SlideShare uma empresa Scribd logo

11. comparative study of security mechanism differentiation between windows 2000www.iiste.org call for paper and unix

Alexander Decker
Alexander Decker
Tecnologia
1 de 6
Baixar para ler offline
Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 A Comparative Study of Security Mechanism differentiation between Windows 2000 and UNIX Operating Systems Khalid Mahmood ICIT, Gomal University, KPK, Pakistan Khalid_icit@hotmail.com Muhammad Javed ICIT, Gomal University, KPK, Pakistan Javed_gomal@yahoo.com Muhammad Abid ICIT, Gomal University, KPK, Pakistan abid.gu@gmail.com Bashir Ahmad ICIT, Gomal University, KPK, Pakistan bashahmad@gmail.com Ihsan Ullah ICIT, Gomal University, KPK, Pakistan ihsanullah1974@yahoo.com Allah Nawaz Faculty of Pharmacy, Gomal University, Pakistan nawaz_phd1@hotmail.com Abstract: "Security" is hard to formalize, hard to design (and design for), hard to implement, hard to verify, hard to configure, and hard to use. It is particularly hard to use on a platform such as Windows, which is evolving, security-wise, along with its representative user-base. The primary environment in which a typical Windows system exists has traditionally been hostile, especially after the advent of the Internet. While UNIX systems share the same environment today, their traditional environments were comparatively trusted: research labs and universities. Similarly, UNIX users have had backgrounds differing from Windows users. Keywords: UNIX, Windows 2000, Security Mechanism, Operating System 1. Security in UNIX 1.1 Fundamental Concepts UNIX (Tanenbaum, 2008) has been a multi-user system almost from the beginning. The user community of UNIX system consists of some number of registered users, each of whom has a unique User ID (UID). A UID is an integer between 0 to 65,535. Files are marked with the UID of their owner. By 45
Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 default, the owner of a file is the person who created the file. Users can be organized into groups, which are also numbered with 16-bit integers called Group-ID done manually by System administrator. Originally a user could be in only one group, but now some version of UNIX allow user to be in more than one group. The security mechanism in UNIX is very simple, each process carried the UID and GID of its owner, when a file is created, its get the UID and GID of the creating process as well as set of permissions determined by the creating process. These permission specify the access of the owner, other members of the owner group, and the rest of users have to the file. Three categories of access are read, write and execute designated by the letter r, w and x respectively. Since there are three categories of users and 3 bits per category, 9 bits are sufficient to represent the access rights, such as Binary Symbolic Allowed file access 111000000 Rwx------ Owner can read, write and execute 111111000 Rwxrwx--- Owner and group can read, write and Excute 000000111 ------rwx Only outsider have access( strange, But legal 000000000 --------- Denies access of any body. The first two entries of the above table are very clear, allowing the owner and the owner group full access. The third entry is strange since it gives more access to rest of the world than owner and the last entry denies all access to all users. The user with UID 0 is special and is the called the Superuser or root. The supersuser has the power to read and write all files no matter who owns them and how they are protected. Process with UID 0 also has the ability to make a small number of protected system calls denied to ordinary users. Directories are files and have the same protection modes that ordinary file do except that x bits refer to search permission instead of execute permission. Thus a directory with mode rwxr-xr-x allows it owner to read, modify and search the directory, but allows other only to read and search it, but not add or remove files from it. 1.2 Security system calls in UNIX There are only a small number of system calls relating to security. The most important are chmod, (it is used to change the protection mode), access, uid, gid, chown(change owner), setuid and setgid (set the GID). 1.3 Implementation of Security in UNIX When the user logs in, the login program asks for the login name and a password. It hashes the password and then looks in the password file to check the user Login ID. The reason for hashing is to prevent the password from being stored in unencrypted form anywhere in the system. The login program then uses setuid and setgid to give itself the users ID and group ID. Then it opens the keyboard for standard input, the screen for standard output and the screen for standard error. Finally it executes the preferred shell, thus terminating itself. When any process attempts to open a file, the system first check s the protection bits in the file i-node against the caller effective UID and effective GID to see if the access is permitted. If so the file is opened and a file descriptor returned. If the file is not opened a -1 is returned. No checks are made on subsequent read and write calls. As a consequence, if the protection mode changes after a file is already open, the new mode will not affect process that, already have the file open. Security in the LINUX is essentially the same as in UNIX. All the UNIX security features are implemented and there is little else in this area. 2. Security in Windows (2000) NT was designed to meet the U.S. Department of Defense C2 security requirements (wikipedia) the Orange book. This standard requires operating system to have certain properties in order to be classified as secure 46
Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 enough for certain kinds of military work. Although windows 2000 was not specifically designed for C2 compliance, it inherits may securities properties from NT, which are  Secure Login with anti-spoofing measures  Discretionary access control  Privileged access control  Address space protection per process  New pages must be zeroed before being mapped in  Security auditing Secure Login means that system administrator can require all users to have password in order to log in. Spoofing is when a malicious user writes a program that displays the login prompt or screen and then walks away from the computer in the hope that an innocent user will sit down and enter a name and password. The name and password are then written to disk and the user is told that login has failed. Windows 2000, Windows XP and Windows Vista prevents this attack by instructing user to hit CTRL-ALT-DEL (Secure Action Sequence) to log in. this key sequence is always captured by the keyboard driver, which then invokes a system program that puts up the genuine login screen. This procedure works because there is no way for user processes to disable CTRL-ALT-DEL processing in the keyboard driver. Discretionary access controls allow the owner of a file or other object to say who can use it and in what way. Privileged access control allows the system administrator (superuser) to override them when needed. Address space protection means that each has its won protected virtual address space not accessible by any unauthorized process. The new page must be zeroed means that when a stack grows, the pages mapped in are initialized to zero so processes cannot find any old information put there by the previous owner. Finally security auditing allows the administrator to produce a log of certain security related events. 2.1 Fundamental Concepts Every windows 2000 user is identified by a SID (Security ID). SID is binary numbers with a short header followed by a long random component. Each SID is intended to be unique worldwide. Whenever a user starts a process, the process and its threads run under the user SID. Each process has an access token that specifies its SID and other properties. It is normally assigned at log in time, although process should call GetTokenInformation to acquire this information. Header Expiration Groups Default ACL User SID Group Restricted ID Privileges ID Finally the privileges listed above, if any, give the process special powers, such the right to shut down the machine or access files to which would otherwise be denied. In effect, the privileges split up the power of superuser into several rights that can be assigned to processes individually. Another basic concept is the security descriptor. Every object has a security descriptor associated with it that tells who can perform which operations on it. The two main kinds of elements are Allow and Deny. An allow element specifies a SID and a bitmap that specifies which operation processes that with SID may perform on the object. A deny element work the same way, except a match means the caller may not perform the operation. 2.3 Security API Calls Most of the Windows 2000 access control mechanism is based on security descriptors. The usual pattern is that when a process created an object, it provides a security descriptor as one of the parameters to the CreateProcess, createFile or other object creation call. This security descriptor is then attached to the object. Most of the Win32 API security calls relate to the management of security descriptor. To create a security descriptor, storage for it is first allocated and then initialized using InitializeSecurityDescriptor. 47
Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 2.4 Implementation of Security Security in Windows 2000 is implemented by a number of components. Logging is handled by winlogon and authentication is handled by lsass and msgina.dll. The result of successful login is a new shell with its associated access token. This process uses the SECURITY and SAM keys in the registry. When a user opens an object, the security manager checks to see if the caller has all the rights required. It performs this check by looking at the caller access token and the DACL associated with the object. As soon as it finds an entry that matches the caller’s SID or one the callers groups the access found there is taken as definitive. If all the rights the caller needs are available, the open succeeds, otherwise it fails. After an object has been opened, a handle to it is returned to the caller. On subsequent calls, the only check that is made is whether the operation now being tried was in the set of operations requested at open time, to prevent a caller from opening a file for reading and then trying to write on it. Any log entries required by the ACL are made. 3. Comparison of Security Protection Mechanism b/w UNIX and Windows (wikipedia, 2009) Windows Linux More than 800 pieces of Linux malware have Malware According to Kaspersky Lab, more than been discovered. Some malware has 11,000 malware programs for Windows propagated through the Internet. were discovered in the second half of 2005. Botnets - networks of infected computers controlled by malicious persons - with more than one million computers have been witnessed. Users are advised to install and run anti- malware programs. Open vs. Claims its platform is more secure because Claims its platform is more secure because Closed of a comprehensive approach to security all of its code is reviewed by so many people using the Security Development Lifecycle. that bugs are detected However, due to the nature of closed source, only company programmers can fix bugs. Response Claims closed source offers a faster and Bugs can be fixed and rolled out within a day speed more effective response to security issues, of being reported, though usually it takes a though critical bug fixes are only released few weeks before the patch is available on all once a month after extensive programming distributions. and testing and certain bugs have been known to go unpatched for months. User In Windows Vista, all logged in sessions Users typically run as limited accounts, Accounts (even for those of "administrator" users) run having created both administrator and user with standard user permissions, preventing accounts during install, preventing malicious malicious programs from gaining total programs from gaining total control of the control of the system. system. Prior versions of Windows would assign administrator status to the first user account created during the setup process. The majority of users did not change to an 48
Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 account type with fewer rights, meaning that malicious programs would have full control over the system. 4. Conclusion Linux and Windows differ in many aspects. First of all, the Linux GUI is optional while the Windows GUI is an integral component of the OS; speed, efficiency and reliability are all increased by running a server instance of Linux without a GUI, something that server versions of Windows can not do. The detached nature of the Linux GUI makes remote control and remote administration of a Linux computer simpler and more natural than a Windows Computer. Secondly the command prompts of these operating systems are quite different. In general, the command interpreters in the Windows 9x series are very similar to each other and the NT class versions of Windows (NT, 2000, XP) also have similar command interpreters. There are, however differences between a Windows 9x command interpreter and one in an NT class flavor of Windows. Linux, like all versions of UNIX, supports multiple command interpreters, but it usually uses one called BASH (Bourne Again Shell). Others are the Korn shell, the Bourne shell, ash, and the C shell (pun, no doubt, intended). The costs are amazingly different. While you have to pay some hundred dollars for a new version of Windows, you can simply go and download Linux. As it comes from the nature of Linux, there are no manuals or simple installers for the free version, however. You really have to know what you are doing while using this free package. There are also some easy automated packages of Linux for low prices, as well. The security issues with Windows are the biggest cons of Microsoft. Most of the malicious files, spyware, adware programs deal with Windows. You generally do not deal with these kinds of unwanted circumstances unless you are working with Windows. The user-id and password protection for Windows can also be easily bypassed, whereas Linux offers a strong protection. After mentioning some of the different aspects of these operating systems, it can be said that all Linux needs to compete with Windows is some user friendly interface and a strong company support which can provide the users with technical information and user manuals References: Modern Operating System, 2nd Edition, Andrew S. Tanenbaum Difference b/w Unix and Windows [online] Available :http://www.wikipedia.com Security mechanism difference b/w windows and UNIX [online] Available: http://www.google.com.pk 49
International Journals Call for Paper The IISTE, a U.S. publisher, is currently hosting the academic journals listed below. The peer review process of the following journals usually takes LESS THAN 14 business days and IISTE usually publishes a qualified article within 30 days. Authors should send their full paper to the following email address. More information can be found in the IISTE website : www.iiste.org Business, Economics, Finance and Management PAPER SUBMISSION EMAIL European Journal of Business and Management EJBM@iiste.org Research Journal of Finance and Accounting RJFA@iiste.org Journal of Economics and Sustainable Development JESD@iiste.org Information and Knowledge Management IKM@iiste.org Developing Country Studies DCS@iiste.org Industrial Engineering Letters IEL@iiste.org Physical Sciences, Mathematics and Chemistry PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Chemistry and Materials Research CMR@iiste.org Mathematical Theory and Modeling MTM@iiste.org Advances in Physics Theories and Applications APTA@iiste.org Chemical and Process Engineering Research CPER@iiste.org Engineering, Technology and Systems PAPER SUBMISSION EMAIL Computer Engineering and Intelligent Systems CEIS@iiste.org Innovative Systems Design and Engineering ISDE@iiste.org Journal of Energy Technologies and Policy JETP@iiste.org Information and Knowledge Management IKM@iiste.org Control Theory and Informatics CTI@iiste.org Journal of Information Engineering and Applications JIEA@iiste.org Industrial Engineering Letters IEL@iiste.org Network and Complex Systems NCS@iiste.org Environment, Civil, Materials Sciences PAPER SUBMISSION EMAIL Journal of Environment and Earth Science JEES@iiste.org Civil and Environmental Research CER@iiste.org Journal of Natural Sciences Research JNSR@iiste.org Civil and Environmental Research CER@iiste.org Life Science, Food and Medical Sciences PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Journal of Biology, Agriculture and Healthcare JBAH@iiste.org Food Science and Quality Management FSQM@iiste.org Chemistry and Materials Research CMR@iiste.org Education, and other Social Sciences PAPER SUBMISSION EMAIL Journal of Education and Practice JEP@iiste.org Journal of Law, Policy and Globalization JLPG@iiste.org Global knowledge sharing: New Media and Mass Communication NMMC@iiste.org EBSCO, Index Copernicus, Ulrich's Journal of Energy Technologies and Policy JETP@iiste.org Periodicals Directory, JournalTOCS, PKP Historical Research Letter HRL@iiste.org Open Archives Harvester, Bielefeld Academic Search Engine, Elektronische Public Policy and Administration Research PPAR@iiste.org Zeitschriftenbibliothek EZB, Open J-Gate, International Affairs and Global Strategy IAGS@iiste.org OCLC WorldCat, Universe Digtial Library , Research on Humanities and Social Sciences RHSS@iiste.org NewJour, Google Scholar. Developing Country Studies DCS@iiste.org IISTE is member of CrossRef. All journals Arts and Design Studies ADS@iiste.org have high IC Impact Factor Values (ICV).

