jump to navigation

Protection of Information Response September 15, 2013

Posted by 7832johnsob in Security.
trackback

After reading all of “The Protection of Information in Computer Systems”, a couple of conceptual ideas stood out. Authentication is used to “prove” a user’s identity and then the user is able to access objects based on authorization specified using capabilities or access control lists. These were discussed in the paper as two methods to provide protection and security for multiple users.  As mentioned in the paper, there are benefits and limitations to both methods as well as different implementations of each method that can slightly change what the method can or cannot do. For example, the article outlined hierarchical and self-control schemes for how to implement authority to change access control lists [1]. Each of the schemes provides different functionality for how manipulation of access control list will be handled, meaning there are different handling mechanisms that serve a specific goal or purpose better. The paper points out that “matching a set of protection goals to a particular protection architecture by setting the bits and locations of access control lists or capabilities or by devising protected subsystems is a matter of programming the architecture” [1].To me this seems to suggest that security and protection should be a fundamental part of the operating system, which can be done by “ensuring that only processes that have gained proper authorization from the operating system can operate on memory segments, the CPU, and other resources” [2]. These concepts of protection and security are usually elements briefly taught in college courses about operating systems. However, the concluding remarks of this paper also suggest that though the operating systems can implement access control lists and capabilities, that these mechanisms may not really address the protection and security needs of the user well. With current operating systems using the aforementioned methods to handle protection and security, is this sufficient for the user’s needs (consider all types of users) or can more be done to improve?

 References:

[1] M. D. S. JEROME H. SALTZER, “The Protection of Information in Computer Systems”.
[2] G. a. G. Silberschatz, Operating Systems Concepts, Palatino: Wiley, 2009.
Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: