How Security Is Provided In Operating Systems Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Windows operating system provide security by using key security features like kernel path protection, data execution prevention, add space layout randomization and mandatory integrity levels.

Similarly Microsoft Windows provides it users with windows, Acrobat and flash updates to remove or reduce the vulnerabilities and critical security holes in the Operating System.

Enhanced UAC(User account control) is designed in windows to give least privileged access

To users to access administrator.

Windows 7 operating system provides two way authentications and is equipped with built in biometric security and provides seamless integration between operating system and finger print scanning hardware. So widows OS provide sufficient security by providing finger print scanning along with password.

Windows OS provide User account control, so any action which requires administrator permissions; we need to provide username and password of administrator so that required action could be executed.

Bit locker drive encryption is also one the security feature of windows OS which provide full disk encryption, so it protects data from unauthorized access.

Windows firewall provides IPv6 connection filtering, outbound packet filtering and protect against various viruses. IPSec is fully integrated, allowing connections to be allowed or denied based on security certificates, authentications, etc

Encrypting file system is also the security feature of windows OS.

Recently Microsoft windows added one more security feature that if consumers don't want their actions and movements to be tracked they can have that right. This is called as Microsoft web privacy standard.


In user account of UNIX OS there is a root account which have administrative rights, rest all account are unprivileged, so nobody except administrator can change or delete anything.

UNIX OS have a security feature of file encryption, it create a one or more encrypted volumes of your important files and upon giving the correct username and password you can decrypt it for later usage.

UNIX also provides secure remote access with OPENSSH. . An SSH service uses strong encryption by default, and provides the following facilities:

Remote command-line access

Remote command execution

Remote access to graphical software

File transfers

UNIX OS also have a GnuPG system for encrypting and digitally signing files such as e-mails. So by the help of that system it provides data verification so that nobody could be able to misuse e-mails.

Most UNIX operating systems provide several methods of limiting the ability of a program to affect either other running programs, or the host system itself.

Mandatory Access Control (MAC) adds the normal UNIX security facilities of a system by enforcing absolute limits that cannot be addressed by any program or account.

Virtualization enables you to assign a limited set of hardware resources to a virtual machine, which may be monitored and backed up by separate processes on the host system.

The chroot utility runs programs within a specified working directory, and prevents them from accessing any other directory on that system.

UNIX also provides the facility by making the users aware of the email reports and notifications from different parts of the system.e.g message prompts that you need to backup your files.etc.

UNIX OS provide security to users by providing different levels of file permission, i.e. read, write and execute to owner, group and all other accounts. So that unauthorized person would not be able to change the contents of your important files etc.


LINUX OS do file encryption so that unauthorized person could not be able to read the content of your files.Examples:SSL,IPSEC

LINUX have authentication system so that imposter could not be able to do the unrequired change in the system. Example includes PAM, PGP/GPG and Kerberos.

LINUX OS also provide security through firewall. Firewalls are network packet filters that are capable of blocking unwanted network traffic, while passing through allowed traffic. Firewalls are often the first line of defence against crackers and Internet worms.

LINUX OS also provide security through spam filters. Spam filters are a special case of content-based blocking: when network traffic takes a particular form (such as unsolicited email advertising), it is blocked or discarded. 

LINUX also have intrusion detection system(IDS) which warns the administrator if any cracker wants to break into the system or broken in to the system that break in is imminent or occurred. IDS's can watch for inappropriate network traffic going to inappropriate ports (e.g. SNORT), unexpected file modifications (e.g. Tripwire) or inappropriate system calls (e.g. Remus). 

Mandatory Access Control (MAC) Systems is also part of the securities provided by LINUX OS.This system divides a computer and its operating system into many small pieces. A user can only use those pieces for which they have been given access.

LINUX OS have 'capability denial and access control system'.

Access control systems make sure that only authorized users or programs have access only to what they are allowed to have.

Capability systems make sure that a user or program can perform only those actions that they are allowed to perform.

LINUX OS have systems like chroot jails, which change the file system root that a process sees. This limits a process to a subdirectory of the 'real' system. If the process is cracked, the cracker still cannot get access to directories outside the jail.

LINUX use either LUKS, CRYPTOFS, or ENCFS to encrypt disks.

LINUX have intrusion detection tools like: trip wire, psionic, snort, remus.etc to detect cracking attempts against the system.


MAC OS provides administrative account in the system; this account is run by the administrator to make any changes in the system. Any unauthorized person is not allowed to make changes without administrative rights.i.e. Any time you launch an administrative tool, you will have to authenticate yourself by entering the username and password of an administrative account to make changes.

MAC OS uses firewall to prevent the attacker from reaching the service.

MAC OS provide recording events through system logging and reviewing these logs is a key element of good security. Good logging provides information as to what happened, when it happened, and (usually) who did it. Examples of the types of events recorded in the logs are:

Firewall blocked packets.

Web server access and error messages.

Use of privilege escalation tools.

Informational messages, such as subsystem status messages.

MAC OS uses 'pluggable authentication modules' (PAM) to provide more security and to reduce loopholes.

MAC OS uses firm ware password protection mechanism, to prevent system booting from unauthorized disks.CD, DVD etc.

Firmware password protection is valuable for computer labs where computer access is not monitored properly.

MAC OS uses keychain that securely and efficiently stores user names and passwords. All the password data in the keychain is protected using the Triple Digital Encryption Standard (3DES). MAC OS adds protection; Mac OS X locks your keychain when you log out. You can also set Mac OS X to lock your keychain when the system sleeps or after a specified time of inactivity, and you can lock your keychain manually at any time.

MAC OS provides Encrypted Internet communications with TLS and SSL. Safari and other Internet applications automatically start these transport layer mechanisms to provide an encrypted channel between two systems and to protect the information in the channel from unauthorized entities.

There are many other systems and mechanism in these operating systems which serves to provide incredible security.