Security OS

The document outlines the importance of operating system (OS) security, emphasizing that a compromised OS can lead to unauthorized access and data exposure. It details key security goals such as authentication, authorization, confidentiality, integrity, and availability, along with built-in security features like User Account Control and file permissions. Additionally, it highlights common OS-level threats and the necessity of regular updates and patch management to mitigate vulnerabilities.

Uploaded by

Abdullah Azar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

23 views13 pages

Security OS

Uploaded by

Abdullah Azar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 13

Security

(D/618/7406 )
Operating System Security Concepts and Features
Assess risks to IT security

O. K. B. Kavsilu
BSc. (Hons.) in Computer Science (Kingston, UK), Cert. in IT (BCS, UK)
Why OS Security Matters
• The operating system (OS) is the heart of any computing
environment.
• If the OS is compromised:
• Attackers can bypass application-level controls
• Malware can gain administrative or root access
• Confidential data (files, passwords) can be exposed

• Protecting the OS is foundational to securing the entire system.

Key OS Security Goals
• Authentication – Verify user identity using credentials (e.g., passwords,
biometrics)
• Authorisation – Grant access to resources only to permitted users
• Confidentiality – Prevent unauthorised data access
• Integrity – Ensure system and data are not altered maliciously
• Availability – Keep systems operational and accessible

• These goals reflect the CIA Triad: Confidentiality, Integrity, Availability

Built-In OS Security Features
• Common OS Security Components:
• User Account Control (UAC) – Prevents unauthorised changes
• File Permissions and ACLs – Control access to files/folders
• System Event Logs – Track activity for auditing
• Password Policies – Enforce strong authentication
• Automatic Updates – Patch known vulnerabilities
• Security Configuration Tools – Manage policies and restrictions

• Modern operating systems have built-in security frameworks by default.

User Account Control (UAC)
• Introduced in Windows Vista, still essential today
• Prevents software from making system-level changes without permission
• Displays a prompt when elevated privileges are required

• Helps enforce least privilege access – a key security principle

File System Permissions
• OS file systems use Access Control Lists (ACLs) to determine:
• Who owns a file or folder
• What actions users/groups can perform: read, write, execute, delete

• Linux uses chmod/chown, Windows uses NTFS permissions

• Misconfigured permissions are a top cause of unauthorised data exposure.
System Logs and Auditing
• System logs capture vital events:
• Login attempts
• Software installations
• Security breaches or errors
• Benefits:
• Identify patterns of attack
• Support forensic investigations
• Ensure compliance with policies

• Always review and protect your logs from tampering.

Password and Authentication Policies
• Strong authentication helps prevent brute-force, phishing, and unauthorised
access.
• Policies include:
• Enforcing minimum length and complexity
• Password expiration and history tracking
• Account lockout after failed attempts
• Two-factor authentication (2FA/MFA)
• Passwords are your first barrier – make them count!
OS Security Updates and Patch Management
• Operating systems regularly release patches to fix:
• Vulnerabilities exploited by malware
• System bugs and performance issues
• Patch Management Tips:
• Enable automatic updates where possible
• Schedule regular update checks
• Test updates in staging environments before deployment
• The WannaCry ransomware attack exploited unpatched Windows systems.
Security Features by OS Type
Feature Windows Linux macOS

Built-in AV Windows Defender ClamAV (optional) XProtect

User Privilege Control UAC Sudo/Su permissions Admin/root separation

Software Restriction AppLocker SELinux, AppArmor Gatekeeper

Updates Windows Update Package Managers Software Update Tool

Common OS-Level Threats
• Privilege escalation
• Rootkits and bootkits
• Exploits of unpatched vulnerabilities
• Keyloggers and spyware

• OS hardening and proactive monitoring can help mitigate these threats.

Mini Quiz
• 1. What does UAC stand for?
a) Universal Access Control
b) User Administrative Command
c) User Account Control
• 2. Which OS feature prevents unauthorised execution of unknown software on
macOS?
a) Gatekeeper
b) BitLocker
c) SELinux
Mini Quiz
• 3. Why are regular OS updates important?
a) To add new games
b) To fix bugs and security vulnerabilities
c) To increase battery life
• 4. What does the principle of least privilege mean?
a) Users should have no access to anything
b) Users should only get access necessary for their tasks
c) All users should have admin rights

