Analysis of Operating Systems Protective Measures

¶ … Operating Systems Protection Operating systems are the collection of programs that assist users operating computer hardware to control and managing the computer resources, providing the user interface and enforcing security measures. An operating system is referred as the physical environment that provides an interface between the underlying computer hardware and data. The advent of information and networking systems has led to the connectivity of the computer system that assists in sending and receiving data through the operating systems.

The effective application of the software system are based on the foundation operating systems, thus, a security of the operating system is very critical for the effectiveness of the computer and information system. Typically, all the modern computer systems whether network servers, laptops, hand-held devices and workstation desktops are controlled by the software called operating system, and the most popular operating systems are the Microsoft Windows, UNIX, and Linux.

Since the operating systems are very crucial for the operations of the computer systems, lack of security for the operating systems will have an impact on the overall computer system. A formal security of the operating systems is the application of the CIA (confidentiality, integrity and authentication). Presently, many operating systems have inbuilt access control mechanisms for the effective security of the operating systems. The objective of this study is to access the security vulnerabilities of the operating systems and the strategies to protect them from imminent attacks.

Vulnerabilities and Protection of Operation Systems In an information system environment, an organization may face common threats when the file or data are shared between one operating system environments to another operating system environment. A compromise on the operating systems will expose all applications in the system to danger. When the operating systems are jeopardized, overall information systems are vulnerable to attack. Moreover, lack of effective control and security systems may lead to breaking in or attack across the different application in the systems. (Anderson, 2008).

Thus, security of the operating systems is critical for the entire computer system. The operating systems are to be protected to avoid an unauthorized access to data. Critical methods of providing security for the operating systems are the: Access control, Identification and Authentication, Password policies. SSL or SSH Intrusion Detection System Intrusion Prevention System Firewall, and Antivirus or Antimalware. Identification and Authentication The identification and authentication are one of the important operating system protections.

The authentication is the process of confirming the identity of users before being allowed to gain access to the information systems. The authentication process asks the administrator or user for the identification and authentication before being allowed to gain access to the systems. At present, many organizations use the access badges for the identification and authentication. The access badges are linked to security control and system to monitor a logical access to sensitive information.

The physical authentication is another forms of security where users use the biometric measures or magnetic cards before allowing the users to access the information resources. Digital authentication is used to verify user identity using the digital procedures. Some organizations use the digital certificates that consist of digital passports to identify and verify the holders of the certificates. The digital certificate is another authentication method used to protect the operating systems. The digital certificates involve the use of the digital passport to identify and verify the holders of the certificate.

The benefit of the digital certificate is that it allows users to exchange information securely using the PKI (public key infrastructure). Moreover, the digital certificate contains the serial number, the public key for digital signatures and encrypting message. The digital certificate is also implemented through the trusted certificate authority. Access Control The access control is another security device used to protect the operating systems.

Typically, the access control is a security protocol that controls the principals such as machines, persons or processes that can be authorized having access to the resources in the information systems. The access control covers which files are allowed to be read, and programs allowed to be executed. In other words, the access control uses the authentication such as passwords to limit an access to communication ports, access to files and access to other resources in information systems.

Hu, Ferraiolo, & Kuhn, (2006) argue that access control is used to allow legitimate users into the information systems and mediate every attempt of illegitimate users gaining access to the information resources. The goal of the operating systems is to protect directories and files. Thus, an effective integration of the access control system can facilitate the sharing of information since sharing of information can be too risky in the absence of the access control.

User Password Protection and SSL The use of the strong password is another strategy to protect the operating systems. However, a strong password should consist of the combination capital letter, smaller, number and symbols. (Goodrich, & Tamassia, 2011). SSL or SSH Additionally, encryption of data using the SSL the (Secure Sockets Layer) or SSH (Secure Shell) are the other strategies to protect the operating system. The SSL or SSH assists in encrypting data transmitted over the network system thereby protecting the data from being read by an authorized individual.

However, the encrypted data can only be read by an authorized individual having the decrypted key. (Beuchelt, 2013). Relative Advantages and Disadvantages used to Protect Operating Systems Access Control The security policies to protect the operating system have advantages and disadvantages. Different benefits can be realized from using the access controls to protect the operating systems. For example, the access control assists in protecting the information resources from the unauthorized access.

Moreover, the access control model is easy to implement since it can be identified with the person trying to gain access to the information resources. Moreover, the access control enhances integrity and confidentiality of the information systems. The access control also prevents the activities that can lead to a breach of security systems thereby assisting in enhancing their confidentiality, integrity, and availability. Despite the benefits associated with the access control, this security model has different shortcomings. First, the access control is not immune from the malicious agent attack.

A malicious agent can tamper with the inputs thereby subverting the access control mechanisms. Moreover, an attacker can use the malicious software to modify the access control software thereby gaining access to sensitive information resources. A malicious software can be used to impersonate the authorized users to gain access to the system. More importantly, a hacker can bypass the access control by using the malicious agent. Identification and Authentication The advantages of authentication and identification are that they serve as an additional layer of security.

