An operating system is a set of programs that is usually installed on the hard drive or memory. It enables the computer hardware to efficiently communicate and operate with the software to achieve the desired tasks that the computer is instructed to perform. The functions of an operating system range from memory management to disk and hardware management, process control, file management, data security, and many other services.
In its turn, operating system security can be defined as the process of ensuring the confidentiality, integrity, and availability of the operating system. The method specifies the steps and measures that can be used to protect it from viruses, worms, threats, malware, or even intrusions. The operating system security process also takes charge of all the preventive control techniques that are aimed at safeguarding the computer assets which can be stolen, deleted, or edited in case the operating system security is compromised.
It should be mentioned that operating systems can be divided into three categories. They can be viewed regarding hardware, software, and data. Hardware comprises the input and output devices that are used in computer systems, and they include printers, monitors, keyboards, hard drives, or mouse. The software is applications such as browsers, database software, office applications (Excel, Access, PowerPoint, etc.) that are running on the operating systems. The data is raw information that is stored on the hardware and is manipulated by the software applications. It includes phone numbers, names, passwords, email addresses, etc.
Each of these assets needs to be secured through the consideration of credibility, integrity, and availability. Hardware, software, and data have different security concerns. For hardware, the main concerns are their availability. For software, the issues may range from a set of different factors such as unauthorized copying, modification, and purposeful deletion of the software by a hacker. Data, on the other hand, suffers from concerns of integrity, secrecy, and availability. It means that unauthorized modification of data undermines its integrity, unauthorized access implies that information is no longer confidential, and data destruction undermines its availability (Mendell, 2016).
The need for the computer security has existed since the time companies started storing information on these devices. However, the techniques of securing the operating systems and information they contain have changed over the years. Twenty years ago operating systems just needed to support the environment that consisted of isolated batch processing systems or systems that had terminal access through private corporate networks. Merissa, in her paper, argued that security of operating systems in the past was focused on the information, contained in them. It concentrated mainly on the data claiming that it was the most valuable asset of the information system (Mainguth, 2009).
TCB (Trusted Computing Base) was the basic component, used to construct the trusted computer systems. This concept was defined in 1985 by Trusted Computer System Evaluation Criteria (TCSEC), and it involved components in the form of a reference validation mechanism or, in the other words, a reference monitor. The report by Anderson listed three design requirements that were to be met by a reference validation mechanism. Firstly, the reference validation mechanism must be tamperproof. Secondly, it should always be invoked, and thirdly, it had to be small enough, so that it could be subjected to tests and analysis to ensure its completeness (Hashimoto, Tanaka, Maeda, & Ando, 2012). Operating systems meet the second requirement by nature since they are the undermost layer of software stacks. Operating system research have been conducted from the perspective on meeting security requirements, caused by the evolution of computer hardware and social requests as the operating systems have a role in the execution environments for the application programs. In his paper, Anderson argued that operating system security can be achieved by countering attacks on the system itself and also the programs, running on it. He gave countermeasures for the attacks which comprise access control technologies for attacks on the programs processing data, operating system verifications and virtualization technologies for both operating system and programs running on it (Hashimoto, Tanaka, Maeda, & Ando, 2012).
Virtualization technologies have been researched for a long period of time to enable utilization of hardware resources. They are spreading globally as a cloud computing basic infrastructure. Operating system verification technologies are formal verification that proves the properties of the operating system code like reliability, safeness, validity, etc. (Hashimoto, Tanaka, Maeda, & Ando, 2012). Access control technologies are provided to ensure the safety of the whole operating system. These technologies rely on the assumption of the reference monitors safeness and management of the upper layers programs security.
Operating systems are facing a lot of threats to their security as hackers and ill intent people are always trying to access confidential and unavailable data. Most of these systems provide concurrent execution of multiple applications in a single physical computing hardware. Within such an environment that combines the properties of multitasking and time-sharing, individual application jobs can share the same system resources like disk, memory, CPU, and I/O devices. Majority of operating systems implement some abstract containment properties that are aimed at protecting the execution of individual application jobs from possible interference and attack from the other jobs. These containment properties include virtual memory space, process (or task) and TCB (Task Control Block), IPC (Inter Process Communication), file, port, etc. (Hashimoto, Tanaka, Maeda, & Ando, 2012).
The limited containment that is supported by most operating systems bases accesses decisions solely on user identity and ownership without taking into account any additional security relevant criteria such as the role of the user, operation and trustworthiness of programs, sensitivity and integrity of the data. As long as the users and applications are granted complete discretion over the objects, it is impossible to control the data flow or enforce a system-wide security policy.
Due to these current weaknesses of operating systems, breaching them is rather easy once an application has been compromised. Some examples of such kind of attacks include the illegal use of unprotected system resources, subversion of the protection enforced by the application through the control of underneath system, and access to protected system resources by misusing privileges. For instance, an unidentified worm might launch attacks through emails, target confidential information in the address books, and use it to get complete control of the user account. In another case, a hacker may devalue a website taking over the control of the web server by changing the virtual directory in Microsoft IIS. In the last example, a compromised program that sends mail running as root on a standard UNIX operating system will result in presenting the attacker with user privileges and access to all the uncontrolled system resources (Wees, 2012).
