Unit 9: System Security



                 technology enables files to be transparently encrypted to protect confidential data from   Notes
                 attackers with physical access to the computer.
               4.  The President’s Information Technology Advisory Committee (PITAC): The President’s
                 Information  Technology  Advisory  Committee  (PITAC)  was  established  in  February
                 1997, to provide the President, OSTP, and the federal agencies involved in IT R&D with
                 guidance and advice on all areas of high-performance computing, communications, and
                 information technologies. Representing the research, education, and library communities
                 and including network providers and representatives from critical industries, the committee
                 advises the Administration’s effort to accelerate development and adoption of information
                 technologies. PITAC was appointed by the President to provide independent expert advice
                 on maintaining America’s preeminence in advanced information technology (IT).

               5.  KeyKOS: KeyKOS is a persistent, pure capability-based operating system for the IBM S/370
                 mainframe computers. It allows emulating the VM, MVS, and POSIX environments. It is
                 a predecessor of the Extremely Reliable Operating System (EROS), and its successors, the
                 CapROS and Coyotos operating systems. KeyKOS is a nanokernel-based operating system.
               6.  Mandatory Integrity Control (MIC) or Integrity Levels: (or Protected Mode in the context
                 of applications like Internet Explorer, Google Chrome and Adobe Reader) MIC is a core
                 security  feature,  introduced  in  Windows  Vista  and  Windows  Server  2008,  that  adds
                 Integrity Levels (IL) to processes running in a login session.

               7.  Protection: A model of protection mechanisms in computing systems is presented and its
                 appropriateness is argued. The “safety” problem for protection systems under this model
                 is to determine in a given situation whether a subject can acquire a particular right to an
                 object.
               8.  Secure Sockets Layer (SSL):  Secure  Sockets  Layer  (SSL)  protocol  to  create  a  uniquely
                 encrypted channel for private communications over the public Internet. Each SSL Certificate
                 consists of a public key and a private key.



                            1.  How to enable the security of operating system?
                            2.  Give the step of installing antivirus.

            9.9 Review Questions

               1.  Buffer-overflow attacks can be avoided by adopting a better programming methodology
                 or by using special hardware support. Discuss these solutions.

              2.  A password may become known to other users in a variety of ways. Is there a simple
                 method for detecting that such an event has occurred? Explain your answer.

               3.  The list of all passwords is kept within the operating system. Thus, if a user manages to
                 read this list, password protection is no longer provided. Suggest a scheme that will avoid
                 this problem. (Hint: Use different internal and external representations.)

               4.  Discuss  a means  by which managers of systems  connected to the Internet could  have
                 designed their systems to limit or eliminate the damage done by a worm. What are the
                 drawbacks of making the change that you suggest?

              5.  Make a list of six security concerns for a bank’s computer system. For each item on your
                 list, state whether this concern relates to physical, human, or operating-system security.



                                             LOVELY PROFESSIONAL UNIVERSITY                                   309