...2013 Operating systems that have numerous users with various security level clearances will require file protection. A UNIX operating system with 5,000 users could implement conventional UNIX file access controls if 4,990 of those users share the same level of security clearance. By means of a file access control structure on the UNIX operating system, each individual user is given a user ID (special user identification number). Users on a UNIX operating system will be allocated to a main class and possibly a variety of classes that will be associated with a unique class ID. Whenever a user creates a file, it is indicated by the individual’s unique user ID along with the user’s main class ID. Each individual user's accessibility is managed by the administrator with a file access control security type structure. The administrator can manage the permissions of all three main classes; read, write, and execute. Access is permitted to three types of users: the creator or owner of the file, the class the file belongs to, and various users with access to the system despite their class. The access control policy affects the level of access that is permitted by whom and under what conditions. Discretionary Access Control (DAC) manages permissions based on the requester’s identity and the regulations linked to access and permissions. Mandatory Access Control (MAC) manages permissions based on assessing protection labels that specify how delicate or crucial the systems resources are and...
Words: 526 - Pages: 3
...clueless on the operating system. It is different, exciting when a new and advance system comes out. But some of us are so confused when it comes to the basics of new technology. Operating systems are programs which manages the computer’s hardware. The systems provide a basic for the applications programs between the computer user and its hardware. When looking, there are so many different types of operating systems that are available. The four main operating systems that are used are Windows, Mac, UNIX, and Linux. For every computer there are many different items that make the system a whole. When it comes to the different operating systems there are different features available, even though when you think of computers a person might think security will all be the same but there are difference between each one. As you read more you will understand the security and the difference between a MAC, UNIX/LINUX and Windows systems and how each one works. Access control goal is to protect a resource from unauthorized access while facilitating seamless and legitimate use of such resources. Presently, each day users hold the need to access to those resources through a broad line of devices, such as PCs, laptops, PDA, smartphones and kiosks. Most organizations need to provide protection for their files and allow the correct people to access. The fundamental goal of an Access management system is to maintain confidentiality of user information and access, integrity of information...
Words: 2672 - Pages: 11
...Operating System: Linux is one of popular version of UNIX operating System. It is open source as its source code is freely available. It is free to use. Linux was designed considering UNIX compatibility. It's functionality list is quite similar to that of UNIX. Linux is a free distributed implementation of a Unix-like Kernel Developed by Linus Torvalds at the University of Helsinki with the help of programmers across the Internet. Linux history: * Linux features: Following are some of the important features of Linux Operating System. * Portable - Portability means softwares can works on different types of hardwares in same way.Linux kernel and application programs supports their installation on any kind of hardware platform. * Open Source - Linux source code is freely available and it is community based development project. Multiple teams works in collaboration to enhance the capability of Linux operating system and it is continuously evolving. * Multi-User - Linux is a multiuser system means multiple users can access system resources like memory/ ram/ application programs at same time. * Multiprogramming - Linux is a multiprogramming system means multiple applications can run at same time. * Hierarchical File System - Linux provides a standard file structure in which system files/ user files are arranged. * Shell - Linux provides a special interpreter program which can be used to execute commands of the operating system. It can...
Words: 6867 - Pages: 28
...Operating Systems POS/355 Intro to Operating Systems November 5, 2012 Differences and Similarities Between Operating Systems There are many similarities and differences among the top desktop operating systems UNIX/Linux, Windows, and Mac. An operating system is the software which operates the basic functions of a computer. Among these functions are task scheduling, I/O, and the execution of programs. There are key areas in which these operating systems must function. Memory management, processor management, file management, and security are the main focus of an operating system. Memory management refers to the way an operating system manages the computer memory. Processor management is the way the computer handles processing of programs. File management is the way an operating system allows files to be saved, deleted and handled by the user. Security is addressed by the operating system to ensure that the files on a computer are safe from unwanted intrusion and manipulation. Each of the three operating systems confronts these functions in their own way. In some ways they are similar and there are also specific differences. Memory management is the function of a computers operating system responsible for managing the computers primary memory. The memory management function keeps track of the status of each memory location, either allocated or free. It determines how memory is allocated among competing processes, deciding who gets memory, when they receive it, and how much...
