Considerations on Operating System Security

Security and protection of operating systems can be generally classified into three aspects: access control, information flow control and certification (Heidari 7). Access control refers to the regulation of user’s access to the whole system and the process access to resources inside the OS. One of the resources that must be taken care of when a user is accessing the operating system is the main memory. Main memory and the registers are the only memory that the central processing unit (CPU) can access directly (Silberschatz, Galvin and Gagne).

They are vital in program execution. It is important to protect the main memory in order to ensure correct operations. More than security, it is also necessary to secure the correct execution of various processes that are currently loaded in the memory. There are two major categories in taking control access in operating systems: user-oriented and data-oriented access control. User-oriented access control is sometimes defined as authentication (Heidari 2). The prevailing method for user access control used by shared system is the user log.

The user log usually requires a user to provide his user ID or name and password. On the other hand, Heidari illustrates other methods in some systems: User access control in distributed environment can be either centralized or decentralized. In a centralized approach network provides a log on service, determining who is allowed to use the network and to whom the user is allowed to connect. Decentralized user access control treats the network as a transport communication link, and the destination host carries out the usual log on procedure.

In many networks, two levels of access control may be used (Heidari 2). Silberschatz, Galvin and Gagne further discussed the concept of user log. According to them, operating systems first distinguish the users in order to know who can do what. OS maintains a list user identities and group identifiers. User identities, which are usually user IDs or security IDs, include the name and associated number. Each user must only have exactly one user identity.

User IDs are then linked with all the files and processes to determine access control (Silberschatz, Galvin and Gagne). On the other hand, group identifiers allow set of users to be defined and controls managed, then also associated with each process or file. A concept of privileged escalation is also presented in which it allows user to change to effective ID with more rights. Data-oriented access control takes into place when a user successfully logs on to the operating system and able to get access to his set of applications.

In computer security, there’s a notion of objects and subjects. Passive resources are referred to as objects such as files, directories and memory. Conversely, subjects are the active resources that usually the one who uses the resources. Examples are users and processes. Both roles can vary depending on the given situation. Protection models which involve data-oriented access control is further divided into two: mandatory and discretionary access control.

Mandatory access control information (or objects) is classified based on rank of security sensitivity such as top secret or confidential. Subjects are “assigned with their security clearance” (Heidari 3). Access of a subject to the information is allowed depending on the relationship between the subject’s clearance the information security classification. However, in discretionary access control, each object has a sole owner. The owner has the privilege to assign access permissions to subjects who want to access his object.