Create a Report on Security mechanism of operating System

PART A
Micro-project Proposal

“Create a Report on Security mechanism of operating System”

1. Aim/Benefits of the Micro-Project: -

Create a Report on Security mechanism of operating System

2. Course Outcomes Addressed: -

CO I: Install Linux operating system and config it.

CO II: Use operating system tools to perform various functions.

3. Proposed Methodology: -

1. Discuss with your subject teacher about micro project.

2. Select the name of micro-project.
3. Collect the basic information about project.
4. Discuss with group members about micro-project.
5. Divide work into your group members.
6. Start actual working on project with proper knowledge.
7. Take guidance of teacher to remove mistakes.
8. Complete your project.

Department of CO(AY:2024-2025) Page 1 of 19

Create a Report on Security mechanism of operating System

4. Action Plan: -

Sr. No. Details Of Activity Plan Start DatePlan End Date Name Of Responsible
Members

Topic Selection 22/01/2024 02/01/2024 All Group Members

1.

2. Discussion About Topic 22/01/2024 20/01/2024 All Group Members

Collection of
22/01/2024 28/01/2024 All Group Members
3. Information

Created Part A
4. Of Micro-Project 01/02/2024 12/02/2024 All Group Members

Created Part B Of
12/02/2024 04/03/2024 All Group Members
5. Micro-Project

Implementation of
11/03/2024 15/03/2024 All Group Members
6. Micro-Project
Completion of Micro-
19/03/2024 28/03/2024 All Group Members
7. Project

Presentation Of
01/04/2024 01 /04/2024 All Group Members
8. The Micro-project

Department of CO(AY:2024-2025) Page 2 of 19

Create a Report on Security mechanism of operating System

5. Resources required: -

Sr. Name Of Resource Specification Quantity

No

1. Laptop/PC Hp Intel Core I3 1

Word Document,
2. Software 2
Ubuntu OS
Operating System - Sachin shah
3. Books 1

Name of Team Members with Enrollment number: -

Sr.no. Enrollment no. Seat no. Name of student

1 2212280010 23211 Hude Janhavi Ramdas
2 2212280011 23212 Patil Asmita Baban

3 2212280012 23213 Bauchkar Pranoti Suryakant

Department of CO(AY:2024-2025) Page 3 of 19

Create a Report on Security mechanism of operating System

PART B
Micro-Project Report

1. Introduction:

In today's digital age, operating systems (OS) play a vital role in managing computer
hardware resources and providing a platform for running various applications. As the OS is
responsible for controlling access to system resources, it is a prime target for cyber-attacks and
malicious activities. Therefore, it is essential to implement robust security mechanisms to protect the
OS, its components, and the data it manages. This report provides an in-depth analysis of the security
mechanisms employed by modern operating systems to ensure the confidentiality, integrity, and
availability of system resources.
Preventive mechanisms aim to prevent unauthorized access to system resources, and detective
mechanisms detect and respond to security breaches

2. Rationale: -

The security of an operating system (OS) is a critical aspect of any computer system, as it
provides the foundation for all applications and services. The OS is responsible for managing
system resources, controlling access to data and systems, and providing a platform for running
applications. As such, the security of the OS is essential to protecting against a wide range of
threats, including malware, unauthorized access, and data breaches

3. Aim/Benefits of the Micro Project: -

Create a Report on Security mechanism of operating System

4. Course Outcomes Achieved: -

CO I: Install Linux operating system and config it.

CO II: Use operating system tools to perform various functions.

Department of CO(AY:2024-2025) Page 4 of 19

Create a Report on Security mechanism of operating System

5. Literature Review: -

 History

The history of security mechanisms in operating systems (OS) has evolved significantly since the
inception of computing. Here’s an overview of key developments:

1960s-1970s: Foundations of OS Security

Multics (1965): One of the first operating systems to incorporate security features. It introduced
concepts like user authentication, access control lists, and hierarchical file permissions.
Bell-LaPadula Model (1973): Developed for the Multics system, this model focused on maintaining
confidentiality through mandatory access controls.

1980s: Growth of Personal Computing

Unix Security: Unix systems introduced file permissions and the concept of user IDs, allowing for a
basic form of access control.

Biba Model (1977): Focused on integrity, preventing unauthorized modification of data.

1990s: Commercial Operating Systems and Internet Security
Windows NT (1993): Introduced a more sophisticated security model, including support for user
groups, permissions, and encryption.
Security Enhancements: The rise of the internet prompted improvements in security protocols,
including SSL/TLS for secure communication.

2000s: Focus on Vulnerability Mitigation

Mandatory Integrity Control: Introduced in Windows Vista to enforce integrity levels on objects.
SELinux (2000): Implemented mandatory access controls to enhance security in Linux
environments.

