Wednesday 9 January 2019

Security Environment and Program Threats in OS Security

Security Environment


Security Problem
  • Security must consider external environment of the system, and protect the system resources.
  • Intruders (crackers) attempt to breach security.
  • Threat is potential security violation.
  • Attack is attempt to breach security.
  • Attack can be accidental or malicious.
  • Easier to protect against accidental than malicious misuse.
Intruders
  • Snooping by insiders
  • Determined attempt to make money
  • Casual prying by nontechnical users
  • Commercial or military espionage

Accidental Data Loss
  • Hardware or Software error
            - CPU malfunction
            - Disk crash
            - Program bugs
  • Human errors
           - Data entry
           - Wrong tape mounted
  • Acts of God
           - Fires
           - Earthquakes
           - Wars


Program Threats
  • Trojan Horse
         - Code segment that misuses its environment
         - Exploits mechanisms for allowing programs written by users to be executed by other users.
         - Spyware, pop-up browser windows, convert channels
  • Trap Door
         - Specific user identifier or password that circumvents normal security procedures.
         - Could be included in a compiler.
  • Logic Bomp
          - Program that initiates a security incident under certain circumstances
  • Stack and Buffer Overflow
          - Exploits a bug in a program (overflow either the stack or memory buffers)
  • Viruses
         - Code fragment embedded in legitimate program
         - Very specific to CPU architecture, operating system, applications
         - Usually borne via email or as a macro
              * Visual Basic Macro to reformat hard drive
                     Sub AutoOpen( )
                      Dim oFS
                         set oFS = CreateObject("Scripting.FileSystemObject")
                           vs = Shell("c:command.com/kformat  c:" ,vbHide)
                                End Sub


0 Comments:

Post a Comment

Popular Posts

Categories

AI (27) Android (24) AngularJS (1) Assembly Language (2) aws (17) Azure (7) BI (10) book (4) Books (113) C (77) C# (12) C++ (82) Course (60) Coursera (176) coursewra (1) Cybersecurity (22) data management (11) Data Science (85) Data Strucures (6) Deep Learning (9) Django (6) Downloads (3) edx (2) Engineering (14) Excel (13) Factorial (1) Finance (5) flutter (1) FPL (17) Google (18) Hadoop (3) HTML&CSS (46) IBM (25) IoT (1) IS (25) Java (92) Leet Code (4) Machine Learning (43) Meta (18) MICHIGAN (4) microsoft (3) Pandas (3) PHP (20) Projects (29) Python (726) Python Coding Challenge (170) Questions (2) R (70) React (6) Scripting (1) security (3) Selenium Webdriver (2) Software (17) SQL (40) UX Research (1) web application (8)

Followers

Person climbing a staircase. Learn Data Science from Scratch: online program with 21 courses