Sunday, December 21, 2014

System Security

1. Protection and Security

  • Protection
    • any mechanism for controlling accesses of processes or users to resources defined by the OS
  • Security
    • defense of the system against internal and external attacks
      • huge range, including denial-of-service, worms, viruses, identity theft, theft of services
  • System generally first distinguish among users, to determine who can do what
    • user identities (user IDs, security IDs) include name, and associated number, one per user
    • user ID then associated with all files, processes of that user to determine access control 
    • group identifier (group id) allows set of users to be defined and controls managed, then also associated with each process, file 
    • privilege escalation allows user to change to effective ID with more rights

No comments:

Post a Comment