Words: 3344 - Pages: 14
...Give an example in which the operating system would use a bit map to manage resources? Q2: What is difference between a stack and queue? Where would operating use each of these data structures? Queue servers in FIFO manner were as the Stack servers in LIFO manner. Queue is used as buffers where the store and forward is required. It is used to maintain the job queues. It is used to maintain the thread queues. It also used to maintain the I/O request etc… Stack is used to store the registers, flags and other details of process or thread during interrupts or system call. Operating system uses these data structures to perform various tasks for example. Operating system uses stack while we use UNDO option it follows stack data...
Words: 1498 - Pages: 6
...and UNIX† Hans Hedbom1,2, Stefan Lindskog1,2, Stefan Axelsson1 and Erland Jonsson1 1Dept of Computer Engineering 2Dept of Computer Science Chalmers University of Technology S-412 96 Göteborg, SWEDEN {sax, Erland.Jonsson}@ce.chalmers.se University of Karlstad S-651 88 Karlstad, SWEDEN {Hans.Hedbom, Stefan.Lindskog}@hks.se Abstract This paper presents a brief comparison of two operating systems, Windows NT and UNIX. The comparison covers two different aspects. First, we compare the main security features of the two operating systems and then we make a comparison of a selection of vulnerabilities most of which we know have been used for making real intrusions. We found that Windows NT has slightly more rigorous security features than “standard” UNIX but the two systems display similar vulnerabilities. The conclusion is that there are no significant differences in the “real” level of security between these systems. †Presented at the Third Nordic Workshop on Secure IT Systems, NORDSEC’ 5-6 November, 1998, Trondheim, Norway. 98, 1. Introduction It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems. In order to verify (or refute) this statement we have made a brief comparison of the security of Windows NT to that of UNIX. UNIX was selected as a reference since it is well-known and widely spread. Thus, the target systems were (1) a networked Windows NT 4.0 and (2) UNIX with NFS (Network File System) and...
Words: 6676 - Pages: 27
...Table of Contents Project Outline 3 Security Requirements 4 Perimeter Security 5 Client and Server Security 10 Database Security 10 Server Security 12 Wireless and Remote Access Security 15 Security Configuration Management 19 References 23 Project Outline Tiger Tees is a medium sized business with 4 locations across the eastern United States. This company produces and sells t-shirts for school systems, both locally and across the country via the internet. The organization’s headquarters is located in Beckley, West Virginia, and employs 25 people. The departments include the warehouse, human resources, accounting, sales, and administration. The second location of Tiger Tees is located in Columbus, Georgia, and employs 10 people full time, and 4 persons part time. The third location is located in Washington, DC, and employs 15 people. The fourth location located in Richmond, Virginia is the smallest of all the locations employing 5 persons full time. Tiger Tees is a fast growing company in dire need of a secure network that will ensure that the confidentiality, integrity, and availability of client information remain confidential. All transactions completed are sent to the organizational headquarters in Beckley, WV and processed there. In the past these orders and transactions have been completed by telephone and e-mail. A secure wide area network would streamline this process making the transactions more secure, and providing faster service to the customers...
Words: 5336 - Pages: 22
...secure operating system remains a critical research problem. Linux has several security developments included in its open source operating system. Among these are SELinux, chroot jail, and iptables to name a few. SELinux is Security Enhanced Linux. The National Information Assurance Research Laboratory of the National Security Agency was in charge of carrying out the research and advanced development of technologies needed to enable the NSA to provide the solutions, products, and services to achieve Information Assurance for information infrastructures essential to the security of the U.S. National Security. The Security-enhanced Linux prototype was developed by the NSA along with research partners from NAI Labs, Secure Computing Corporation (SCC), and the MITRE Corporation. Many other contributions have followed since the initial release.(NSA-National Security Agency, 2009) Researchers in the National Information Assurance Research Laboratory of NSA worked with Secure Computing Corporation (SCC) to develop a strong, flexible mandatory access control architecture based on a mechanism first developed for the LOCK system called Type Enforcement. The NSA and SCC then worked with the University of Utah’s Flux research group to transfer the architecture to the Fluke research operating system. The architecture was enhanced, when it was transferred, to provide better support for dynamic security policies. This enhanced architecture was named Flask. SELinux implements the Flask security...
