Unit 5: OS Security
UNIT 5:
OS Security: Authentication, Access Control, Access Rights, System Logs
Authentication
Authentication is the process of verifying the identity of a user or system entity attempting to access a resource. It ensures that only authorized users or entities can access protected resources. Authentication mechanisms include:
- Password-based authentication: Users provide a password to prove their identity.
- Biometric authentication: Users authenticate using unique biological traits such as fingerprints, facial recognition, or iris scans.
- Multi-factor authentication (MFA): Users authenticate using multiple factors such as passwords, biometrics, security tokens, or one-time codes.
- Single sign-on (SSO): Users authenticate once to access multiple systems or applications.
- Authentication protocols: Standards such as LDAP, Kerberos, OAuth, and OpenID Connect are used for authentication in various environments.
Access Control
Access control refers to the process of regulating access to resources based on user identities and their associated permissions. It ensures that users can only access resources that they are authorized to use. Access control mechanisms include:
- Discretionary Access Control (DAC): Users have control over their own resources and can grant or revoke access permissions to others.
- Mandatory Access Control (MAC): Access permissions are centrally controlled by system administrators or security policies.
- Role-Based Access Control (RBAC): Access permissions are assigned to roles, and users are granted access based on their roles within an organization.
- Attribute-Based Access Control (ABAC): Access decisions are based on attributes of the user, resource, and environment.
Access Rights
Access rights define the permissions granted to users or system entities for accessing resources. Access rights include:
- Read: Permission to view or read the contents of a resource.
- Write: Permission to modify or write to a resource.
- Execute: Permission to execute or run a program or script.
- Delete: Permission to delete or remove a resource.
- Permission inheritance: Some systems allow access rights to be inherited from parent resources to child resources.
System Logs
System logs are records generated by operating systems, applications, or devices that capture events, activities, and errors. System logs are essential for:
- Security monitoring: Detecting and investigating security incidents or unauthorized access attempts.
- Troubleshooting: Identifying system errors, performance issues, or configuration problems.
- Compliance: Meeting regulatory requirements by maintaining audit trails and records of system activities.
- Forensics: Analyzing system logs to reconstruct events and determine the cause of security breaches or incidents.