--Originally published at The Hitchhiker's Guide to information security… according to me!
We all know one of the 7 wonders of the new world: the Great Wall of China. This series of brick fortifications help the country to not only defend against foreign invasions, but also to have better controls on the trading goods and visitors that came from the west. This extra layer of security helped China feel safer and to protect the towns near the border from invasion. Even if it doesn’t look like it, this is very similar to what operating system security is about. You need to protect your system from external threats and also be able to provide correct access to the users of your organization.
So what is this all about? Operating system security refers to the actions or activities that ensure the confidentiality, availability and integrity of all the data and services provided by an operating system. This means that you need to ensure that your users have the permissions they require to do their job (no more and no less) and also keep away access to malicious users or programs that can misuse your data or the services provided by the OS like the network.
Program threats
Refers external programs that run within the system that make OS do malicious task. For example:
- Trojan horse: A program that seems to do a certain thing and does another like storing login credentials.
- Virus: a program that duplicates itself when it is executed and can delete files, crash the system or modify the user session.
- Logic Bomb: refers to a malicious program that executes only when certain conditions are met, otherwise it behaves like a normal program.
System threats
Refers to the misuse of system services or network connection.
- DOS: repeatedly requesting the system services in order to clog them up and render
unavailable.
- Worms: a program that duplicates itself using the fork/ spawn process of the system making use of its resources at extreme levels blocking other processes.
- Port scanning: this is a method used by hackers to exploit vulnerabilities by using the port connection service of the OS
We know see the threats and in order to make our system secure we need to follow certain procedures.
Authentication: the second step after identification (which I talked in previous posts), in this contexts refers on making sure that a user is who he claims it is, and after it authenticates the necessary permissions will be given. This ensures that malicious user won’t harm the system. This can be determined by the use of the different authentication factors.
Security defenses
- Firewall
- Security Policy
- Vulnerability Assesment
- Intrusion Detection
- Antivirus
- Authentication
- Passwords
- Network Security
- Cryptography
Computer Security Classifications
There exist a series of security classification for computer systems and depending on the characteristic of your system it can fall into the next categories.
D – Minimal protection, no security required.
C – Provides user authentication and authorization, and prevents unprivileged user to access sensitive information.
B – Each object within the system needs to maintain a security label that will be used to make decisions of access control.
A – It’s just like type B just that the process the design of specification and verification techniques are more formal.
Now you know how to protect your system from the foreign invaders. Go out there and build an A type system so I can be proud of you.