There is no possibility of protecting against malicious code of applications that use existing mechanisms of most commercial operating systems because the programs running under the name of the user get full privileges that are associated with him/her. In addition, the access control that is supported by the current operating systems is coerced and connected with two categories of users. One of them, completely trusted with access, is usually called root applications, and the others are completely un-trusted ordinary users. Because of this, many system services and privileged applications are expected to run under root privileges that exceed what they need. Therefore, a compromise in any program would result in exploitation to obtain complete system control (Wees, 2012).
In its efforts to address the safeguards of computer security that would ensure the protection of classified information in remote-access, the department of defense published "the orange book" also called Trusted Computer System Evaluation Criteria. This book defined the fundamental security requirements for a computer system and specified the series of criteria for various labels of security ratings of a computer system that were based on its design and security feature.
The first level is level D, which requires minimal protection. As a result, no security is required. The level that follows it is the C1 level, requiring discretionary security protection. The system has to identify different users that are running or using the system and provide them with mechanisms for authentication and authorization to prevent unprivileged programs or jobs from interfering with one another. After that, there is a level C2 that is controlling access protection where the system meets additional security requirements that exceed those of C1. They include access control for any subset of the user community, ability of logging or auditing for security events such as authentication, and power of clearing newly allocated disk space and memory. In the next level, level B1, labeled security protection, the system implements mandatory access control where every system subject and object maintains a security label and each access to system resources must be checked for it and follow a list of defined rules. Level B2, or structured protection, has a few new features added to B1. The focus is on the system structure to maintain a greater level of assurance, so that the system behaves correctly and predictably. Level B3 increases more requirements to maintain greater assurance that the system, subjected to tests and analysis, will be small enough and will not have bugs which might allow anything to circumvent mandatory access controls. The highest system security level is level A1, a verified design, where no additional features are added to B3 level systems. It includes formal procedures for the analysis of system design and much more rigorous controls on its implementation (Swan, 2013).
Currently, securing the operating system influences the accomplishment of the three key security concerns identification and verification, access control, security policies, and auditing. Once people realize and strengthen these three pillars, operating systems will be secure. This chapter will examine the possible future trends in these areas and note what could be improved in the operating system security in these sectors.
Todays systems use passwords to protect themselves. However, new trends have developed, and experts agree that biometrics is the new era of operating systems security in line with identification and authentication. Biometrics is the science of analyzing human body characteristics. It measures the biological and behavioral data of the user. Experts agree that user identification by linking a person to his/her body parts to establish his or her identity is preferred over passwords to enhance the operating system security. This system even eliminates the need for passwords and usernames. Biometrics provides entry into the system in a logical manner and physical context.
Biometric authentication is the most secure compared to the current security measures like PIN, passwords, or even smart cards. It is connected with a fact that when a password is uncovered, the system becomes compromised. At the same time, when the smart card is stolen or lost, the system also becomes compromised. On the contrary, biometrics cannot be stolen or lost as a person cannot have fingerprints, voice, or maybe thumb stolen for a biometric reader ("Biometrics: Todays choice for the future of authentication", 2016).
Advantages of the biometric security over the current conventional systems are that it is easier to use for purposes of authentication, and it also offers improved reliability and strengthened information delivery capabilities. Many people have shown concerns about the number of biometric-related issues and possible forgeries. For instance, authentication based on a signature scan that analyzes handwritten text is easy to spoof because it can be forged by a simple optical scanner or camera. A fingerprint scanner that is embedded on keyboards or laptops or one that can be added through the use of USB ports is a viable alternative, but the problem is that fingerprints can be lifted from the touched by an imposter items looking to gain unauthorized access to the resources. Voice biometrics is sometimes prone to loud ambient sounds or low-quality inputs that tend to compromise the ability to record a usable sample successfully. This method could also be tampered with as someone can record another persons voice and play it later to gain access to the restricted resources.
Advances in biometrics are centered in behavioral techniques giving life to new technology, thus providing better and more accurate ways of authentication. An excellent example of it is the finger writing technique. In this technique, there is a recognition verification system that focuses on gesture movements that collect the users unique way of writing and use this pattern to authenticate future logins. The user is asked to type random letters, and then the system extrapolates the unique way in which these letters are written looking at speed, length, angle, and height. Tests on these systems have shown that it is the most accurate means of authentication that is to be seen in the future ("Biometrics: Todays choice for the future of authentication", 2016).
To safeguard the information that people value and want to keep protected in mobiles phones, computers, and laptops, it is important to ensure that the operating systems of these devices are secure. The operating system is the window to all the files and information, and if this window is compromised, the data is no longer safe. Different techniques have been used to ensure that operating systems are safe, but all of them have some similarities. They are aimed at ensuring that the system is secure through access control and user authentication and identification principles.
Current technologies use passwords, PIN, and biometrics, and these techniques are still compromisable. The future should entail an improvement of these techniques and cultivation of more secure ones like combinations of these practices in the same security module or improving the biometrics like the use of pattern recognition to identify users special features, which cannot be compromised.