2010s: Advanced Threats and Mitigation Strategies

Virtualization Security: As virtualization became prevalent, hypervisors introduced new security

challenges and solutions.
Sandboxing: Techniques like Chrome’s sandboxing for web applications emerged to isolate
processes and limit damage from breaches.

2020s: Zero Trust and Modern Approaches

Zero Trust Architecture: Emphasizing "never trust, always verify," this model has gained traction
in OS security frameworks.
Continued Focus on Privacy: With regulations like GDPR, OS designs now increasingly
incorporate privacy as a core feature.

Department of CO(AY:2024-2025) Page 5 of 19

Create a Report on Security mechanism of operating System

 Security mechanism of operating system

• Encipherment: This security mechanism deals with hiding and covering of data which helps data to
become confidential. It is achieved by applying mathematical calculations or algorithms which
reconstruct information into not readable form. It is achieved by two famous techniques
named Cryptography and Encipherment. Level of data encryption is dependent on the algorithm used
for encipherment.

• Access Control: This mechanism is used to stop unattended access to data which you are sending. It
can be achieved by various techniques such as applying passwords, using firewall, or just by adding
PIN to data.

• Notarization: This security mechanism involves use of trusted third party in communication. It acts as
mediator between sender and receiver so that if any chance of conflict is reduced. This mediator keeps
record of requests made by sender to receiver for later denied.

• Data Integrity: This security mechanism is used by appending value to data to which is created by
data itself. It is similar to sending packet of information known to both sending and receiving parties
and checked before and after data is received. When this packet or data which is appended is checked
and is the same while sending and receiving data integrity is maintained.

• Authentication Exchange: This security mechanism deals with identity to be known in

communication. This is achieved at the TCP/IP layer where two-way handshaking mechanism is used
to ensure data is sent or not

• Bit Stuffing: This security mechanism is used to add some extra bits into data which is being
transmitted. It helps data to be checked at the receiving end and is achieved by Even parity or Odd
Parity.

• Digital Signature: This security mechanism is achieved by adding digital data that is not visible to
eyes. It is form of electronic signature which is added by sender which is checked by receiver
electronically. This mechanism is used to preserve data which is not more confidential but sender’s
identity is to be notified.

Department of CO(AY:2024-2025) Page 6 of 19

Create a Report on Security mechanism of operating System

 What is Security mechanism in operating system?

Security mechanisms in an operating system (OS) are essential for protecting data and system integrity.
Here’s an overview of key components and their functions:

1. User Authentication
Password Protection: Users must provide credentials to access the system.
Multi-Factor Authentication (MFA): Combines two or more verification methods (e.g., password and SMS
code).

2. Access Control
User Roles and Permissions: Assigns different levels of access based on user roles (e.g., admin vs. standard
user).
Access Control Lists (ACLs): Specify which users or groups have permissions to access specific resources.

3. Encryption
Data Encryption: Protects data at rest (stored data) and in transit (data being transmitted) using algorithms
(e.g., AES, RSA).
File System Encryption: Encrypts files on a disk to prevent unauthorized access.

4. Auditing and Monitoring

Log Files: Track system events, user activities, and access attempts for security monitoring.
Intrusion Detection Systems (IDS): Monitors network traffic and system behavior for suspicious activities.

5. Malware Protection
Antivirus Software: Scans for and removes malicious software.
Sandboxing: Runs applications in isolated environments to prevent potential harm to the system.

6. Patch Management
Software Updates: Regularly applies patches and updates to fix vulnerabilities in the OS and applications.

7. Kernel Security
Privilege Separation: Limits the access rights of various processes to reduce the risk of system compromise.
Secure Boot: Ensures that the OS loads only trusted software during startup.

8. Network Security
Firewalls: Control incoming and outgoing network traffic based on predetermined security rules.
Virtual Private Networks (VPNs): Secure remote access to the network.

6. Implementation: -

 INTRODUCTION

Department of CO(AY:2024-2025) Page 7 of 19

Create a Report on Security mechanism of operating System

The operating system (OS) is a critical component of any computer system, providing the foundation for
all applications and services. The security of the OS is essential to protecting against a wide range of
threats, including malware, unauthorized access, and data breaches.

 SECURITY FEATURES OF THE OPERATING SYSTEM

- Authentication and authorization mechanisms to control access to the system and its
resources :- The OS provides a range of authentication and authorization mechanisms, including
username and password, smart cards, and biometric authentication.

- Access control mechanisms to regulate the actions that can be performed by users and
applications :- The OS provides a range of access control mechanisms, including discretionary
access control (DAC), mandatory access control (MAC), and role-based access control (RBAC).

- Encryption mechanisms to protect data in transit and at rest :- The OS provides a range of
encryption mechanisms, including symmetric and asymmetric encryption, and secure communication
protocols such as SSL/TLS.