Recomendados

D0312427
D0312427D0312427
D0312427iosrjournals
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Jan Ketil Skanke
 
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNoSuchCon
 
HCLOS.Reduce to 600 dpi average quality
HCLOS.Reduce to 600 dpi average qualityHCLOS.Reduce to 600 dpi average quality
HCLOS.Reduce to 600 dpi average qualityVinayak Wadhwa
 
Method of and apparatus for providing multi-level security access to system
Method of and apparatus for providing multi-level security access to systemMethod of and apparatus for providing multi-level security access to system
Method of and apparatus for providing multi-level security access to systemTal Lavian Ph.D.
 
ITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarDaniel Versola
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1Hamed Moghaddam
 
WP101 Fundamental Principles of Network Security
WP101 Fundamental Principles of Network SecurityWP101 Fundamental Principles of Network Security
WP101 Fundamental Principles of Network SecuritySE_NAM_Training
 

Recomendados

D0312427
D0312427D0312427
D0312427iosrjournals
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Jan Ketil Skanke
 
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNoSuchCon
 
HCLOS.Reduce to 600 dpi average quality
HCLOS.Reduce to 600 dpi average qualityHCLOS.Reduce to 600 dpi average quality
HCLOS.Reduce to 600 dpi average qualityVinayak Wadhwa
 
Method of and apparatus for providing multi-level security access to system
Method of and apparatus for providing multi-level security access to systemMethod of and apparatus for providing multi-level security access to system
Method of and apparatus for providing multi-level security access to systemTal Lavian Ph.D.
 
ITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarDaniel Versola
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1Hamed Moghaddam
 
WP101 Fundamental Principles of Network Security
WP101 Fundamental Principles of Network SecurityWP101 Fundamental Principles of Network Security
WP101 Fundamental Principles of Network SecuritySE_NAM_Training
 
Backdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerBackdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerIRJET Journal
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentalsJassika
 
Windows Architecture Explained by Stacksol
Windows Architecture Explained by StacksolWindows Architecture Explained by Stacksol
Windows Architecture Explained by StacksolStacksol
 
Window architecture
Window architecture Window architecture
Window architecture IGZ Software house
 
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMIJNSA Journal
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsmiaemedu
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Firewalls
FirewallsFirewalls
FirewallsDeevena Dayaal
 
Linux security
Linux securityLinux security
Linux securitytrilokchandra prakash
 
Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Secure architecture principles isolation and leas(CSS unit 3 Part 1)Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Secure architecture principles isolation and leas(CSS unit 3 Part 1)SURBHI SAROHA
 
With respect to the security aspects of Linux- answer the following qu.docx
With respect to the security aspects of Linux- answer the following qu.docxWith respect to the security aspects of Linux- answer the following qu.docx
With respect to the security aspects of Linux- answer the following qu.docxSUKHI5
 
A Secure Software Engineering Perspective
A Secure Software Engineering PerspectiveA Secure Software Engineering Perspective
A Secure Software Engineering Perspectiveidescitation
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devicesIOSR Journals
 
