Week 5 - Protection and security

Outline the goals and principles of domain- and language-based protection in a modern computer system, and describe how an access matrix is used to protect specific resources a process can access. (Consider using a matrix representation to illustrate concepts.)

Domain and language-based protection are two models in modern computer systems that can provide a more secure configuration with access to specific content. Using these types of models will ensure the protected content will only be accessed by those objects which have been granted authority.

Domain-based protection breaks down access by having multiple domains which have their own specific permissions to content. This permission can be set up as read, read/write, or ownership of the content and can grant different types of access across a specific domain. “Domains may be realized in different fashions - as users, or as processes, or as procedures.” (Silberschatz, A. Gagne, G. Galvin, P. 2014). This type of protection can reduce errors or issues across domains by specifying the access to each domain.

Language-based protection is more specific to the programming language that is being used. It is a more detailed way to prevent a security threat by utilizing the programming language code to provide a higher-level specification on the access policies and how the resources can be accessed. “Using language-based security, it is possible to increase the security of applications on a large scale.” (Morales, 2021). One example from the textbook is protection in Java which “has many built-in protection mechanisms.” (Silberschatz, A. Gagne, G. Galvin, P. 2014). Since Java is comprised with classes and methods all of which are a collection of fields and functions, it provides more layers of protection and much more difficult for malicious code to be executed.

An access matrix is used by restricting access to files and objects in a table configuration. The table has specific information on each file and which resources have what type of access. For example, Domain 1 has read access to file 1 and file 3 while domain 2 has read/write to file 2 and file 4. By setting up access in this way, domain 1 could not have read/write access to file 2 or 4 unless it is granted. “The access matrix provides an appropriate mechanism for defining and implementing strict control for both static and dynamic association between processes and domains.” (Silberschatz, A. Gagne, G. Galvin, P. 2014.

 

Describe how security is used to protect programs, systems, and networks from threats.

Protection and security are critical components when it comes to protecting the program, systems, and networks. There are various threats that can come in all shapes and sizes which can cause many issues both large and small. Some of the security measures mentioned in the textbook are on four levels.

Physical – This is a physical site where computers systems are housed which need to be protected against any attacker by securing the physical building. This can be by granting access via physical key, key card, or even biometric scanning.

Human – This level is by making sure access is granted to only those who need access. There is also a requirement to train those with access to other types of attacks which can be by social engineering, phishing, or by dumpster diving.

Operating System (O.S.) – Any O.S. should have the ability to protect itself from all types of security breaches, both accidental and/or purposeful. This can be accomplished by anti-virus software that is installed onto the O.S.

Network – This type of attack is done over a network connection either direct or wirelessly. It can be done by a “hacker” from anywhere in the world if they have the correct information for the specific system. If the system they are attempting to hack is not protected, it will make it easier for them to gain access and retrieve sensitive data. A network should have a firewall enabled to protect against any threats.

There are various ways a system can be infiltrated, which is why it is critical that all areas like those mentioned are always protected. Implementing various levels of security will ensure a higher level or protection against any threats and keep the data and resources protected.






- Click the link below to view the concept map for week 5 - 


Comments

Post a Comment

Popular posts from this blog

Final Project Summary

Image
  Week 5 – Final Project Summary   Joseph Ahumada The University of Arizona Global Campus CPT304: Operating Systems Theory & Design Instructor Bret Konsavage April 17, 2023 What are the fundamental concepts that underlie operating systems?       In today’s World, various types of computer devices are used daily both personally and professionally. While many aspects of these devices change, one component that tends to stay the same is the need for an operating system. As time progresses, the operating system will also move forward and undergo many phases of upgrades. This progression will bring on new ideas, but one that stays the same is the fundamental concepts that underlie operating systems. Many of these concepts are items such as Process Management, Memory Management, Disc Storage, I/O Management, File Directory Structure, Access Matrix, and Protection and Security. This course introduced us to these concepts and guided us as we ...
Read more

Week 1 - Major functions of an Operating System

Image
Categorize, describe, and give examples of the major functions of operating systems. There are many components that make up the major functions of an operating system which are also known as Operating System Services. These items typically exist for assisting the user are as follows: User interface – is the service that promotes user interaction which can come in several forms. One is via a command-line interface (CLI) and is typically text only. Another is a batch interface where files are executed that hold the commands. A final service is a graphical user interface (GUI) which is most common and uses a graphical interaction via I/O which can include menu options and inputs from a keyboard and/or mouse. Program execution – is the service that allows a program to run from memory and should have the ability to end the execution either successfully or unsuccessfully via error messages. I/O operations – is the service that allows for I/O devices such as a DVD or CD drive in o...
Read more

Week 4 - Files, mass storage, and I/O

Image
Outline the objectives and functions of file systems management and the supported operations, including their reliability and performance. The objectives and functions of file system management are to ensure proper organization within the computer’s files system. There are many responsibilities that come with file system management some of which are to create new files, manage existing files, organize various folders, and read many different file types, all while allowing the user full control to create, edit, rename, and delete files at will. These files can be stored on many different devices such as a local hard disk, a removable drive, or on a shared location. In the event of multiple user access, there is also the idea of access control which controls who can access the file and what type of access is required. Many other requirements with file manipulation are the name, identifier, type, location, size, protection, time, date, and user I.D. of each file. There is also the concept...
Read more