Introduction
File system often contain information that is highly valuable to their users.
Protecting information against unauthorized usage is therefore major concern of
all file system. In the following unit we will look at a variety of issues concerned
with security and protection.
Security policy and mechanism
i. The term security and protection are often used interchangeable.
ii. Nevertheless, it is frequently useful to make a distinction between the general problems involved in making sure that files are not read or modified by unauthorized persons, which include technical, managerial, legal and political issues on the one hand, and the specific operating system mechanism used to provide security on the other to avoid confusion, we will use the term security to refer to the overall problem, and the term protection mechanisms to refer to the specific operating system mechanisms used to safeguard information in the computer.
iii. The boundary between them is not well defined, however.
iv. A more interesting problem is what to do about intruders.
v. These come in two varieties.
vi. Passive intruders just want to read files they are not authorized o read.
vii. Active intruders are more malicious; they want to make unauthorized changes to data.
viii. When designing a system to be secure against intruders, it is important to keep in the mind the kind of intruders one is trying to protect against. Some common categories are:
1) Casual prying by non technical users. Many people have terminals to time sharing systems on their desks, and human nature being what it is, some of them will read other people’s electronic mail and other files if no barriers are placed in the way. Most UNIX systems, for example, have the default that all files are publicly readable.
2) Snooping by insiders. Student, systems programmers, operators, and other technical personal often consider it to be a personal challenge to break the security of the local computer system. They often are highly skilled and are willing to devote a substantial amount of time to effort.
3) Determined attempt to make money. Some bank programmers have attempted to break into a banking system to steal from the bank. Scheme have varied from changing the software to truncate rather than round interest, keeping the fraction of a cent for themselves, to siphoning off accounts not used in years, to blackmail.
4) Commercial or military espionage. Espionage refers to serious and wellfunded attempt by a competitor or foreign country to steal programs, trade secret, patents, technology, circuit design, marketing plans, and so forth. Often this attempt will involve wiretapping or even erecting antennas directed at the computer to pick up its electromagnetic radiation.
Authentic basic concept
a. A major security problem for operating system is the authentication problem.
b. The protection system depends on an ability to identify the programs and processes that are executing.
c. This ability in turn, eventually rests on our power to identify each user of the system. A user normally identifies himself.
d. How do we determine if a user identity is authentic? Generally, authentication is base on some combination of three set of items: user possession (a key or card),user knowledge (a user identifier and password), and a user attribute ( finger print, retina pattern, or signature)
e. The most common approach to authenticating a user identity is the use of user passwords.
f. When the user identifies herself by user id or account name, she is asked for a password. If the user supplied password, matches the password stored in the system, the system assume that the user is legitimate.
Password
Passwords are often used to protect object in the computer system,
in the absence of more complete protection scheme. They can be considered a
special case of either keys or capabilities. For instance, a password could be
associate with each resource such as file. Whenever a request is made to use the
resource, the password must be given. If the password is correct, access is granted. Different passwords may be associated with different access rights. For
example, different password may be used for reading, appending and updating a
file.
Artifact
A completely different approach to authorization is to check to see
if the user has some item, normally a plastic card with a magnetic stripe on it.
The card is inserted into the terminal, which then checks to see whose card it is.
This method can be combined with a password, so a user can only log in if he
1. has the card
2. knows the password
Automated cash dispensing machine usually work this way.
Another technique is signature analysis. The user sign his name with a special
pen connected to the terminal and the computer compares it to a known
specimen stored online. Even better is not to compare the signature, but compare
the pen motion made while writing it. A good forger may be able to copy the
signature, but will not have a clue as to the exact order in which the stroke were
made.
Biometric Technique
Yet another approach is to measure physical characteristic that are
hard to forge. For example a finger print or a voiceprint reader in the
terminal could verify the users identity (it make the search go faster if the
user tells the computer who he is, rather then making the computer
compare the given fingerprint to the entire database)
Finger length analysis is surprisingly practical. When this is used
each terminal has a device. The user inserts his hand into it and the length
of all his finger is measured and check against the database.