Hack.Lu 2010 - Escaping Protected Mode Internet Explorer
Hack.Lu 2010 - Escaping Protected Mode Internet ExplorerHack.Lu 2010 - Escaping Protected Mode Internet Explorer
Hack.Lu 2010 - Escaping Protected Mode Internet ExplorerTom Keetch
 
2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)Felipe Prado
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003rafiq123
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEDATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEijdms
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesJavier González
 
Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Alexander Decker
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inAlexander Decker
 

Mais conteúdo relacionado

Semelhante a 11. comparative study of security mechanism differentiation between windows 2000www.iiste.org call for paper and unix

Backdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerBackdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerIRJET Journal
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentalsJassika
 
Windows Architecture Explained by Stacksol
Windows Architecture Explained by StacksolWindows Architecture Explained by Stacksol
Windows Architecture Explained by StacksolStacksol
 
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMIJNSA Journal
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsmiaemedu
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Secure architecture principles isolation and leas(CSS unit 3 Part 1)Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Secure architecture principles isolation and leas(CSS unit 3 Part 1)SURBHI SAROHA
 
With respect to the security aspects of Linux- answer the following qu.docx
With respect to the security aspects of Linux- answer the following qu.docxWith respect to the security aspects of Linux- answer the following qu.docx
With respect to the security aspects of Linux- answer the following qu.docxSUKHI5
 
A Secure Software Engineering Perspective
A Secure Software Engineering PerspectiveA Secure Software Engineering Perspective
A Secure Software Engineering Perspectiveidescitation
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devicesIOSR Journals
 
Hack.Lu 2010 - Escaping Protected Mode Internet Explorer
Hack.Lu 2010 - Escaping Protected Mode Internet ExplorerHack.Lu 2010 - Escaping Protected Mode Internet Explorer
Hack.Lu 2010 - Escaping Protected Mode Internet ExplorerTom Keetch
 
2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)Felipe Prado
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003rafiq123
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEDATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEijdms
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesJavier González
 

Semelhante a 11. comparative study of security mechanism differentiation between windows 2000www.iiste.org call for paper and unix (20)

Backdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerBackdoor Entry to a Windows Computer
Backdoor Entry to a Windows Computer
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentals
 
Windows Architecture Explained by Stacksol
Windows Architecture Explained by StacksolWindows Architecture Explained by Stacksol
Windows Architecture Explained by Stacksol
 
Window architecture
Window architecture Window architecture
Window architecture
 
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsm
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
Firewalls
FirewallsFirewalls
Firewalls
 
Linux security
Linux securityLinux security
Linux security
 
Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Secure architecture principles isolation and leas(CSS unit 3 Part 1)Secure architecture principles isolation and leas(CSS unit 3 Part 1)
Secure architecture principles isolation and leas(CSS unit 3 Part 1)
 
With respect to the security aspects of Linux- answer the following qu.docx
With respect to the security aspects of Linux- answer the following qu.docxWith respect to the security aspects of Linux- answer the following qu.docx
With respect to the security aspects of Linux- answer the following qu.docx
 
A Secure Software Engineering Perspective
A Secure Software Engineering PerspectiveA Secure Software Engineering Perspective
A Secure Software Engineering Perspective
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devices
 
Hack.Lu 2010 - Escaping Protected Mode Internet Explorer
Hack.Lu 2010 - Escaping Protected Mode Internet ExplorerHack.Lu 2010 - Escaping Protected Mode Internet Explorer
Hack.Lu 2010 - Escaping Protected Mode Internet Explorer
 
2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
 
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEDATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal Devices
 

Mais de Alexander Decker

Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Alexander Decker
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inAlexander Decker
 
A usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesA usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesAlexander Decker
 
A universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksA universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksAlexander Decker
 
A unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dA unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dAlexander Decker
 
A trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceA trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceAlexander Decker
 
A transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamA transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamAlexander Decker
 
A time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaA time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaAlexander Decker
 
A therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenA therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenAlexander Decker
 
A theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksA theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksAlexander Decker
 
A systematic evaluation of link budget for
A systematic evaluation of link budget forA systematic evaluation of link budget for
A systematic evaluation of link budget forAlexander Decker
 
A synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabA synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabAlexander Decker
 
A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...Alexander Decker
 
A survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalA survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalAlexander Decker
 
A survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesA survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesAlexander Decker
 
A survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbA survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbAlexander Decker
 
