Operating System Security

Every computer system and software design must handle all security risks and implement the
necessary measures to enforce security policies. At the same time, it's critical to strike a balance
because strong security measures might increase costs while also limiting the system's usability,
utility, and smooth operation. As a result, system designers must assure efficient performance
without compromising security.

What is Operating System Security?

The process of ensuring OS availability, confidentiality, integrity is known as operating system

security. OS security refers to the processes or measures taken to protect the operating system
from dangers, including viruses, worms, malware, and remote hacker intrusions. Operating
system security comprises all preventive-control procedures that protect any system assets that
could be stolen, modified, or deleted if OS security is breached.

Security refers to providing safety for computer system resources like software, CPU, memory,
disks, etc. It can protect against all threats, including viruses and unauthorized access. It can be
enforced by assuring the operating system's integrity, confidentiality, and availability. If an
illegal user runs a computer application, the computer or data stored may be seriously damaged.

System security may be threatened through two violations, and these are as follows:

1. Threat

A program that has the potential to harm the system seriously.

2. Attack

A breach of security that allows unauthorized access to a resource.

There are two types of security breaches that can harm the system: malicious and accidental.
Malicious threats are a type of destructive computer code or web script that is designed to cause
system vulnerabilities that lead to back doors and security breaches. On the other hand,
Accidental Threats are comparatively easier to protect against.

Security may be compromised through the breaches. Some of the breaches are as follows:

1. Breach of integrity

This violation has unauthorized data modification.

2. Theft of service

It involves the unauthorized use of resources.

3. Breach of confidentiality

It involves the unauthorized reading of data.

4. Breach of availability

It involves the unauthorized destruction of data.

5. Denial of service

It includes preventing legitimate use of the system. Some attacks may be accidental.

The goal of Security System

There are several goals of system security. Some of them are as follows:

1. Integrity

Unauthorized users must not be allowed to access the system's objects, and users with
insufficient rights should not modify the system's critical files and resources.

2. Secrecy

The system's objects must only be available to a small number of authorized users. The system
files should not be accessible to everyone.

3. Availability

All system resources must be accessible to all authorized users, i.e., no single user/process
should be able to consume all system resources. If such a situation arises, service denial may
occur. In this case, malware may restrict system resources and preventing legitimate processes
from accessing them.

Types of Threats

There are mainly two types of threats that occur. These are as follows:

Program threats
The operating system's processes and kernel carry out the specified task as directed. Program
Threats occur when a user program causes these processes to do malicious operations. The
common example of a program threat is that when a program is installed on a computer, it could
store and transfer user credentials to a hacker. There are various program threats. Some of them
are as follows:
1.Virus

A virus may replicate itself on the system. Viruses are extremely dangerous and can
modify/delete user files as well as crash computers. A virus is a little piece of code that is
implemented on the system program. As the user interacts with the program, the virus becomes
embedded in other files and programs, potentially rendering the system inoperable.

2. Trojan Horse

This type of application captures user login credentials. It stores them to transfer them to a
malicious user who can then log in to the computer and access system resources.

3. Logic Bomb

A logic bomb is a situation in which software only misbehaves when particular criteria are met;
otherwise, it functions normally.

4. Trap Door

A trap door is when a program that is supposed to work as expected has a security weakness in
its code that allows it to do illegal actions without the user's knowledge.

System Threats
System threats are described as the misuse of system services and network connections to cause
user problems. These threats may be used to trigger the program threats over an entire network,
known as program attacks. System threats make an environment in which OS resources and user
files may be misused. There are various system threats. Some of them are as follows:

1. Port Scanning

It is a method by which the cracker determines the system's vulnerabilities for an attack. It is a
fully automated process that includes connecting to a specific port via TCP/IP. To protect the
attacker's identity, port scanning attacks are launched through Zombie Systems, which
previously independent systems now serve their owners while being utilized for such terrible
purposes.

2. Worm

The worm is a process that can choke a system's performance by exhausting all system resources.
A Worm process makes several clones, each consuming system resources and preventing all
other processes from getting essential resources. Worm processes can even bring a network to a
halt.
 3. Denial of Service

Denial of service attacks usually prevents users from legitimately using the system. For example,
if a denial-of-service attack is executed against the browser's content settings, a user may be
unable to access the internet.

