Protection in Operating System
Protection is especially important in a multiuser environment when multiple users use computer resources such as CPU, memory, etc. It is the operating system's responsibility to offer a mechanism that protects each process from other processes. In a multiuser environment, all assets that require protection are classified as objects, and those that wish to access these objects are referred to as subjects. The operating system grants different 'access rights' to different subjects.
In this article, you will learn the protection in the operating system with its needs, goals, and authentication.
What is Protection in Operating System?
A mechanism that controls the access of programs, processes, or users to the resources defined by a computer system is referred to as protection. You may utilize protection as a tool for multi-programming operating systems, allowing multiple users to safely share a common logical namespace, including a directory or files.
It needs the protection of computer resources like the software, memory, processor, etc. Users should take protective measures as a helper to multiprogramming OS so that multiple users may safely use a common logical namespace like a directory or data. Protection may be achieved by maintaining confidentiality, honesty and availability in the OS. It is critical to secure the device from unauthorized access, viruses, worms, and other malware.
Need of Protection in Operating System
Various needs of protection in the operating system are as follows:
Goals of Protection in Operating System
Various goals of protection in the operating system are as follows:
Role of Protection in Operating System
Its main role is to provide a mechanism for implementing policies that define the use of resources in a computer system. Some rules are set during the system's design, while others are defined by system administrators to secure their files and programs.
Every program has distinct policies for using resources, and these policies may change over time. Therefore, system security is not the responsibility of the system's designer, and the programmer must also design the protection technique to protect their system against infiltration.
Domain of Protection
Various domains of protection in operating system are as follows:
Association between Process and Domain
When processes have the necessary access rights, they can switch from one domain to another. It could be of two types, as shown below.
1. Fixed or Static
In a fixed association, all access rights could be given to processes at the start. However, the results in a large number of access rights for domain switching. As a result, a technique of changing the domain's contents is found dynamically.
2. Changing or dynamic
A process may switch dynamically and creating a new domain in the process.
Security measures of Operating System
There are various security measures of the operating system that the users may take. Some of them are as follows:
One-time passwords, encrypted passwords, and cryptography are used to create a strong password and a formidable authentication source.
1. One-time Password
It is a way that is unique at every login by the user. It is a combination of two passwords that allow the user access. The system creates a random number, and the user supplies a matching one. An algorithm generates a random number for the system and the user, and the output is matched using a common function.
2. Encrypted Passwords
It is also a very effective technique of authenticating access. Encrypted data is passed via the network, which transfers and checks passwords, allowing data to pass without interruption or interception.
It's another way to ensure that unauthorized users can't access data transferred over a network. It aids in the data secure transmission. It introduces the concept of a key to protecting the data. The key is crucial in this situation. When a user sends data, he encodes it using a computer that has the key, and the receiver must decode the data with the same key. As a result, even if the data is stolen in the middle of the process, there's a good possibility the unauthorized user won't be able to access it.