Words: 1498 - Pages: 6
...labs. The labs were very detailed which made is very interesting to work on them. Completing the class labs made the book make a lot more sense because I was able to do the actual hands on part with the labs on the virtual network. One interesting thing I learned taking this class was about the CAC card that I thought was just a very simple access card, but taking this class Dr. Powell broke it down into sections of how it works. I also worked on Linux and have a better understanding of the operating system. The Common Access Card, usually known as the CAC card, is a smart card about the size of a credit card. This card is the standard identification for United States Department of Defense (DoD) civilian employees, active-duty military personnel, Selected Reserve, and eligible contractor personnel. The CAC is designed to provide two factors of authentication; what the user has which is the physical card, and what the user and only the user themselves know which is the pin/password. It's also the principal card that’s used to enable physical access to buildings and controlled spaces, and it also provides access to defense computer systems and networks. The integrated circuit chip (ICC) which is the the little gold chip that is usually located at the bottom of the card contains information about the owner, including the PIN and one or more PKI digital certificates. The ICC comes in different capacities, with the most recent versions issued at 64 and 144 kilobytes (KB). One of...
Words: 1397 - Pages: 6
...computer security. This paper examines computer viruses as malicious logic in a research and development environment, relates them to various models of security and integrity, and examines current research techniques aimed at controlling the threats viruses in particular, and malicious logic in general, pose to computer systems. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken. 1. Introduction A computer virus is a sequence of instructions that copies itself into other programs in such a way that executing the program also executes that sequence of instructions. Rarely has something seemingly so esoteric captured the imagination of so many people; magazines from Business Week to the New England Journal of Medicine [39][48][60][72][135], books [20][22][31][40][50][67][83][90][108][124], and newspaper articles [85][91][92][94][114][128] have discussed viruses, applying the name to various types of malicious programs. As a result, the term “computer virus” is often misunderstood. Worse, many who do understand it do not understand protection in computer systems, for example believing that conventional security mechanisms can prevent virus infections, or are flawed because they cannot. But computer viruses use a number of well-known techniques in an unusual order; they do not employ previously-unknown methods. So, although existing computer security mechanisms were not designed...
Words: 12539 - Pages: 51
...UNIX/Linux versus Mac versus Windows Rough Draft Annette Freshwater, POS355 November 4, 2013 Alicia Pearlman UNIX/Linux versus Mac versus Windows Final In today’s world of technology creation, development, and enhancement there are key factors to take into consideration. The choice of operating systems can determine the software and hardware utilized, the applications of the devices or programs, and determines the demographic, which will use the products. However the ever-changing field of technology has become more user-friendly, compatible, and more accepted in main stream than before. The main operating systems employed today are as follows: UNIX/Linux, Mac, and Windows. We will explore the various aspects of key components in these operating systems, memory, process, and file management along with the security of each system. The comparison of each system will determine the operating system best suited for the needs of our creations, projects, and improvements to the technology of the past, present, and future. MEMORY MANAGEMENT Memory management in multiprocessor systems is essential in executing several processes simultaneously. The multitasking of a system aids the user in accomplishing his or her task more efficiently than with a single processor system, which is important in the current climate of today’s multifaceted mix of professional and personal world. Why choose UNIX/Linux, Mac, or Windows to develop a device, product, or program? The...