Network-delivered threats are typically of two basic types:

 Passive Network Threats: Activities such as wiretapping and idle scans that are designed to
intercept traffic traveling through the network.

 Active Network Threats: Activities such as Denial of Service (DoS) attacks and SQL injection
attacks where the attacker is attempting to execute commands to disrupt the network’s normal
operation.

Cryptography for security:-

Cryptography is a technique of securing communication by converting plain text into

ciphertext.

It involves various algorithms and protocols to ensure data confidentiality, integrity,

authentication, and non-repudiation. Here we will discuss cryptography and its types.

What is Cryptography?
Cryptography is a technique of securing information and communications through the use of
codes so that only those persons for whom the information is intended can understand and
process it. Thus preventing unauthorized access to information. The prefix “crypt” means
“hidden” and the suffix “graphy” means “writing”. In Cryptography, the techniques that are
used to protect information are obtained from mathematical concepts and a set of rule-based
calculations known as algorithms to convert messages in ways that make it hard to decode
them. These algorithms are used for cryptographic key generation, digital signing, and
verification to protect data privacy, web browsing on the internet and to protect confidential
transactions such as credit card and debit card transactions.

Features Of Cryptography
 Confidentiality: Information can only be accessed by the person for whom it is intended
and no other person except him can access it.
 Integrity: Information cannot be modified in storage or transition between sender and
intended receiver without any addition to information being detected.
 Non-repudiation: The creator/sender of information cannot deny his intention to send
information at a later stage.
 Authentication: The identities of the sender and receiver are confirmed. As well
destination/origin of the information is confirmed.
 Interoperability: Cryptography allows for secure communication between different
systems and platforms.
 Adaptability: Cryptography continuously evolves to stay ahead of security threats and
technological advancements.
Types Of Cryptography
1. Symmetric Key Cryptography
It is an encryption system where the sender and receiver of a message use a single common
key to encrypt and decrypt messages. Symmetric Key cryptography is faster and simpler but
the problem is that the sender and receiver have to somehow exchange keys securely. The most
popular symmetric key cryptography systems are Data Encryption Systems
(DES) and Advanced Encryption Systems (AES) .

2. Hash Functions
There is no usage of any key in this algorithm. A hash value with a fixed length is calculated as
per the plain text which makes it impossible for the contents of plain text to be recovered.
Many operating systems use hash functions to encrypt passwords.
3. Asymmetric Key Cryptography
In Asymmetric Key Cryptography, a pair of keys is used to encrypt and decrypt information. A
receiver’s public key is used for encryption and a receiver’s private key is used for decryption.
Public keys and Private keys are different. Even if the public key is known by everyone the
intended receiver can only decode it because he alone knows his private key. The most popular
asymmetric key cryptography algorithm is the RSA algorithm.