- Auditing and logging mechanisms to monitor and track system activity :- The OS provides a
range of auditing and logging mechanisms, including system logs, application logs, and security logs.

- Patch management and software update mechanisms to ensure the OS and its components are
up-to-date and secure

 SECURITY THREATS AND VULNERABILITIES

- Malware: The OS is vulnerable to a range of malware, including viruses, worms, and trojans.

- Unauthorized access: The OS is vulnerable to unauthorized access, including password cracking

and privilege escalation.

- Data breaches: The OS is vulnerable to data breaches, including data theft and data loss.

- Configuration issues: The OS is vulnerable to configuration issues, including misconfigurations and

default configurations.

 FACTORS THAT AFFECT SECURITY MECHANISMS OF OPERATING SYSTEM

I. Hardware Factors

Department of CO(AY:2024-2025) Page 8 of 19

Create a Report on Security mechanism of operating System

- Processor Architecture: The processor architecture can affect the security of the OS, as different
architectures may have different security features and vulnerabilities.

- Memory: The amount and type of memory can affect the security of the OS, as insufficient memory
can lead to security vulnerabilities.

- Input/Output Devices: The security of input/output devices, such as keyboards and displays, can
affect the overall security of the OS

II. Software Factors

- Operating System Design: The design of the OS can affect its security, as a poorly designed OS can
have security vulnerabilities.

- Programming Languages: The programming languages used to develop the OS can affect its security,
as some languages may be more secure than others.

- Third-Party Software: The security of third-party software can affect the overall security of the OS,
as vulnerable software can compromise the OS.

III. Network Factors

- Network Architecture: The network architecture can affect the security of the OS, as a poorly
designed network can have security vulnerabilities.

- Network Protocols: The security of network protocols, such as TCP/IP, can affect the overall security
of the OS.

- Firewalls and Intrusion Detection Systems: The security of firewalls and intrusion detection systems
can affect the overall security of the OS.

IV. Human Factors

- User Behavior: The behavior of users can affect the security of the OS, as users may intentionally or
unintentionally compromise the OS.

- Administrator Behavior: The behavior of administrators can affect the security of the OS, as
administrators may intentionally or unintentionally compromise the OS.

- Training and Awareness: The level of training and awareness of users and administrators can affect
the security of the OS.

V. Environmental Factors

- Physical Environment: The physical environment can affect the security of the OS, as a poorly
secured physical environment can compromise the OS.

Department of CO(AY:2024-2025) Page 9 of 19

Create a Report on Security mechanism of operating System

- Power and Cooling: The reliability of power and cooling systems can affect the security of the OS, as
a failure of these systems can compromise the OS.

- Natural Disasters: Natural disasters, such as earthquakes and floods, can affect the security of the OS,
as these events can compromise the OS.

VI. Technical Factors

- Complexity: The complexity of the OS can affect its security, as a more complex OS may have more
security vulnerabilities.

- Interoperability: The interoperability of the OS with other systems can affect its security, as a lack of
interoperability can lead to security vulnerabilities.

- Scalability: The scalability of the OS can affect its security, as a scalable OS may be more secure
than a non-scalable OS.

 SECURING THE OPERATING SYSTEM:

1. Implement a Robust Security Policy and Procedure : A robust security policy and procedure is
essential for securing the operating system. The policy should include:

- Authentication and Authorization: Implement strong authentication and authorization mechanisms,

such as username and password, smart cards, and biometric authentication.

- Access Control: Implement access control mechanisms, such as discretionary access control (DAC),
mandatory access control (MAC), and role-based access control (RBAC).

- Encryption: Implement encryption mechanisms, such as symmetric and asymmetric encryption, and
secure communication protocols such as SSL/TLS.

- Auditing and Logging: Implement auditing and logging mechanisms, such as system logs,
application logs, and security logs.

2. Conduct Regular Security Audits and Vulnerability Assessments : Regular security audits and
vulnerability assessments are essential for identifying and addressing security threats and
vulnerabilities. The following steps should be taken:

- Identify Vulnerabilities: Identify vulnerabilities in the operating system, including configuration

issues, patch management, and software update issues.
- Assess Risks: Assess the risks associated with each vulnerability, including the potential impact and
likelihood of exploitation.

- Implement Remediation: Implement remediation measures, such as patching, updating, and

Department of CO(AY:2024-2025) Page 10 of 19

Create a Report on Security mechanism of operating System

configuring the operating system.

3. Implement a Patch Management and Software Update Process : A patch management and
software update process is essential for ensuring the operating system is up-to-date and secure. The
following steps should be taken:

- Identify Updates: Identify updates and patches for the operating system, including security patches
and feature updates.

