<< Chapter < Page Chapter >> Page >
Protection and Security

Protection and security

The purpose of a protection system is to prevent accidental or intentional misuse of a system.

  • Accidents: Problems of this kind are easy to anticipate (It’s possible to take action to minimize the likelihood of an accident).
  • Malicious abuse: Problems of this kind are very hard to completely eliminate (In order to protect completely against malicious abuse, one mustanticipate and eliminate every loophole and resist any temptation to play on probabilities).

There are three aspects to a protection mechanism:

  • User identification (authentication): make sure we know who is doing what.
  • Authorization determination: must figure out what the user is and is not allowed to do. Need a simple database for this.
  • Access enforcement: must make sure there are no loopholes in the system.

Even the slightest flaw in any of these areas may ruin the whole protection mechanism.


User identification is most often done with passwords. This is a relatively weak form of protection.

  • A password is a secret piece of information used to establish the identity of a user.
  • Passwords should not be stored in a readable form. One-way transformations should be used. A 1-way function is an interesting function thatis relatively easy to compute, but difficult to invert (essentially the only way to invert it is to compute all the forward transforms looking for one thatmatches the reverse).
  • Passwords should be relatively long and obscure.
  • Systems like UNIX(R) don't store the password, but the result of a 1-way function on the password. To check a user's password, the system takesthe password as input, computes the 1-way function on it, and compares it with the result in the password file. If they match, the password was (with highprobability) correct. Note that even knowing the algorithm and the encrypted password, it's still impossible to easily invert the function.

Although it's theoretically reasonable to leave a hashed password file in the open, it is rarely done anymore. There are a couplereasons:

  • In practice, bad passwords are not uncommon enough, so rather than having to try all the passwords (or half the passwords on average), tryinga large dictionary of common passwords is often enough to break into an account on the system.
  • Password file can be attacked off-line, with the system under attack completely unaware that it is under attack. By forcing the attacker toactually try passwords on the system that they're invading, the system can detect an attack.

Another form of identification: badge or key.

  • Does not have to be kept secret.
  • Should not be able to be forged or copied.
  • Can be stolen, but the owner should know if it is.

Key paradox: key must be cheap to make, hard to duplicate. This means there must be some trick (i.e. secret) that has to beprotected.

Once identification is complete, the system must be sure to protect the identity since other parts of the system will rely on it.

Authorization determination

Must indicate who is allowed to do what with what. Draw the general form as an access matrix with one row per user, one column perfile. Each entry indicates the privileges of that user on that object. There are two general ways of storing this information: access lists and capabilities.

Questions & Answers

find the 15th term of the geometric sequince whose first is 18 and last term of 387
Jerwin Reply
The given of f(x=x-2. then what is the value of this f(3) 5f(x+1)
virgelyn Reply
hmm well what is the answer
how do they get the third part x = (32)5/4
kinnecy Reply
can someone help me with some logarithmic and exponential equations.
Jeffrey Reply
sure. what is your question?
okay, so you have 6 raised to the power of 2. what is that part of your answer
I don't understand what the A with approx sign and the boxed x mean
it think it's written 20/(X-6)^2 so it's 20 divided by X-6 squared
I'm not sure why it wrote it the other way
I got X =-6
ok. so take the square root of both sides, now you have plus or minus the square root of 20= x-6
oops. ignore that.
so you not have an equal sign anywhere in the original equation?
is it a question of log
Commplementary angles
Idrissa Reply
im all ears I need to learn
right! what he said ⤴⤴⤴
what is a good calculator for all algebra; would a Casio fx 260 work with all algebra equations? please name the cheapest, thanks.
Kevin Reply
a perfect square v²+2v+_
Dearan Reply
kkk nice
Abdirahman Reply
algebra 2 Inequalities:If equation 2 = 0 it is an open set?
Kim Reply
or infinite solutions?
The answer is neither. The function, 2 = 0 cannot exist. Hence, the function is undefined.
Embra Reply
if |A| not equal to 0 and order of A is n prove that adj (adj A = |A|
Nancy Reply
rolling four fair dice and getting an even number an all four dice
ramon Reply
Kristine 2*2*2=8
Bridget Reply
Differences Between Laspeyres and Paasche Indices
Emedobi Reply
No. 7x -4y is simplified from 4x + (3y + 3x) -7y
Mary Reply
how do you translate this in Algebraic Expressions
linda Reply
Need to simplify the expresin. 3/7 (x+y)-1/7 (x-1)=
Crystal Reply
. After 3 months on a diet, Lisa had lost 12% of her original weight. She lost 21 pounds. What was Lisa's original weight?
Chris Reply
what's the easiest and fastest way to the synthesize AgNP?
Damian Reply
types of nano material
abeetha Reply
I start with an easy one. carbon nanotubes woven into a long filament like a string
many many of nanotubes
what is the k.e before it land
what is the function of carbon nanotubes?
I'm interested in nanotube
what is nanomaterials​ and their applications of sensors.
Ramkumar Reply
what is nano technology
Sravani Reply
what is system testing?
preparation of nanomaterial
Victor Reply
Yes, Nanotechnology has a very fast field of applications and their is always something new to do with it...
Himanshu Reply
good afternoon madam
what is system testing
what is the application of nanotechnology?
In this morden time nanotechnology used in many field . 1-Electronics-manufacturad IC ,RAM,MRAM,solar panel etc 2-Helth and Medical-Nanomedicine,Drug Dilivery for cancer treatment etc 3- Atomobile -MEMS, Coating on car etc. and may other field for details you can check at Google
anybody can imagine what will be happen after 100 years from now in nano tech world
after 100 year this will be not nanotechnology maybe this technology name will be change . maybe aftet 100 year . we work on electron lable practically about its properties and behaviour by the different instruments
name doesn't matter , whatever it will be change... I'm taking about effect on circumstances of the microscopic world
how hard could it be to apply nanotechnology against viral infections such HIV or Ebola?
silver nanoparticles could handle the job?
not now but maybe in future only AgNP maybe any other nanomaterials
I'm interested in Nanotube
this technology will not going on for the long time , so I'm thinking about femtotechnology 10^-15
can nanotechnology change the direction of the face of the world
Prasenjit Reply
At high concentrations (>0.01 M), the relation between absorptivity coefficient and absorbance is no longer linear. This is due to the electrostatic interactions between the quantum dots in close proximity. If the concentration of the solution is high, another effect that is seen is the scattering of light from the large number of quantum dots. This assumption only works at low concentrations of the analyte. Presence of stray light.
Ali Reply
the Beer law works very well for dilute solutions but fails for very high concentrations. why?
bamidele Reply
how did you get the value of 2000N.What calculations are needed to arrive at it
Smarajit Reply
Privacy Information Security Software Version 1.1a
Got questions? Join the online conversation and get instant answers!
QuizOver.com Reply

Get the best Algebra and trigonometry course in your pocket!

Source:  OpenStax, Operating systems. OpenStax CNX. Aug 13, 2009 Download for free at http://cnx.org/content/col10785/1.2
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Operating systems' conversation and receive update notifications?