Operating System Security

William Stallings, Independent Consultant

Information Protection and Security

Requirements for Operating System Security

Requirements

Computer System Assets

Design Principles

Protection Mechanisms

Protection of Memory

User-Oriented Access Control

Data-Oriented Access Control

Protection Based on Operating System Mode

File Sharing

Access Rights

Simultaneous Access

Trusted Systems

Trojan Horse Defense

Glossary

Cross References

References

Further Reading

INFORMATION PROTECTION AND SECURITY

The growth in the use of time-sharing systems and, more recently, computer networks has brought with it a growth in concern for the protection of information.

A publication of the National Bureau of Standards (Bransted, 1978) identified some of the threats that need to be addressed in the area of security:

1. Organized and intentional attempts to obtain economic or market information from competitive organizations in the private sector.
2. Organized and intentional attempts to obtain economic information from government agencies.
3. Inadvertent acquisition of economic or market information.
4. Inadvertent acquisition of information about individuals.
5. Intentional fraud through illegal access to computer data banks with emphasis, in decreasing order of importance, on acquisition of funding data, economic data, law enforcement data, and data about individuals.
6. Government intrusion on the rights of individuals.
7. Invasion of individual rights by the intelligence community.

These are examples ...