Security Consideration for your PC, Laptop & Tablet

Security is considered as the ability of an operating system to enforce control over the storage and transportation of data in and between the objects that the operating system supports. In multi user operating system, the concepts of security and protection are very important. User programs should not interfere with one another or with the operating system. Security systems are those, which control through the use of specific security features, access to information that only properly authorized individuals or processes operating on their behalf will have access to read, write, create or delete. There are 3 main elements of security; Confidentiality, integrity and availability.
Confidentiality
Confidentiality ensures that information is not accessed in an unauthorized manner. It is generally related to the read operations.

Integrity
Integrity ensures that the information is not amended or deleted by an unauthorized manner. It is generally related to write operations.

Availability
It ensures that information is available to the authorized users at right time.

Threats to security
Sharing and protection are requirements of modern computing environments. But these two are contradictory to each other as more sharing gives rise to possibility of more security threats. The major threats to the computing security environment are as follows:

  • Tapping: Unauthorized use of servicing.
  • Disclosure: Unauthorized disclosure to information.
  • Amendment: Unauthorized alteration or deletion of information.
  • Fabrication: Unauthorized fabrication of information.
  • Denial: Denial of service to the authorized users.

In tapping the third party accesses information without the knowledge of the other two parties. Whereas, in disclosure the source part willingly discloses information to the third party.

Security attacks
The security can be attacked and penetrated in number of ways:

Authentication
Authentication means verification of access to the system resources. Following are some of the ways in which authentication may take place:

  • By stealing and using someone‚Äôs password.
  • Use of vendor supplied password which can be used by only system administrator.
  • Finding password by trial and error method.
  • Writing dummy login programs to fool the user.

Browsing

  • There exist files with access controls, which are very permissive.
  • One can browse through the system file to get this information, after which unprotected files/databases could be easily accessed.
  • Confidential information can be read or even modified.

Trap doors

  • Sometimes software engineers leave some secret entry point to modify their programs. These are called trap doors.
  • They can be misused by others.

Electric data capture
Use of active or passive wire traps, or mechanisms to pick up the screen radiation and to recognize what is displayed on screen is called electric data capture.

Invalid parameters

Passing invalid parameters may cause serious security violations.

Line trapping

A special terminal is used to tap into communication line. It causes access to confidential data.

Waste recovery

By using some technique, deleted files can be recovered, password may be recollected.

Rogue software

Certain programs like worms, viruses attack on system.