In a computer system, there is often sensitive data, to which it is not desirable that there should be public access. The operating system must be able to protect files, memory and setup data so that unauthorized persons cannot read or modify the data.
There are four groups of security for computer systems.
1. Data Confidentiality
2. Data Integrity
3. Access to the system
4. Attacks from outside
Data Confidentiality concerns how to prevent unauthorized access to data on computers. This is important for protecting documents to prevent unauthorized persons from gaining access to- or reading them. This applies not only to secret documents, but also personal data that could be sensitive.
Data Integrity is about preventing unauthorized changes to data in files. This applies not only to a change of data, but also to remove or to add false data. An example of this is a student who will attempt to get into the school’s computer system to change his/her grade.
Access to the system revolves around nobody being allowed to disturb the system or to put it out of operation.
Attacks from outside concerns the preventing of attacks via the Internet, as hackers may attempt to gain control of computers via the Internet. One way to do this is by the use of a virus. By gaining control of a computer, hackers can use the computer for illegal activities or to send e-mails (spam).
With Windows NT came the following security in the Windows operating system:
· Secure login
· Access control for files
· Privileged access control
· Address space defense for each process
· Clearance of pages in memory Auditing of computer systems
Secure login means that all users use a password to login. Ctrl + Alt + Delete has been used to login, the purpose of the Ctrl + Alt + Delete being that no one should be able to add fake login windows to capture users’ passwords.
Access control to files allows a user who owns a file to decide who else can access the file. Privileged access control means that the administrator has the right to determine access to files if needed, i.e. the administrator can change users’ rights.
Address space defense for each process means that each process has protected addresses that unauthorized processes cannot access.
The clearance of pages in a memory means that new pages loaded into the memory will not be able to find information left behind by the previous pages. This makes it difficult for spyware to snoop into memory.
Auditing means that the system writes events in a network that may affect safety to a log file. The administrator will then be able to get information about what is happening on the system by reading the log files. The administrator can decide which events to monitor, and such events can be:
* Someone tries to do something on the system that is not allowed.
* Someone attempts to log on several times because the login fails.
