Security

A computer being secure depends on a number of technologies working properly. A modern operating system provides access to a number of resources, which are available to software running on the system, and to external devices like networks via the kernel.

The operating system must be capable of distinguishing between requesters which should be allowed to be processed, and others which should not be processed. While some systems may simply distinguish between "privileged" and "non-privileged", systems commonly have a form of requester identity, such as a user name. To establish identity there may be a process of authentication. Often a username must be quoted, and each username may have a password. Other methods of authentication, such as magnetic cards or biometric data, might be used instead. In some cases, especially connections from the network, resources may be accessed with no authentication at all.

In addition to the allow/disallow model of security, a system with a high level of security will also offer auditing options. These would allow tracking of requests for access to resources (such as, "who has been reading this file?").

The factual accuracy of part of this article is disputed

internal security, or security from an already running program is only possible if all possibly harmful requests must be carried out through interrupts to the operating system kernel. If programs can directly access hardware and resources, they cannot be secured. Microsoft Windows has been heavily criticized for many years for Window's almost total inability to protect one running program from another, however since Windows isn't generally used as a server it has been considered less of a problem. In recent years, Microsoft has added limited user accounts, and more secure logins. However most people still operate their computers using Administrator accounts, which negates any possible internal security improvements brought about by these changes.

Linux and UNIX both have two tier security, which limits any system-wide changes to the root user, a special user account on all UNIX-like systems. While the root user has unlimited permission to affect system changes, programs as a regular user are limited only in where they can save files, and what hardware they can access. This limits the damage that a regular user can do to the computer while still providing them with plenty of freedom to do everything but affect system-wide changes. The user's settings are stored in an area of the computer's file system called the user's home directory, which is also provided as a location where the user may store their work, similar to My Documents on a windows system. Should a user have to install software or make system-wide changes, they must enter the root password for the computer, which allows them to launch certain programs as the root user.

Though regular user accounts on Unix-like operating systems provide plenty of freedom for day to day activities, this requiring of passwords for various operations can be frustrating for some users. As an example, lets say a person who is used to a Windows environment is being exposed to Ubuntu Linux for the first time. In this situation, they may question why so many operations in this version of Linux require a root password. In their Windows environment they were allowed to change, delete, create, and rename files anywhere on their system. Installing new software, or changing system settings required no special permissions because they logged on automatically as the administrator. This is however considered to be a security risk, as it makes it extremely easy to accidentally delete important files, and for viruses to infect the operating system. With Windows Vista, Microsoft attempted to make improvements in this area of security. Whether they were successful is a matter of debate. Many feel that Vista requires verification for many activities that would rarely or never compromise the system.

External security involves a request from outside the computer, such as a login at a connected console or some kind of network connection. External requests are often passed through device drivers to the operating system's kernel, where they can be passed onto applications, or carried out directly. Security of operating systems has long been a concern because of highly sensitive data held on computers, both of a commercial and military nature. The United States Government Department of Defense (DoD) created the Trusted Computer System Evaluation Criteria (TCSEC) which is a standard that sets basic requirements for assessing the effectiveness of security. This became of vital importance to operating system makers, because the TCSEC was used to evaluate, classify and select computer systems being considered for the processing, storage and retrieval of sensitive or classified information.

Network services include offerings such as file sharing, print services, email, web sites, and file transfer protocols (FTP), most of which can have compromised security. At the front line of security are hardware devices known as firewalls or intrusion detection/prevention systems. At the operating system level, there are a number of software firewalls available, as well as intrusion detection/prevention systems. Most modern operating systems include a software firewall, which is enabled by default. A software firewall can be configured to allow or deny network traffic to or from a service or application running on the operating system. Therefore, one can install and be running an insecure service, such as Telnet or FTP, and not have to be threatened by a security breach because the firewall would deny all traffic trying to connect to the service on that port.

An alternative strategy, and the only sandbox strategy available in systems that do not meet the Popek and Goldberg virtualization requirements, is the operating system not running user programs as native code, but instead either emulates a processor or provides a host for a p-code based system such as Java.

Internal security is especially relevant for multi-user systems; it allows each user of the system to have private files that the other users cannot tamper with or read. Internal security is also vital if auditing is to be of any use, since a program can potentially bypass the operating system, inclusive of bypassing auditing.