Applications of Cryptography
 Computer passwords: Cryptography is widely utilized in computer security, particularly
when creating and maintaining passwords. When a user logs in, their password is hashed
and compared to the hash that was previously stored. Passwords are hashed and encrypted
before being stored. In this technique, the passwords are encrypted so that even if a hacker
gains access to the password database, they cannot read the passwords.
 Digital Currencies: To protect transactions and prevent fraud, digital currencies like
Bitcoin also use cryptography. Complex algorithms and cryptographic keys are used to
safeguard transactions, making it nearly hard to tamper with or forge the transactions.
 Secure web browsing: Online browsing security is provided by the use of cryptography,
which shields users from eavesdropping and man-in-the-middle assaults. Public key
cryptography is used by the Secure Sockets Layer (SSL) and Transport Layer Security
(TLS) protocols to encrypt data sent between the web server and the client, establishing a
secure channel for communication.
 Electronic signatures: Electronic signatures serve as the digital equivalent of a
handwritten signature and are used to sign documents. Digital signatures are created using
cryptography and can be validated using public key cryptography. In many nations,
electronic signatures are enforceable by law, and their use is expanding quickly.
 Authentication: Cryptography is used for authentication in many different situations, such
as when accessing a bank account, logging into a computer, or using a secure network.
Cryptographic methods are employed by authentication protocols to confirm the user’s
identity and confirm that they have the required access rights to the resource.
 Cryptocurrencies: Cryptography is heavily used by cryptocurrencies like Bitcoin and
Ethereum to protect transactions, thwart fraud, and maintain the network’s integrity.
Complex algorithms and cryptographic keys are used to safeguard transactions, making it
nearly hard to tamper with or forge the transactions.
 End-to-end Internet Encryption: End-to-end encryption is used to protect two-way
communications like video conversations, instant messages, and email. Even if the message
is encrypted, it assures that only the intended receivers can read the message. End-to-end
encryption is widely used in communication apps like WhatsApp and Signal, and it
provides a high level of security and privacy for users.
Types of Cryptography Algorithm
 Advanced Encryption Standard (AES): AES (Advanced Encryption Standard) is a
popular encryption algorithm which uses the same key for encryption and decryption It is a
symmetric block cipher algorithm with block size of 128 bits, 192 bits or 256 bits. AES
algorithm is widely regarded as the replacement of DES (Data encryption standard)
algorithm
 Data Encryption Standard (DES): DES (Data encryption standard) is an older encryption
algorithm that is used to convert 64-bit plaintext data into 48-bit encrypted ciphertext. It
uses symmetric keys (which means same key for encryption and decryption). It is kind of
 old by today’s standard but can be used as a basic building block for learning newer
encryption algorithms.
 RSA: RSA is an basic asymmetric cryptographic algorithm which uses two different keys
for encryption. The RSA algorithm works on a block cipher concept that converts plain text
into cipher text and vice versa.
 Secure Hash Algorithm (SHA): SHA is used to generate unique fixed-length digital
fingerprints of input data known as hashes. SHA variations such as SHA-2 and SHA-
3 are commonly used to ensure data integrity and authenticity. The tiniest change in input
data drastically modifies the hash output, indicating a loss of integrity. Hashing is the
process of storing key value pairs with the help of a hash function into a hash table.
Advantages of Cryptography
 Access Control: Cryptography can be used for access control to ensure that only parties
with the proper permissions have access to a resource. Only those with the correct
decryption key can access the resource thanks to encryption.
 Secure Communication: For secure online communication, cryptography is crucial. It
offers secure mechanisms for transmitting private information like passwords, bank
account numbers, and other sensitive data over the Internet.
 Protection against attacks: Cryptography aids in the defense against various types of
assaults, including replay and man-in-the-middle attacks . It offers strategies for spotting
and stopping these assaults.
 Compliance with legal requirements: Cryptography can assist firms in meeting a variety
of legal requirements, including data protection and privacy legislation.

Authentication

Authentication is the process of verifying the identity of a user or information. User

authentication is the process of verifying the identity of a user when that user logs in to a
computer system.
There are different types of authentication systems which are: –
1. Single-Factor authentication: – This was the first method of security that was developed. On
this authentication system, the user has to enter the username and the password to confirm
whether that user is logging in or not. Now if the username or password is wrong, then the user
will not be allowed to log in or access the system.
Advantage of the Single-Factor Authentication System: –
 It is a very simple to use and straightforward system.
 it is not at all costly.
 The user does not need any huge technical skills.
The disadvantage of the Single-Factor Authentication
 It is not at all password secure. It will depend on the strength of the password entered by
the user.
 The protection level in Single-Factor Authentication is much low.
2. Two-factor Authentication: – In this authentication system, the user has to give a username,
password, and other information. There are various types of authentication systems that are
used by the user for securing the system. Some of them are: – wireless tokens and virtual
tokens. OTP and more.
Advantages of the Two-Factor Authentication
 The Two-Factor Authentication System provides better security than the Single-factor
Authentication system.
 The productivity and flexibility increase in the two-factor authentication system.
 Two-Factor Authentication prevents the loss of trust.
Disadvantages of Two-Factor Authentication
 It is time-consuming.
3. Multi-Factor authentication system,: – In this type of authentication, more than one factor of
authentication is needed. This gives better security to the user. Any type of keylogger or
phishing attack will not be possible in a Multi-Factor Authentication system. This assures the
user, that the information will not get stolen from them.
The advantage of the Multi-Factor Authentication System are: –
 No risk of security.
 No information could get stolen.
 No risk of any key-logger activity.
 No risk of any data getting captured.
The disadvantage of the Multi-Factor Authentication System are: –
 It is time-consuming.
 it can rely on third parties. The main objective of authentication is to allow authorized users
to access the computer and to deny access to unauthorized users. Operating Systems
generally identify/authenticates users using the following 3 ways: Passwords, Physical
identification, and Biometrics. These are explained as following below.
1. Passwords: Password verification is the most popular and commonly used
authentication technique. A password is a secret text that is supposed to be known only
to a user. In a password-based system, each user is assigned a valid username and
password by the system administrator. The system stores all usernames and Passwords.
When a user logs in, their user name and password are verified by comparing them with
the stored login name and password. If the contents are the same then the user is
allowed to access the system otherwise it is rejected.
2. Physical Identification: This technique includes machine-readable badges(symbols),
cards, or smart cards. In some companies, badges are required for employees to gain
access to the organization’s gate. In many systems, identification is combined with the
use of a password i.e the user must insert the card and then supply his /her password.
This kind of authentication is commonly used with ATMs. Smart cards can enhance
this scheme by keeping the user password within the card itself. This allows
authentication without the storage of passwords in the computer system. The loss of
such a card can be dangerous.
3. Biometrics: This method of authentication is based on the unique biological
characteristics of each user such as fingerprints, voice or face recognition, signatures,
and eyes.
4. A scanner or other devices to gather the necessary data about the user.
 5. Software to convert the data into a form that can be compared and stored.
6. A database that stores information for all authorized users.
7. Facial Characteristics – Humans are differentiated on the basis of facial
characteristics such as eyes, nose, lips, eyebrows, and chin shape.
8. Fingerprints – Fingerprints are believed to be unique across the entire human
population.
9. Hand Geometry – Hand geometry systems identify features of the hand that includes
the shape, length, and width of fingers.
10. Retinal pattern – It is concerned with the detailed structure of the eye.
11. Signature – Every individual has a unique style of handwriting, and this feature is
reflected in the signatures of a person.
12. Voice – This method records the frequency pattern of the voice of an individual
speaker.

What is Firewall?

A firewall is a network security device, either hardware or software-based, which monitors all
incoming and outgoing traffic and based on a defined set of security rules accepts, rejects, or
drops that specific traffic.
 Accept: allow the traffic
 Reject: block the traffic but reply with an “unreachable error”
 Drop: block the traffic with no reply
A firewall is a type of network security device that filters incoming and outgoing network
traffic with security policies that have previously been set up inside an organization. A firewall
is essentially the wall that separates a private internal network from the open Internet at its
very basic level.
Working of Firewall

Firewall match the network traffic against the rule set defined in its table. Once the rule is
matched, associate action is applied to the network traffic. For example, Rules are defined as
any employee from Human Resources department cannot access the data from code server and
at the same time another rule is defined like system administrator can access the data from both
Human Resource and technical department. Rules can be defined on the firewall based on the
necessity and security policies of the organization. From the perspective of a server, network
traffic can be either outgoing or incoming.
Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic,
originated from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is
always better in order to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these
three major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source
address and destination address. Also, TCP and UDP have port numbers. ICMP uses type
code instead of port number which identifies purpose of that packet.
Default policy: It is very difficult to explicitly cover every possible rule on the firewall. For
this reason, the firewall must always have a default policy. Default policy only consists of
action (accept, reject or drop). Suppose no rule is defined about SSH connection to the server
on the firewall. So, it will follow the default policy. If default policy on the firewall is set
to accept, then any computer outside of your office can establish an SSH connection to the
server. Therefore, setting default policy as drop (or reject) is always a good practice.
Types of Firewall
Firewalls can be categorized based on their generation.
1. Packet Filtering Firewall
Packet filtering firewall is used to control network access by monitoring outgoing and
incoming packets and allowing them to pass or stop based on source and destination IP
address, protocols, and ports. It analyses traffic at the transport protocol layer (but mainly uses
first 3 layers). Packet firewalls treat each packet in isolation. They have no ability to tell
whether a packet is part of an existing stream of traffic. Only It can allow or deny the packets
based on unique packet headers. Packet filtering firewall maintains a filtering table that decides
whether the packet will be forwarded or discarded. From the given filtering table, the packets
will be filtered according to the following rules:
 Incoming packets from network 192.168.21.0 are blocked.
 Incoming packets destined for the internal TELNET server (port 23) are blocked.
 Incoming packets destined for host 192.168.21.3 are blocked.
 All well-known services to the network 192.168.21.0 are allowed.
2. Stateful Inspection Firewall
Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection
state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of
the state of networks connection travelling across it, such as TCP streams. So the filtering
decisions would not only be based on defined rules, but also on packet’s history in the state
table.
3. Software Firewall
A software firewall is any firewall that is set up locally or on a cloud server. When it comes to
controlling the inflow and outflow of data packets and limiting the number of networks that
can be linked to a single device, they may be the most advantageous. But the problem with
software firewall is they are time-consuming.
4. Hardware Firewall
They also go by the name “firewalls based on physical appliances.” It guarantees that the
malicious data is halted before it reaches the network endpoint that is in danger.
5. Application Layer Firewall
Application layer firewall can inspect and filter the packets on any OSI layer, up to the
application layer. It has the ability to block specific content, also recognize when certain
application and protocols (like HTTP, FTP) are being misused. In other words, Application
layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection
between either side of the firewall, each packet has to pass through the proxy.
6. Next Generation Firewalls (NGFW)
NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and
many functionalities to protect the network from these modern threats.
7. Proxy Service Firewall
This kind of firewall filters communications at the application layer, and protects the network.
A proxy firewall acts as a gateway between two networks for a particular application.
8. Circuit Level Gateway Firewall
This works as the Sessions layer of the OSI Model’s . This allows for the simultaneous setup
of two Transmission Control Protocol (TCP) connections. It can effortlessly allow data packets
to flow without using quite a lot of computing power. These firewalls are ineffective because
they do not inspect data packets; if malware is found in a data packet, they will permit it to
pass provided that TCP connections are established properly.
Functions of Firewall
 Every piece of data that enters or leaves a computer network must go via the firewall.
 If the data packets are safely routed via the firewall, all of the important data remains
intact.
 A firewall logs each data packet that passes through it, enabling the user to keep track of all
network activities.
 Since the data is stored safely inside the data packets, it cannot be altered.
 Every attempt for access to our operating system is examined by our firewall, which also
blocks traffic from unidentified or undesired sources.

What Can Firewalls Protect Against?

 Infiltration by Malicious Actors: Firewalls can block suspicious connections, preventing
eavesdropping and advanced persistent threats (APTs).
 Parental Controls: Parents can use firewalls to block their children from accessing
explicit web content.
 Workplace Web Browsing Restrictions: Employers can restrict employees from using
the company network to access certain services and websites, like social media.
 Nationally Controlled Intranet: Governments can block access to certain web content
and services that conflict with national policies or values.

Advantages of Using Firewall

 Protection From Unauthorized Access: Firewalls can be set up to restrict incoming

traffic from particular IP addresses or networks, preventing hackers or other malicious
actors from easily accessing a network or system. Protection from unwanted access.
 Prevention of Malware and Other Threats: Malware and other threat prevention:
Firewalls can be set up to block traffic linked to known malware or other security concerns,
assisting in the defense against these kinds of attacks.
 Control of Network Access: By limiting access to specified individuals or groups for
particular servers or applications, firewalls can be used to restrict access to particular
network resources or services.
 Monitoring of Network Activity: Firewalls can be set up to record and keep track of all
network activity.
 Regulation Compliance: Many industries are bound by rules that demand the usage of
firewalls or other security measures.
 Network Segmentation: By using firewalls to split up a bigger network into smaller
subnets, the attack surface is reduced and the security level is raised.
Disadvantages of Using Firewall
 Complexity: Setting up and keeping up a firewall can be time-consuming and difficult,
especially for bigger networks or companies with a wide variety of users and devices.
 Limited Visibility: Firewalls may not be able to identify or stop security risks that operate
at other levels, such as the application or endpoint level, because they can only observe and
manage traffic at the network level.
 False Sense of Security: Some businesses may place an excessive amount of reliance on
their firewall and disregard other crucial security measures like endpoint security or
intrusion detection systems.
 Limited adaptability: Because firewalls are frequently rule-based, they might not be able
to respond to fresh security threats.
 Performance Impact: Network performance can be significantly impacted by firewalls,
particularly if they are set up to analyze or manage a lot of traffic.
 Limited Scalability: Because firewalls are only able to secure one network, businesses that
have several networks must deploy many firewalls, which can be expensive.
 Limited VPN support: Some firewalls might not allow complex VPN features like split
tunneling, which could restrict the experience of a remote worker.
 Cost: Purchasing many devices or add-on features for a firewall system can be expensive,
especially for businesses.
 Security
Security refers to providing a protection system to computer system resources such as
CPU, memory, disk, software programs and most importantly data/information stored in
the computer system. If a computer program is run by an unauthorized user, then
he/she may cause severe damage to computer or data stored in it. So a computer
system must be protected against unauthorized access, malicious access to system
memory, viruses, worms etc. We're going to discuss following topics in this chapter.

