Modern Operating Systems by Herbert Bos ...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Showing 627 out of 1137
Modern Operating Systems by Herbert Bos and Andrew...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Modern Operating Systems by Herbert...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Page 627
the term
protection mechanisms
to refer to the specific operating system mechan-
isms used to safeguard information in the computer. The boundary between them is
not well defined, however. First we will look at security threats and attackers to
see what the nature of the problem is. Later on in the chapter we will look at the
protection mechanisms and models available to help achieve security.
9.1.1 Threats
Many security texts decompose the security of an information system in three
components: confidentiality, integrity, and availability. Together, they are often
referred to as ‘‘CIA.’’ They are shown in Fig.9-1 and constitute the core security
properties that we must protect against attackers and eavesdroppers—such as the
(other) CIA.
The first,
, is concerned with having secret data remain secret.
More specifically, if the owner of some data has decided that these data are to be
made available only to certain people and no others, the system should guarantee
that release of the data to unauthorized people never occurs. As an absolute mini-
mum, the owner should be able to specify who can see what, and the system
should enforce these specifications, which ideally should be per file.
Exposure of data
Tampering with data
Denial of service
Figure 9-1.
Security goals and threats.
The second property,
, means that unauthorized users should not be
able to modify any data without the owner’s permission. Data modification in this
context includes not only changing the data, but also removing data and adding
false data.
If a system cannot guarantee that data deposited in it remain unchanged
until the owner decides to change them, it is not worth much for data storage.
The third property,
, means that nobody can disturb the system to
make it unusable. Such
attacks are increasingly common. For ex-
ample, if a computer is an Internet server, sending a flood of requests to it may
cripple it by eating up all of its CPU time just examining and discarding incoming
requests. If it takes, say, 100
sec to process an incoming request to read a Web
page, then anyone who manages to send 10,000 requests/sec can wipe it out. Rea-
sonable models and technology for dealing with attacks on confidentiality and in-
tegrity are available; foiling denial-of-service attacks is much harder.
Later on, people decided that three fundamental properties were not enough for
all possible scenarios, and so they added additional ones, such as authenticity,
accountability, nonrepudiability, privacy, and others. Clearly, these are all nice to

Ace your assessments! Get Better Grades
Browse thousands of Study Materials & Solutions from your Favorite Schools
Concordia University
Great resource for chem class. Had all the past labs and assignments
Leland P.
Santa Clara University
Introducing Study Plan
Using AI Tools to Help you understand and remember your course concepts better and faster than any other resource.
Find the best videos to learn every concept in that course from Youtube and Tiktok without searching.
Save All Relavent Videos & Materials and access anytime and anywhere
Prepare Smart and Guarantee better grades

Students also viewed documents