By using the authentication process, the users are able to avoid the rigors of using and remembering the complex passwords. However, the authentication security tool can be susceptible to the malicious attack. Moreover, man-in- the- middle can gain access to the system through a brute force attack. Password Policies The password policy is the least expensive method to protect the operating system since there is no extra software to install. Moreover, users can change their passwords at a convenient time.

There is also no need to install extra software in the operating system since most operating systems have inbuilt interface to input the passwords. Despite the aforementioned advantages, the password policy as a security for the operating systems is not reliable for organizations allowing employees to log in remotely because the attackers can hijack the password online. Moreover, the hacker can use software called the keylogger to record the passwords.

At present, some keylogging program can support a remote installation that allows an attacker installing the software remotely on a target computer. Some hackers can also use the phishing to hack passwords. The phishing involves the use of spoofed web pages that look like legitimate websites to steal the passwords of users. The spoofed web pages will contain the fake login, and if the users enter their passwords in the fake login page, the passwords are stolen by the hackers.

Intrusion Detection System The IDS (intrusion detection systems) are the set of programs that assist in detecting the authorized activities in the operating systems. The benefit of the IDS is that it alerts the administrator that imminent attacks are about to occur in the operating systems. Intrusion Prevention System The IPS (intrusion prevention systems) are the set of programs that prevent the unauthorized access into the operating systems. The IPS block an authorized access from the systems thereby preventing an attacker gaining access into the systems.

Firewall The firewall is the program that bocks an unauthorized network access into network system. Some attackers may attempt to gain access into the systems through network sniffing, however, if the firewall is installed in the operating system, it will block the intruders. Anti-malware or Antivirus The anti-malwares or antivirus are the tool that prevent the attackers from installing the malware into the operating systems. Some attackers may send an attachment to users that contains the malwares through the emails.

If the users download the attachment, the malware will be installed in the systems thereby steal sensitive information from the systems. Similarly, an attacker may use a spoofed website that contains the malware to gain access into the system. The best strategy to alleviate these problems is to install the anti-malwares in the systems. (Stalling, 2012). 2. Ease of Implementation of the Protective Measures. The access control is the most complicated to implement out of the four security processes for the operating systems.

An organization planning to use the access control to protect the operating system should consider implementing models, policies, and mechanisms. The access control policies are the requirements that specify the strategy to manage the accessibility of the information resources. Thus, policies set up is very critical for a successful implementation of the access control. For instance, the policies must be established to provide the protocol on how information is to be accessed and enforced. A regular auditing is also essential for the access control.

The auditing is the measures to identify actual or attempted violation of the information systems. Overview of the implementation of the access control requires an organization to put both manpower and effective information resources in place to implement an effective access control process, which some small and medium organizations may face challenging. Identification and Authentication The identification and authentication are the second most difficult to implement because of the layers of the implementation involved.

An organization intending to implement the identification and authentication process for the protection of the operating system should develop different access processes and protocols. In the UNIX operating systems, the console is used to support smart card login, and password credentials. The login process is responsible for coordinating the authentication process for the interactive users. The following process is used for the identification and authentication process: First, the system displays the login process to make the users identify themselves.

Moreover, the systems collect the credentials and present the users' credentials into the database for the authentication. Last the system permits the users to access the information resources if login details are correct. (Beuchelt, 2013). Overview of the identification and authentication security system reveals that an organization is required to install the effective software in the operating system capable of identifying the users. The next process is the verification, and input of the passwords is the strategy of verifying the identity of the users.

After verification, users need to pass through the authentication process that involves presenting the smart card, using the biometric by submitting a thumbprint or a retina scan. After the authentication, some system also uses the authorization process to limit the activities a user can perform in the systems. Similar to the access control, the implementation of the identification and authorization process may be cumbersome for the users. However, the security protocol is very critical to enhancing effective protection of the information systems.

Password Policies A password protection is the least difficult to implement for the protection of the operating systems. The process of an implementation is by mandating the user to input both the user ID (identifier) and password. In essence, the password serves as the strategy to authenticate the ID of the users before being allowed to logging into the system. Moreover, the ID determines whether the system can authorized users to gain access to the system. (Bidgoli, 2006).

In the UNIX operating system, the users can gain access to the system with the ID and password. (Santana, 2013). However, a user can gain access to the Window operating system with only a password. Thus, the ease of implementation of the password protection makes the operating system be vulnerable to attacks. Some attackers can use the password cracker program to obtain the passwords of users and use them to gain access to the system. 3.

Associated Security Management Related to Security Measures The study suggests using the file management security measures related to the operating system security. "A file management system is a set of system software that provides services to users and applications in the use of files, including file access, directory maintenance, and access control. The file management system is typically viewed as a system service that itself is served by the operating system, rather than being part of the operating system itself." (Stalling, 2012 p 569).

Moreover, after the users have successfully gained access to the systems, there is still need to provide further security measures to protect the sensitive information resources. For example, it is very critical to use the access control procedure to.