One of the main drawbacks of the user authentication is the essence of various attacks to the protection mechanism. The concept of user authenticity is weak and susceptible to numerous attacks. The protection mechanism also relates to the ability of the user to maintain the user ID and password secret for the purposes of minimizing threats and attacks (Weber 2010). This is an indication that the users must have the right memory and the ability to keep the essentials secret with the aim of reducing external threats thus enhancing the validity and integrity and availability of the information within the context of the user's computer system.
It is ideal to note that the authenticity mechanism is ineffective in relation to making financial transactions remotely. This focus on the making of fund transfers though the concept of the internet banking channel. There is an increase in cost of utilization of this protection mechanism because of the influence of complex user ID and password. This indicates the essence of resetting the password or locking the authentication process following a certain number of failing attempts. The user authentication protection mechanism is susceptible to piracy thus external threats and attacks. This makes it a loophole towards enhancing effectiveness and efficiency in the implementation of the operations and directives of the policies in accordance with the needs and objectives of the developers of the operating systems.
This protection mechanism is also known as the concept of the access control matrix. It refers to the concept of the resource protection or a model for the purposes of protection of the operating system. The mechanism was first applied in 1971 under the influence of an American computer scientist known as Butler Lampson (Tripunitara et al., 2007). The protection scheme of the protection model in context focuses on the limitation of unauthorized users or subjects to utilize or exploit resources such as operating systems. This is an indication that a particular or specific subject or user has limited access rights or complete accessing rights in relation to the policies and directives of the developers. The access control matrix focuses on the utilization of the concept of the locked doors thus the opportunity for utilization by the individuals or users with the right keys. This expression also relates to the concept of the movie tickets that allows those with valid movie tickets to pass through the door and watch their favorite movies. There are derivative forms of access control matrix in the form of access control list and the capability list essential in the provision of maximum protection for the operating system. The derivatives have some benefits or advantages as well as disadvantages towards execution of the needs and preferences of the users with the purpose of enhancing the protection of the operating system.
The access control matrix is an effective approach towards enhancing protection of the operating system through the utilization of triple parts in the form of object, subject, and access operation. An object refers to the passive entity or system resource in relation to aspects such as file, directory, printer, and database records. On the other hand, the subject refers to the active entity within the computer system in the form of user, program, thread, and process. The matrix focuses on the utilization of the access operations essential or responsible for the interactions between the objects and the subjects following the implementation of complex technologies. The user first has access the request under the influence of the reference monitor for the end product in the form of grants or denial of access thus protection of the operating system through external attacks or utilization by unauthorized subjects or others. This mechanism focuses on the implementation of four critical principles towards the achievement of the goals and objectives. The first principle in relation to implementation of the access matrix is the assignment of the subjects of the operating system. The second principle focuses on assigning the objects recognized by associating programs within the context of the operating system for the purposes of compatibility. The third principle relates to assigning of the access operations that the subjects can utilize. The final principle is the opportunity to assign subjects which interact with the objects through integration of the processes within the context of the operating system. The effectiveness of the access matrix relates to the ability of the user to implement the protection mechanism effectively and efficiently.
There are various benefits in relation to the implementation of the access matrix with reference to the protection of the operating system. The main advantage is the ability to the mechanism to limit the operations or actions of the legitimate user effectively and efficiently. This is through constraining what the users can do directly and programs the operating system can execute on behalf of the user while exploiting the essential resources or systems (Shakya et al., 2011). This is vital in the prevention of activities that could lead to the breach of the security. Access control is also an effective and efficient approach for the achievement of confidentiality, integrity, and availability objectives and targets. This is critical in the provision of sufficient protection to the existing or underlying operating system in relation to the complex modern technologies. Implementation of the derivative of the access matrix in the form of the ACL (access control list) makes it easier to determine the modes of access subjects authorized currently for the particular object.
It is also easy to revoke all access to an object with the aim of enhancing the protection of the operating system with the aim of preventing external attacks or intrusion by unauthorized user. It is easier to find accesses in relation to the responsibilities or actions the subject is authorized to perform. This relates to the ability of the derivate of the access matrix in the form of capabilities. There is also the essence of flexibility and effectiveness in addressing protective needs and obligations in the context of the operating systems. Access matrix has the ability to address diverse needs through implementation of the concept of the subject and objects in the development of interactive operations (Besson et al., 2010). This makes it ideal for the utilization in enhancing protection to the operating systems in the modern society in relation to the complex elements within the context of the complex computer systems.
Despite the overwhelming benefits, there are some disadvantages in relation to the access matrix as a protective mechanism to the operating system in the context of the modern computer systems. One of the main disadvantages in associated with implementation of the capabilities derivative is difficulty in finding all subjects with the same kind of access offered to a specific object (Ya-Fen et al., 2007). This makes it difficult for the users to utilize the aspects effectively and efficiently in addressing their needs and preferences. It is also difficult to determine all accesses a subject has for the purposes of maximization of the available opportunities in relation to the complex computer systems in the modern society associated with advanced technologies.
Operating systems are the main components towards realization of effective and efficient presentation and operation of the computer systems. There is a need to prevent intrusion of malicious attackers, threats, and unauthorized users. There are components or protective mechanisms towards implementation of effective and efficient protection of the operating system. This research focused on the examination of three mechanisms: access matrix, language-based, and user authentication protective mechanism. Access matrix offers efficiency, flexibility, and effectiveness in controlling operations of the user. The language-based protection mechanism and user authentication are less expensive, flexible, and effective in addressing the needs and objectives of the users.
Ya-Fen, C., & Chin-Chen, C. (2007). Tolerant Key Assignment for Enforcing Complicated
Access Control Policies in a Hierarchy. Fundamenta Informaticae, 76(1/2), 13-23.
Besson, F., Dufay, G., Jensen, T., & Pichardie, D. (2010). Verifying resource access control on mobile interactive devices. Journal of Computer Security, 18(6), 971-998.
Shakya, I.L., Ali, F.H., & Stipidis, E.E. (2011). High user capacity collaborative code-
division multiple access. IET Communications, 5(3), 307-319.
Tripunitara, M.V., & Ninghui, L. (2007). A theory for comparing the expressive power of access control models. Journal of Computer Security, 15(2), 231-272.
The Benefits of Capability-based Protection. (2012). Communications of the ACM, 55(3), 96.
Harrison, M.A., Ruzzo, W.L., Ullman, J.D., & Gaines, R.S. (2006). Protection in Operating Systems. Communications of the ACM, 19(8), 461-471.
Rossbach, C.J., Ramadan, H.E., Hofmann, O.S., Porter, D.E., Bhandari, a., & Witchel, E.
(2008). TxLinux and MetaTM: Transactional Memory and the Operating System.
Communications of the ACM, 51(9), 83-91.
Sharairi, J. (2011). Factors Affecting the Role of Internal Auditor in the Protection of Computerized Accounting Information Systems from Electronic Penetration (a Field
Study on Banks Operating in Jordan). International Research Journal of Finance & Economics, (68), 140-160.
M. Watson, R.N. (2013). A Decade of OS Access-Control Extensibility. Communications of
The ACM, 56(2), 52-63. doi:10.1145/2408776.2408792