Words: 2557 - Pages: 11
...Rackspace, is a hosting and cloud system organization. For this company it is vital that information is stored in data bases that are run by organizations, locally hosted on personal computers. Intruders can access this information if it is not properly secured. Therefore the purpose of this study is to inform about the current savvy technologies that can be applied to completely thwart intruders from accessing such delicate information within Rackspace. Part 1: Project Identification and Business Environment For this project to go on in a smooth and effective manner different individuals must carry on certain specified task. For Rackspace, this means that every person must hold on to a responsibility to properly and pursue it to the end. Some of the responsibilities are interdepended and other are depended. In case of an interdependent responsibility there will be a proper communicated channel of events that will ensure that information is traversed from one source to another to smoothen up events. Therefore, the following a list of responsible individuals who will implement the process of securing the database of an organization. Company Chief Executive Officer Responsible for overseeing the success of the entire project and making decisions regarding the financial needs and effects of the project to the organization. Information and Communication Technology Manager The responsibilities include making major decisions in the department that controls an organization’s database...
Words: 3927 - Pages: 16
...Security of a system when you are open to the internet is paramount in the world of servers. Linux has many layers of ever evolving security in order to keep up with the would be attackers in cyberspace. This is one of the reasons that Linux is one of the most used servers for internet sites and has few viruses engineered towards it. IP Tables Developed by the Netfilter organization the IP tables package for Linux is an evolution of the IP chains which came from the IPv4 Linux firewall package. Paul Russel was the initial head author of the organization and also behind the IP chains project The Netfilter organization began to come together in 1999 and through collaboration and research recognized the shortcomings of the IP chains package and developed this new product in order to address these concerns and make needed improvements. The improvements added to the new IP tables package helped improve performance and overall security. Better integration with the kernel led to improved speed and reliability but the true value came from the new security features. Stateful packet inspection allows the firewall to keep track of every connection passing through it allowing for better monitoring and can even view certain contents and attempt to anticipate actions of certain protocols. Also the ability to filter packets based on MAC address and TCP header flags helps to prevent attacks using malformed packets. Even a rate limiting feature that is designed to eliminate some denial...
Words: 1131 - Pages: 5
...Unix/Windows Systems Review for Riordan Manufacturing Micah Gerber POS/420 December 21, 2012 Charles Mathieu Abstract Riordan Manufacturing is the leader in the plastic injection molding industry with facilities in both the United States and China. As a large global operation, having adequate systems in place to support the organization network and databases is of upmost importance. A critique which addresses the benefits and disadvantages of using UNIX or Linux versus Microsoft Windows Server within Riordan Manufacturing will be completed by Team A. Areas to be addressed within the critique will cover security, administration, networking, performance, programmability, and reliability as it relates to UNIX or Linux and Microsoft Windows Server. Riordan Manufacturing currently has a combination of Unix and Windows servers which support the organization, however, the team will recommend that the organization standardize it’s systems to support one platform across the agency. Through this recommendation Riordan’s Manufacturing infrastructure will have one platform Security Review The histories of both Windows and UNIX security development have taken diametric paths. The Windows operating system (OS) is monolithic by design, which means that most of the features are integrated into a single unit and is located into the core of the OS. UNIX, on the other hand is based on the core of the operating systems residing in a distributed manner where...
Words: 1893 - Pages: 8
...LINUX System Programming Other Linux resources from O’Reilly Related titles Building Embedded Linux Systems Designing Embedded Hardware Linux Device Drivers Linux Kernel in a Nutshell Programming Embedded Systems Running Linux Understanding Linux Network Internals Understanding the Linux Kernel Linux Books Resource Center linux.oreilly.com is a complete catalog of O’Reilly’s books on Linux and Unix and related technologies, including sample chapters and code examples. ONLamp.com is the premier site for the open source web platform: Linux, Apache, MySQL and either Perl, Python, or PHP. Conferences O’Reilly brings diverse innovators together to nurture the ideas that spark revolutionary industries. We specialize in documenting the latest tools and systems, translating the innovator’s knowledge into useful skills for those in the trenches. Visit conferences.oreilly.com for our upcoming events. Safari Bookshelf (safari.oreilly.com) is the premier online reference library for programmers and IT professionals. Conduct searches across more than 1,000 books. Subscribers can zero in on answers to time-critical questions in a matter of seconds. Read the books on your Bookshelf from cover to cover or simply flip to the page you need. Try it today for free. LINUX System Programming Robert Love Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux System Programming by Robert Love Copyright...
Words: 125679 - Pages: 503