A survey on challenges to the media cloud
A survey on challenges to the media cloudA survey on challenges to the media cloud
A survey on challenges to the media cloudAlexander Decker
 
A survey of provenance leveraged
A survey of provenance leveragedA survey of provenance leveraged
A survey of provenance leveragedAlexander Decker
 
A survey of private equity investments in kenya
A survey of private equity investments in kenyaA survey of private equity investments in kenya
A survey of private equity investments in kenyaAlexander Decker
 
A study to measures the financial health of
A study to measures the financial health ofA study to measures the financial health of
A study to measures the financial health ofAlexander Decker
 

Mais de Alexander Decker (20)

Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale in
 
A usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesA usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websites
 
A universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksA universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banks
 
A unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dA unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized d
 
A trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceA trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistance
 
A transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamA transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifham
 
A time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaA time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibia
 
A therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenA therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school children
 
A theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksA theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banks
 
A systematic evaluation of link budget for
A systematic evaluation of link budget forA systematic evaluation of link budget for
A systematic evaluation of link budget for
 
A synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabA synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjab
 
A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...
 
A survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalA survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incremental
 
A survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesA survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniques
 
A survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbA survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo db
 
A survey on challenges to the media cloud
A survey on challenges to the media cloudA survey on challenges to the media cloud
A survey on challenges to the media cloud
 
A survey of provenance leveraged
A survey of provenance leveragedA survey of provenance leveraged
A survey of provenance leveraged
 
A survey of private equity investments in kenya
A survey of private equity investments in kenyaA survey of private equity investments in kenya
A survey of private equity investments in kenya
 
A study to measures the financial health of
A study to measures the financial health ofA study to measures the financial health of
A study to measures the financial health of
 

Último

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Último (20)

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

11. comparative study of security mechanism differentiation between windows 2000www.iiste.org call for paper and unix