- Test Updates: Test updates and patches in a controlled environment to ensure they do not introduce
new vulnerabilities or issues.

- Implement Updates: Implement updates and patches in a timely and controlled manner.

4. Implement a Firewall and Intrusion Detection and Prevention System : A firewall and intrusion
detection and prevention system is essential for protecting against unauthorized access and malicious
activity. The following steps should be taken:

- Configure Firewall: Configure the firewall to allow only necessary traffic and block all other traffic.

- Implement Intrusion Detection and Prevention: Implement intrusion detection and prevention
mechanisms, such as signature-based detection and anomaly-based detection.

5. Implement Encryption and Secure Communication Protocols : Encryption and secure

communication protocols are essential for protecting data in transit and at rest. The following steps
should be taken:

- Implement Encryption: Implement encryption mechanisms, such as symmetric and asymmetric

encryption.

- Implement Secure Communication Protocols: Implement secure communication protocols, such as

SSL/TLS.

6. Implement Strong Passwords and Authentication Mechanisms : Strong passwords and

authentication mechanisms are essential for protecting against unauthorized access. The following
steps should be taken:

- Implement Strong Passwords: Implement strong passwords, including password length, complexity,
and expiration.
- Implement Authentication Mechanisms: Implement authentication mechanisms, such as username
and password, smart cards, and biometric authentication

7. Continuously Monitor and Evaluate the Effectiveness of Security Measures : Continuously

Department of CO(AY:2024-2025) Page 11 of 19
Create a Report on Security mechanism of operating System

monitoring and evaluating the effectiveness of security measures is essential for ensuring the
operating system remains secure. The following steps should be taken:

- Monitor Security Logs: Monitor security logs to identify potential security threats and vulnerabilities.

- Evaluate Security Measures: Evaluate the effectiveness of security measures, including firewalls,
intrusion detection and prevention systems, and encryption mechanisms.

 RECOMMENDATIONS

- Implement a robust security policy and procedure.

- Conduct regular security audits and vulnerability assessments.
- Implement a patch management and software update process.
- Use strong passwords and authentication mechanisms.
- Implement a firewall and intrusion detection and prevention system.
- Use encryption and secure communication protocols.

The security of the operating system is critical to protecting against a wide range of threats. The OS
provides a range of security features and mechanisms to achieve this goal. However, the OS is also
vulnerable to a range of security threats and vulnerabilities. Implementing the recommendations outlined
in this report can help to improve the security of the operating system.

8. Actual Procedure Followed: -

Department of CO(AY:2024-2025) Page 12 of 19

Create a Report on Security mechanism of operating System

1. Discussed with our subject teacher about micro project.

2. Selected the name of micro-project.
3. Collected basic information about project.
4. Discussed with group members about project.
5. Divided work into group members.
6. Started actual working on project with proper knowledge.
7. Took guidance of teacher to remove mistakes.
8. Successfully completed our project.

9. Actual Resources Used: -

Sr.No Name Of Resource Specification Quantity

1. Laptop/PC Hp Intel Core I3 1

Word Document,
2. Software 2
Ubuntu OS
Operating System - Sachin
3. Books shah 1

10.Skill Developed: -

Department of CO(AY:2024-2025) Page 13 of 19

Create a Report on Security mechanism of operating System

1. Networking Fundamentals.
2. Server Administration.
3. Security Management.
4. Troubleshooting and Problem-solving.
5. Project Management

11. Advantages:

1. Improved Collaboration.
2. Cost-effectiveness.
3. Enhanced Accessibility.
4. Data Security

12. Disadvantages:

1. Security Risks.
2. Dependency on Network Availability.
3. Complex Configuration.

11. Conclusion: -

The conclusion of a project on folder sharing and printer sharing in data communication and
networking would typically summarize the key findings, outcomes, and lessons learned from the
project

12. References: -
Book: operating System
Websites: https://www.zdnet.com/article/how-to-share-folders-to-your-network-from-linux/
.

Department of CO(AY:2024-2025) Page 14 of 19

Create a Report on Security mechanism of operating System

Department of CO(AY:2024-2025) Page 15 of 19

Create a Report on Security mechanism of operating System

Department of CO(AY:2024-2025) Page 10 of 16

 Create a Report on Security mechanism of operating System

Page 11 of 16
Department of CO(AY:2024-2025)
 Create a Report on Security mechanism of operating System

Page 12 of 16
Department of CO(AY:2024-2025)
 Create a Report on Security mechanism of operating System

Page 13 of 16
Department of CO(AY:2024-2025)
 Create a Report on Security mechanism of operating System

Page 14 of 16
Department of CO(AY:2024-2025)
 Create a Report on Security mechanism of operating System

Page 15 of 16
Department of CO(AY:2024-2025)