 Authentication
 One Time passwords
 Program Threats
 System Threats
 Computer Security Classifications

Authentication
Authentication refers to identifying each user of the system and associating the
executing programs with those users. It is the responsibility of the Operating System to
create a protection system which ensures that a user who is running a particular
program is authentic. Operating Systems generally identifies/authenticates users using
following three ways −
 Username / Password − User need to enter a registered username and password with
Operating system to login into the system.
 User card/key − User need to punch card in card slot, or enter key generated by key
generator in option provided by operating system to login into the system.
 User attribute - fingerprint/ eye retina pattern/ signature − User need to pass his/her
attribute via designated input device used by operating system to login into the system.

One Time passwords

One-time passwords provide additional security along with normal authentication. In
One-Time Password system, a unique password is required every time user tries to
login into the system. Once a one-time password is used, then it cannot be used again.
One-time password are implemented in various ways.
 Random numbers − Users are provided cards having numbers printed along with
corresponding alphabets. System asks for numbers corresponding to few alphabets
randomly chosen.
 Secret key − User are provided a hardware device which can create a secret id mapped
with user id. System asks for such secret id which is to be generated every time prior to
login.
 Network password − Some commercial applications send one-time passwords to user on
registered mobile/ email which is required to be entered prior to login.
Program Threats
Operating system's processes and kernel do the designated task as instructed. If a
user program made these process do malicious tasks, then it is known as Program
Threats. One of the common example of program threat is a program installed in a
computer which can store and send user credentials via network to some hacker.
Following is the list of some well-known program threats.
 Trojan Horse − Such program traps user login credentials and stores them to send to
malicious user who can later on login to computer and can access system resources.
 Trap Door − If a program which is designed to work as required, have a security hole in its
code and perform illegal action without knowledge of user then it is called to have a trap
door.
 Logic Bomb − Logic bomb is a situation when a program misbehaves only when certain
conditions met otherwise it works as a genuine program. It is harder to detect.
 Virus − Virus as name suggest can replicate themselves on computer system. They are
highly dangerous and can modify/delete user files, crash systems. A virus is generatlly a
small code embedded in a program. As user accesses the program, the virus starts getting
embedded in other files/ programs and can make system unusable for user

System Threats
System threats refers to misuse of system services and network connections to put
user in trouble. System threats can be used to launch program threats on a complete
network called as program attack. System threats creates such an environment that
operating system resources/ user files are misused. Following is the list of some well-
known system threats.
 Worm − Worm is a process which can choked down a system performance by using system
resources to extreme levels. A Worm process generates its multiple copies where each
copy uses system resources, prevents all other processes to get required resources.
Worms processes can even shut down an entire network.
 Port Scanning − Port scanning is a mechanism or means by which a hacker can detects
system vulnerabilities to make an attack on the system.
 Denial of Service − Denial of service attacks normally prevents user to make legitimate use
of the system. For example, a user may not be able to use internet if denial of service
attacks browser's content settings.

Computer Security Classifications

As per the U.S. Department of Defense Trusted Computer System's Evaluation Criteria
there are four security classifications in computer systems: A, B, C, and D. This is
widely used specifications to determine and model the security of systems and of
security solutions. Following is the brief description of each classification.

S.N. Classification Type & Description

1
Type A
Highest Level. Uses formal design specifications and verification techniques. Grants
a high degree of assurance of process security.

2
Type B
Provides mandatory protection system. Have all the properties of a class C2 system.
Attaches a sensitivity label to each object. It is of three types.
 B1 − Maintains the security label of each object in the system. Label is used
for making decisions to access control.
 B2 − Extends the sensitivity labels to each system resource, such as storage
objects, supports covert channels and auditing of events.
 B3 − Allows creating lists or user groups for access-control to grant access or
revoke access to a given named object.

3
Type C
Provides protection and user accountability using audit capabilities. It is of two types.
 C1 − Incorporates controls so that users can protect their private information
and keep other users from accidentally reading / deleting their data. UNIX
versions are mostly Cl class.
 C2 − Adds an individual-level access control to the capabilities of a Cl level
system.

4
Type D
Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this category.