim
or in general
Ebrahim
in general
s.
Graphene has a hexagonal structure
tahir
On having this app for quite a bit time, Haven't realised there's a chat room in it.
Cied
what is biological synthesis of nanoparticles
Sanket Reply
what's the easiest and fastest way to the synthesize AgNP?
Damian Reply
China
Cied
types of nano material
abeetha Reply
I start with an easy one. carbon nanotubes woven into a long filament like a string
Porter
many many of nanotubes
Porter
what is the k.e before it land
Yasmin
what is the function of carbon nanotubes?
Cesar
I'm interested in nanotube
Uday
what is nanomaterials​ and their applications of sensors.
Ramkumar Reply
what is nano technology
Sravani Reply
what is system testing?
AMJAD
preparation of nanomaterial
Victor Reply
how did you get the value of 2000N.What calculations are needed to arrive at it
Smarajit Reply
Privacy Information Security Software Version 1.1a
Good
Berger describes sociologists as concerned with
Mueller Reply
Got questions? Join the online conversation and get instant answers!
QuizOver.com Reply

Get the best Algebra and trigonometry course in your pocket!





Source:  OpenStax, Operating systems. OpenStax CNX. Aug 13, 2009 Download for free at http://cnx.org/content/col10785/1.2
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Operating systems' conversation and receive update notifications?

Ask