Protection and Security

Slides:



Advertisements
Similar presentations
Protection Goals of Protection Domain of Protection Access Matrix
Advertisements

Operating System Security
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
Protection and Security Protection is any mechanism for controlling the access of processes to the resources of a computer system. This mechanism must.
CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.
Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed.
Reasons for Protection n Prevent users from accessing information they shouldn’t have access to. n Ensure that each program component uses system resources.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
Chapter 14: Protection.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.
Lecture 7 Access Control
Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
© G. Dhillon, IS Department Virginia Commonwealth University Principles of IS Security Formal Models.
14.1 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 14: Protection Goals of Protection Principles of Protection Domain of Protection.
CSCE 201 Introduction to Information Security Fall 2010 Access Control.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 4 – Access Control.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 AE4B33OSS Chapter 14: Protection Goals of Protection Principles of Protection Domain.
G53SEC 1 Access Control principals, objects and their operations.
Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.
Silberschatz, Galvin and Gagne  Operating System Concepts Chapter 18: Protection Goals of Protection Objects and Domains Access Matrix Implementation.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Protection (Chapter 14)
Protection Nadeem Majeed Choudhary
CE Operating Systems Lecture 21 Operating Systems Protection with examples from Linux & Windows.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
UNIX System Protection. Unix History Developed by Dennis Ritchie and Ken Thompson at AT&T Bell Labs Adapted some ideas from the Multics project in 1969.
COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:
Access Control Lesson Introduction ●Understand the importance of access control ●Explore ways in which access control can be implemented ●Understand how.
Access Control: Policies and Mechanisms Vinod Ganapathy.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th Edition, Apr 11, 2005 Goals of Protection Operating.
Privilege Management Chapter 22.
Chapter 14: Protection Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Goals of Protection Operating system consists of a collection.
Computer Security: Principles and Practice
Chapter 15: Access Control Mechanisms Dr. Wayne Summers Department of Computer Science Columbus State University
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
18.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 18: Protection Goals of Protection Domain of Protection Access Matrix.
Protection and Security
Access Control Model SAM-5.
Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé
Operating Systems Protection Alok Kumar Jagadev.
Chapter 14: Protection Modified by Dr. Neerja Mhaskar for CS 3SH3.
Chapter 14: System Protection
Operating System Concepts
Computer Data Security & Privacy
Chapter 14: Protection.
Chapter 14: Protection.
Protection and Security
Chapter 14: Protection.
CE Operating Systems Lecture 21
Chapter 14: Protection.
Chapter 14: Protection.
Computer-System Architecture
UNIX System Protection
Chapter 14: Protection.
OS Access Control Mauricio Sifontes.
Chapter 14: Protection.
Chapter 14: Protection.
Operating System Concepts
Access Control.
Chapter 14: Protection.
Chapter 14: Protection.
Computer Security Access Control
Chapter 2: Computer-System Structures
Chapter 2: Computer-System Structures
Access Control What’s New?
Operating System Concepts
Presentation transcript:

Protection and Security Protection is any mechanism for controlling the access of processes to the resources of a computer system. This mechanism must provide a means for specification of the control to be imposed and a means of enforcement. Security ensures user authentication preventing malicious destruction or alteration of the information stored in a computer system.

Protection models policies mechanisms A general protection system may be subdivided in three levels models policies mechanisms

Models The protection model defines the subjects, the objects to which the subjects may access and the access rights, that is the operations by which subjects can access to objects. The subjects are the active part of the system (processes) The objects are the passive part of the system (physical and logical resources). A subject may have access rights either to objects or other subjects (a process can control other processes) .

A process has different access rights to objects, depending on what task is currently doing. The particular set of rigts a process has at any given time is referred to as its protection domain.

Policies The protection policy define the rules by which the subjects can access to the objects: Discretional access control (DAC). The owner of an object controls the access rigthts for that object. ( UNIX). Mandatory access control (MAC). The access rigths are centrally managed ( hospital organizations). Rules are defined in order to establish the access rights of the users. The rules cannot be modified by the users. Role Based Access Control (RABC). Specific access rights are assigned to useres depending to their role in the organization. A user can belong to different roles. .

Mechanisms and policies are different concepts Example: UNIX provides a mechanism to define for each file three bits ( read, write and execute) for the owner of the file, for the group and for the others The user defines the value of the three bits (policy)

Changing the protection state Standard dual mode (monitor-user mode) Two protection state:user mode and monitor o kernel mode. Domain changing associated to the system calls When a process must execute a privileged instruction (access to files, I/O operations…) a change of domain happens. It is not possible to have protection among users.

Access matrix O1 O2 O3 read,write execute write read,write, S1 S2

Access matrix implementation : - Matrix dimension - Sparse matrix Access Control List (ACL). The matrix may be decomposed by columns: to each object an access control list is associated. It contains all the subjects that can access to the object and the permitted access rigths. .Capability List The matrix is decomposed by rows: to each subject is associated a list that contains the objects accessible by the the subject and the relative access rights.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.