Bai 2-2 OS Security
No ratings yet
Bai 2-2 OS Security
36 pages
Bài 3- Bảo mật HDH
No ratings yet
Bài 3- Bảo mật HDH
34 pages
5 Operating System Security
No ratings yet
5 Operating System Security
39 pages
Protection & Security of Operating Systems
No ratings yet
Protection & Security of Operating Systems
12 pages
Operating System Security Final
No ratings yet
Operating System Security Final
27 pages
OS Security Essentials
No ratings yet
OS Security Essentials
47 pages
Operating System Security
100% (1)
Operating System Security
7 pages
CSCI 620 Lecture1
No ratings yet
CSCI 620 Lecture1
30 pages
2677x CH09 NAGINPPT
No ratings yet
2677x CH09 NAGINPPT
26 pages
Secure Software Notes On Operating Systems
No ratings yet
Secure Software Notes On Operating Systems
6 pages
CS & EH-materials
No ratings yet
CS & EH-materials
40 pages
Topic 4 - Windows Security
No ratings yet
Topic 4 - Windows Security
45 pages
Term Paper Unfinished
No ratings yet
Term Paper Unfinished
14 pages
Operating System Security: CSCI620M03/CSCI445M02/ITEC445 M02 Instructor: Qian Wang
No ratings yet
Operating System Security: CSCI620M03/CSCI445M02/ITEC445 M02 Instructor: Qian Wang
30 pages
Operating System Security
100% (1)
Operating System Security
5 pages
Cybersecurity 5
No ratings yet
Cybersecurity 5
34 pages
Operating Systems Security
No ratings yet
Operating Systems Security
39 pages
Chapter 3 Operating Systems Security1
100% (1)
Chapter 3 Operating Systems Security1
25 pages
System Security
No ratings yet
System Security
120 pages
Lecture06 - Operating System Security
No ratings yet
Lecture06 - Operating System Security
39 pages
Operating Systems: Security and Privacy
No ratings yet
Operating Systems: Security and Privacy
8 pages
System Security
No ratings yet
System Security
115 pages
OS Security 01
No ratings yet
OS Security 01
9 pages
OS Security Essentials
No ratings yet
OS Security Essentials
29 pages
Ass 2 System Security
No ratings yet
Ass 2 System Security
6 pages
Term Paper2
No ratings yet
Term Paper2
26 pages
AKASH CHOWDHURY - Operating
No ratings yet
AKASH CHOWDHURY - Operating
6 pages
Chap03 - Security Part I - Auditing Database Systems and Networks
No ratings yet
Chap03 - Security Part I - Auditing Database Systems and Networks
63 pages
Chapter 4 - Operation System Security - 1
No ratings yet
Chapter 4 - Operation System Security - 1
46 pages
Introduction To Security
No ratings yet
Introduction To Security
9 pages
What Is OS Security
No ratings yet
What Is OS Security
3 pages
Material Estudio
No ratings yet
Material Estudio
749 pages
Operating System Security
No ratings yet
Operating System Security
11 pages
Advanced Comp Applications
No ratings yet
Advanced Comp Applications
15 pages
Cis Report - 20250809 - 063448 - 0000
No ratings yet
Cis Report - 20250809 - 063448 - 0000
39 pages
Unit 5 Os Notes
No ratings yet
Unit 5 Os Notes
19 pages
OS Audit & Security Guide
No ratings yet
OS Audit & Security Guide
47 pages
Computer 5 Chapter 3
No ratings yet
Computer 5 Chapter 3
8 pages
Infor Sec
No ratings yet
Infor Sec
36 pages
Protecting Application or System Software
No ratings yet
Protecting Application or System Software
89 pages
Operating System Security
No ratings yet
Operating System Security
14 pages
Chapter Two
No ratings yet
Chapter Two
18 pages
OS Security Essentials for IT Pros
No ratings yet
OS Security Essentials for IT Pros
15 pages
6 - Security Part I - Auditing Operating Systems and Networks
100% (1)
6 - Security Part I - Auditing Operating Systems and Networks
68 pages
Presentation by Shubham Malik
No ratings yet
Presentation by Shubham Malik
54 pages
OS Security for IT Students
No ratings yet
OS Security for IT Students
14 pages
Şerban Mariuţa
No ratings yet
Şerban Mariuţa
5 pages
Operating System - Security
No ratings yet
Operating System - Security
34 pages
Os Security
No ratings yet
Os Security
4 pages
Database Security - OS
No ratings yet
Database Security - OS
24 pages
Chapter 3: Security Part I: Auditing Operating Systems and Networks
No ratings yet
Chapter 3: Security Part I: Auditing Operating Systems and Networks
11 pages
Chapter 3 CIS
No ratings yet
Chapter 3 CIS
43 pages
It22 Report
No ratings yet
