Security and protection measures together ensure that only authorized users can access a file. This chapter discusses different kinds of security and protection threats in an operating system, measures used to thwart these threats, and the role played by the encryption technique in implementing these measures. | Chapter 15 Security and Protection Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Introduction Overview of Security and Protection Security Attacks Formal Aspects of Security Encryption Authentication and Password Security Protection Structures Protection Domain Capabilities Classifications of Computer Security Case Studies in Security and Protection 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Overview of Security and Protection A threat is a possible form of interference Security: threats to resources from nonusers Protection: threats from users 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Overview of Security and Protection (continued) 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Overview of Security and Protection (continued) 15. Operating Systems, by Dhananjay | Chapter 15 Security and Protection Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Introduction Overview of Security and Protection Security Attacks Formal Aspects of Security Encryption Authentication and Password Security Protection Structures Protection Domain Capabilities Classifications of Computer Security Case Studies in Security and Protection 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Overview of Security and Protection A threat is a possible form of interference Security: threats to resources from nonusers Protection: threats from users 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Overview of Security and Protection (continued) 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Overview of Security and Protection (continued) 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Goals of Security and Protection Only privacy is exclusively a protection concern Controlled sharing based on need-to-know principle 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Security and Protection Threats Examples of security threats: Threats raised by data and programs downloaded from the Internet Examples of protection threats: Illegal access to a resource or a service by a process An attempt to tamper with messages Security threats can arise more easily in a distributed OS 15. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Security Attacks Security attack: attempt to breach security of a system Terminology: security attacks, adversary, intruder Two common forms of security attacks are: Masquerading: assume identity of a registered user through illegitimate means Denial of .