100%(1)1 out of 1 people found this document helpful
This preview shows page 8 - 11 out of 12 pages.
The main security controls as stated by Cui-Qing Yang in his abstract on operating system security are authorization, authentication, encryption, and specific usage. (2003) An example of 8
RUNNING HEADER: Unix®, Linux®, Mac OS®, Windows® Operating Systems Comparisonthis is that of the trusted path in which a trusted agent, such as a certificate authority or known peripheral device, is authorized for its purpose through a portal known as trusted path.Windows and Unix use similar logic for authentication and can be centralized in AD using the LDAP PAM protocol or Kerberos for user authentication. Linux provides a security module that protects the kernel framework called Linux Security Module (LSM). Unix identifies each user, group, and process with a UID that may be set to granular policies and access controls. This UID is a number assigned by the SYSADMIN.Access controls are used to compartmentalize the capabilities of users, groups, processes, andresources. An example of separation of duties within an operating system is a protection domain,in which specified processes can only access resources within its allocated protection domain.Windows uses several services to monitor and enforce access privileges. Security Reference Monitor (SRM) acts as a gatekeeper to applications and processes for the operating system to ensure that all executable processes from applications are sanctioned. In addition to SRM, LocalSecurity Authority “a subsystem running on user mode” enforces local security policies and is a key component in Kerberos Key Distribution Center for creation of access token capabilities. Unix uses discretionary access controls for administering security relevance to files by configuring the file permission modes.Vulnerabilities can be manipulated to use system resources, escalate privilege, and execute malicious files. Viruses, worms, and remote hackers are all examples of how these occur on 9
RUNNING HEADER: Unix®, Linux®, Mac OS®, Windows® Operating Systems Comparisonoperating systems. The buffer overflow attack is used to boggle down system resource and causeinaccessibility of services to its user. These threats can occur simply by downloading Commercial Off-The-Shelf products (COTS), which are downloaded from a public domain through a non-secure connection. These types of attacks are produced to exploit improper input validation weaknesses.As found on the National Vulnerability Database (NVD), Teardrop, bonk, boink, Land and LaTierraare examples of Windows and Linux exploits. (Florian) These scripts are fragmentation overlap attacks that loop an action to the user to slow down services. Unix’s most popular exploit is the kbd_mode command is to disable hardware; however, this command can be used to disable other users’ hardware and disable them from using the system. (Christias)There are several ways to implement OS hardening onto an asset for mitigation of the variousthreats. Being proactive in protecting your system by performing patch updates and installing updated antivirus software can eliminate known vulnerabilities.