It22 Report
3 pages
Sample 3
No ratings yet
Sample 3
3 pages
Operating System Security
No ratings yet
Operating System Security
19 pages
L06 - IS - Operating System Security
No ratings yet
L06 - IS - Operating System Security
11 pages
CSC205 Session 03
No ratings yet
CSC205 Session 03
9 pages
Operating Sys CW2 Blief
No ratings yet
Operating Sys CW2 Blief
4 pages
Central Env. Act 1980 No 47 English
No ratings yet
Central Env. Act 1980 No 47 English
15 pages
Troubleshoot
No ratings yet
Troubleshoot
11 pages
Moduler 1
No ratings yet
Moduler 1
15 pages
Security Type's
No ratings yet
Security Type's
16 pages
Dengue Org
No ratings yet
Dengue Org
15 pages
Security Backups
No ratings yet
Security Backups
10 pages
HND Computer Systems-Pearson
No ratings yet
HND Computer Systems-Pearson
21 pages
Unit 02 - Networking - Feb 2024
No ratings yet
Unit 02 - Networking - Feb 2024
12 pages
Unit 19 Computer Systems Architecture
No ratings yet
Unit 19 Computer Systems Architecture
9 pages
NW ASSi
No ratings yet
NW ASSi
42 pages
Col e 00098463 Networking Assignment 1 Mfmi Habeebullah
No ratings yet
Col e 00098463 Networking Assignment 1 Mfmi Habeebullah
120 pages
Networking Assignment
No ratings yet
Networking Assignment
76 pages
DDD Unit 4 Data Base Assigment
No ratings yet
DDD Unit 4 Data Base Assigment
49 pages
Tamil Government Document Guide
No ratings yet
Tamil Government Document Guide
6 pages
Address Fire Panel Fpa 5000
100% (1)
Address Fire Panel Fpa 5000
7 pages
Starconnect Retail Transaction Request Form
No ratings yet
Starconnect Retail Transaction Request Form
1 page
Sensors
No ratings yet
Sensors
4 pages
Upgrade Onity HT24 to Windows 10
No ratings yet
Upgrade Onity HT24 to Windows 10
9 pages
Cryptanalytic Time-Memory Tradeoffs On COPACOBANA
No ratings yet
Cryptanalytic Time-Memory Tradeoffs On COPACOBANA
5 pages
AM Cybersecurity Tabletop Exercise Template
No ratings yet
AM Cybersecurity Tabletop Exercise Template
16 pages
PDF Intellinac Installation Guide
No ratings yet
PDF Intellinac Installation Guide
56 pages
Bluetooth Security
No ratings yet
Bluetooth Security
42 pages
Academic Letter of Appraisal
No ratings yet
Academic Letter of Appraisal
2 pages
FortiGate CLI Reference 01-400-93051-20090415
No ratings yet
FortiGate CLI Reference 01-400-93051-20090415
754 pages
HQ FN Keywords
No ratings yet
HQ FN Keywords
4 pages
Annex 603869700012681
No ratings yet
Annex 603869700012681
1 page
Fire Systems Design Accreditation
No ratings yet
Fire Systems Design Accreditation
6 pages
Data Integrity Monitoring Program
No ratings yet
Data Integrity Monitoring Program
133 pages
Encapsulation Security Payload
No ratings yet
Encapsulation Security Payload
3 pages
Panduan Pengguna DVR UNV
No ratings yet
Panduan Pengguna DVR UNV
8 pages
Facebook PDF
No ratings yet
Facebook PDF
1 page
YUKTI Help Document
No ratings yet
YUKTI Help Document
6 pages
Antique Copper Coin - Chemical Rice Puller
No ratings yet
Antique Copper Coin - Chemical Rice Puller
11 pages
krc2 Ed05 KCP Holder en
No ratings yet
krc2 Ed05 KCP Holder en
12 pages
Datasheet VTS / VTScada Version 10.1
No ratings yet
Datasheet VTS / VTScada Version 10.1
16 pages
Cucm Issues
No ratings yet
Cucm Issues
50 pages
Account Statement From 3 Jun 2020 To 3 Dec 2020: TXN Date Value Date Description Ref No./Cheque No. Debit Credit Balance
No ratings yet
Account Statement From 3 Jun 2020 To 3 Dec 2020: TXN Date Value Date Description Ref No./Cheque No. Debit Credit Balance
4 pages
Tyco Imp Questions (Co6i)
No ratings yet
Tyco Imp Questions (Co6i)
179 pages
JobCard SR958
No ratings yet
JobCard SR958
2 pages
MGBIMS - Mahatma Gautama Buddha Institute of Medical Sciences
No ratings yet
MGBIMS - Mahatma Gautama Buddha Institute of Medical Sciences
2 pages
Essentials of Network Security
100% (1)
Essentials of Network Security
6 pages
Et200sp Ha Ai 16xtc 8xrtd 2 3 4 Wire HA Manual en-US en-US
No ratings yet
Et200sp Ha Ai 16xtc 8xrtd 2 3 4 Wire HA Manual en-US en-US
70 pages
Cyber Security
No ratings yet
Cyber Security
9 pages
Digital Sovereignty, Digital Infrastructure and Indian Aadhar System
No ratings yet
Digital Sovereignty, Digital Infrastructure and Indian Aadhar System
14 pages