OPERATING SYSTEM SECURITY:
Security refers to providing safety for computer system resources like software,
CPU, memory, disks, etc. It can protect against all threats, including viruses and
unauthorized access. It can be enforced by assuring the operating
system's integrity, confidentiality, and availability. If an illegal user runs a
computer application, the computer or data stored may be seriously damaged.
System security may be threatened through two violations, and these are
as follows:
1. Threat
A program that has the potential to harm the system seriously.
2. Attack
A breach of security that allows unauthorized access to a resource.
There are two types of security breaches that can harm the system:
malicious and accidental. Malicious threats are a type of destructive
computer code or web script that is designed to cause system
vulnerabilities that lead to back doors and security breaches. On the other
hand, Accidental Threats are comparatively easier to protect against.
Security may be compromised through the breaches. Some of the
breaches are as follows:
1. Breach of integrity
This violation has unauthorized data modification.
2. Theft of service
It involves the unauthorized use of resources.
3. Breach of confidentiality
It involves the unauthorized reading of data.
4. Breach of availability
It involves the unauthorized destruction of data.
5. Denial of service
It includes preventing legitimate use of the system. Some attacks may be
accidental.
,The goal of Security System
There are several goals of system security. Some of them are as follows:
1. Integrity
Unauthorized users must not be allowed to access the system's objects,
and users with insufficient rights should not modify the system's critical
files and resources.
2. Secrecy
The system's objects must only be available to a small number of
authorized users. The system files should not be accessible to everyone.
3. Availability
All system resources must be accessible to all authorized users, i.e., no
single user/process should be able to consume all system resources. If
such a situation arises, service denial may occur. In this case, malware
may restrict system resources and preventing legitimate processes from
accessing them.
SECURITY ARCHITECTURE:
A set of physical and logical security-relevant representations (i.e., views) of system architecture
that conveys information about how the system is partitioned into security domains and makes
use of security-relevant elements to enforce security policies within and between security domains
based on how data and information must be protected.
PURPOSE:
While security architecture has many definitions, ultimately it is a set of security principles,
methods and models designed to align to your objectives and help keep your organization
safe from cyber threats. Security architecture translates the business requirements to
executable security requirements.
CHARACTERISTICS:
Security architectures generally have the following characteristics: Security
architecture has its own discrete security methodology. Security architecture
composes its own discrete views and viewpoints. Security architecture addresses
non-normative flows through systems and among applications.
, OSI architecture is internationally acceptable as it lays the flow of
providing safety in an organization.
OSI Security Architecture focuses on these concepts:
Security Attack:
Security mechanism: A security mechanism is a means of
protecting a system, network, or device against unauthorized
access, tampering, or other security threats.
Security Service:
Classifi cation of OSI Security Architecture
Classification of OSI Security Architecture
OSI Security Architecture is categorized into three broad categories
namely Security Attacks, Security mechanisms, and Security
Services. We will discuss each in detail:
1. Security Attacks:
A security attack is an attempt by a person or entity to gain
unauthorized access to disrupt or compromise the security of a system,
Security refers to providing safety for computer system resources like software,
CPU, memory, disks, etc. It can protect against all threats, including viruses and
unauthorized access. It can be enforced by assuring the operating
system's integrity, confidentiality, and availability. If an illegal user runs a
computer application, the computer or data stored may be seriously damaged.
System security may be threatened through two violations, and these are
as follows:
1. Threat
A program that has the potential to harm the system seriously.
2. Attack
A breach of security that allows unauthorized access to a resource.
There are two types of security breaches that can harm the system:
malicious and accidental. Malicious threats are a type of destructive
computer code or web script that is designed to cause system
vulnerabilities that lead to back doors and security breaches. On the other
hand, Accidental Threats are comparatively easier to protect against.
Security may be compromised through the breaches. Some of the
breaches are as follows:
1. Breach of integrity
This violation has unauthorized data modification.
2. Theft of service
It involves the unauthorized use of resources.
3. Breach of confidentiality
It involves the unauthorized reading of data.
4. Breach of availability
It involves the unauthorized destruction of data.
5. Denial of service
It includes preventing legitimate use of the system. Some attacks may be
accidental.
,The goal of Security System
There are several goals of system security. Some of them are as follows:
1. Integrity
Unauthorized users must not be allowed to access the system's objects,
and users with insufficient rights should not modify the system's critical
files and resources.
2. Secrecy
The system's objects must only be available to a small number of
authorized users. The system files should not be accessible to everyone.
3. Availability
All system resources must be accessible to all authorized users, i.e., no
single user/process should be able to consume all system resources. If
such a situation arises, service denial may occur. In this case, malware
may restrict system resources and preventing legitimate processes from
accessing them.
SECURITY ARCHITECTURE:
A set of physical and logical security-relevant representations (i.e., views) of system architecture
that conveys information about how the system is partitioned into security domains and makes
use of security-relevant elements to enforce security policies within and between security domains
based on how data and information must be protected.
PURPOSE:
While security architecture has many definitions, ultimately it is a set of security principles,
methods and models designed to align to your objectives and help keep your organization
safe from cyber threats. Security architecture translates the business requirements to
executable security requirements.
CHARACTERISTICS:
Security architectures generally have the following characteristics: Security
architecture has its own discrete security methodology. Security architecture
composes its own discrete views and viewpoints. Security architecture addresses
non-normative flows through systems and among applications.
, OSI architecture is internationally acceptable as it lays the flow of
providing safety in an organization.
OSI Security Architecture focuses on these concepts:
Security Attack:
Security mechanism: A security mechanism is a means of
protecting a system, network, or device against unauthorized
access, tampering, or other security threats.
Security Service:
Classifi cation of OSI Security Architecture
Classification of OSI Security Architecture
OSI Security Architecture is categorized into three broad categories
namely Security Attacks, Security mechanisms, and Security
Services. We will discuss each in detail:
1. Security Attacks:
A security attack is an attempt by a person or entity to gain
unauthorized access to disrupt or compromise the security of a system,