  • 1. Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 A Comparative Study of Security Mechanism differentiation between Windows 2000 and UNIX Operating Systems Khalid Mahmood ICIT, Gomal University, KPK, Pakistan Khalid_icit@hotmail.com Muhammad Javed ICIT, Gomal University, KPK, Pakistan Javed_gomal@yahoo.com Muhammad Abid ICIT, Gomal University, KPK, Pakistan abid.gu@gmail.com Bashir Ahmad ICIT, Gomal University, KPK, Pakistan bashahmad@gmail.com Ihsan Ullah ICIT, Gomal University, KPK, Pakistan ihsanullah1974@yahoo.com Allah Nawaz Faculty of Pharmacy, Gomal University, Pakistan nawaz_phd1@hotmail.com Abstract: "Security" is hard to formalize, hard to design (and design for), hard to implement, hard to verify, hard to configure, and hard to use. It is particularly hard to use on a platform such as Windows, which is evolving, security-wise, along with its representative user-base. The primary environment in which a typical Windows system exists has traditionally been hostile, especially after the advent of the Internet. While UNIX systems share the same environment today, their traditional environments were comparatively trusted: research labs and universities. Similarly, UNIX users have had backgrounds differing from Windows users. Keywords: UNIX, Windows 2000, Security Mechanism, Operating System 1. Security in UNIX 1.1 Fundamental Concepts UNIX (Tanenbaum, 2008) has been a multi-user system almost from the beginning. The user community of UNIX system consists of some number of registered users, each of whom has a unique User ID (UID). A UID is an integer between 0 to 65,535. Files are marked with the UID of their owner. By 45
  • 2. Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 default, the owner of a file is the person who created the file. Users can be organized into groups, which are also numbered with 16-bit integers called Group-ID done manually by System administrator. Originally a user could be in only one group, but now some version of UNIX allow user to be in more than one group. The security mechanism in UNIX is very simple, each process carried the UID and GID of its owner, when a file is created, its get the UID and GID of the creating process as well as set of permissions determined by the creating process. These permission specify the access of the owner, other members of the owner group, and the rest of users have to the file. Three categories of access are read, write and execute designated by the letter r, w and x respectively. Since there are three categories of users and 3 bits per category, 9 bits are sufficient to represent the access rights, such as Binary Symbolic Allowed file access 111000000 Rwx------ Owner can read, write and execute 111111000 Rwxrwx--- Owner and group can read, write and Excute 000000111 ------rwx Only outsider have access( strange, But legal 000000000 --------- Denies access of any body. The first two entries of the above table are very clear, allowing the owner and the owner group full access. The third entry is strange since it gives more access to rest of the world than owner and the last entry denies all access to all users. The user with UID 0 is special and is the called the Superuser or root. The supersuser has the power to read and write all files no matter who owns them and how they are protected. Process with UID 0 also has the ability to make a small number of protected system calls denied to ordinary users. Directories are files and have the same protection modes that ordinary file do except that x bits refer to search permission instead of execute permission. Thus a directory with mode rwxr-xr-x allows it owner to read, modify and search the directory, but allows other only to read and search it, but not add or remove files from it. 1.2 Security system calls in UNIX There are only a small number of system calls relating to security. The most important are chmod, (it is used to change the protection mode), access, uid, gid, chown(change owner), setuid and setgid (set the GID). 1.3 Implementation of Security in UNIX When the user logs in, the login program asks for the login name and a password. It hashes the password and then looks in the password file to check the user Login ID. The reason for hashing is to prevent the password from being stored in unencrypted form anywhere in the system. The login program then uses setuid and setgid to give itself the users ID and group ID. Then it opens the keyboard for standard input, the screen for standard output and the screen for standard error. Finally it executes the preferred shell, thus terminating itself. When any process attempts to open a file, the system first check s the protection bits in the file i-node against the caller effective UID and effective GID to see if the access is permitted. If so the file is opened and a file descriptor returned. If the file is not opened a -1 is returned. No checks are made on subsequent read and write calls. As a consequence, if the protection mode changes after a file is already open, the new mode will not affect process that, already have the file open. Security in the LINUX is essentially the same as in UNIX. All the UNIX security features are implemented and there is little else in this area. 2. Security in Windows (2000) NT was designed to meet the U.S. Department of Defense C2 security requirements (wikipedia) the Orange book. This standard requires operating system to have certain properties in order to be classified as secure 46
  • 3. Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 enough for certain kinds of military work. Although windows 2000 was not specifically designed for C2 compliance, it inherits may securities properties from NT, which are  Secure Login with anti-spoofing measures  Discretionary access control  Privileged access control  Address space protection per process  New pages must be zeroed before being mapped in  Security auditing Secure Login means that system administrator can require all users to have password in order to log in. Spoofing is when a malicious user writes a program that displays the login prompt or screen and then walks away from the computer in the hope that an innocent user will sit down and enter a name and password. The name and password are then written to disk and the user is told that login has failed. Windows 2000, Windows XP and Windows Vista prevents this attack by instructing user to hit CTRL-ALT-DEL (Secure Action Sequence) to log in. this key sequence is always captured by the keyboard driver, which then invokes a system program that puts up the genuine login screen. This procedure works because there is no way for user processes to disable CTRL-ALT-DEL processing in the keyboard driver. Discretionary access controls allow the owner of a file or other object to say who can use it and in what way. Privileged access control allows the system administrator (superuser) to override them when needed. Address space protection means that each has its won protected virtual address space not accessible by any unauthorized process. The new page must be zeroed means that when a stack grows, the pages mapped in are initialized to zero so processes cannot find any old information put there by the previous owner. Finally security auditing allows the administrator to produce a log of certain security related events. 2.1 Fundamental Concepts Every windows 2000 user is identified by a SID (Security ID). SID is binary numbers with a short header followed by a long random component. Each SID is intended to be unique worldwide. Whenever a user starts a process, the process and its threads run under the user SID. Each process has an access token that specifies its SID and other properties. It is normally assigned at log in time, although process should call GetTokenInformation to acquire this information. Header Expiration Groups Default ACL User SID Group Restricted ID Privileges ID Finally the privileges listed above, if any, give the process special powers, such the right to shut down the machine or access files to which would otherwise be denied. In effect, the privileges split up the power of superuser into several rights that can be assigned to processes individually. Another basic concept is the security descriptor. Every object has a security descriptor associated with it that tells who can perform which operations on it. The two main kinds of elements are Allow and Deny. An allow element specifies a SID and a bitmap that specifies which operation processes that with SID may perform on the object. A deny element work the same way, except a match means the caller may not perform the operation. 2.3 Security API Calls Most of the Windows 2000 access control mechanism is based on security descriptors. The usual pattern is that when a process created an object, it provides a security descriptor as one of the parameters to the CreateProcess, createFile or other object creation call. This security descriptor is then attached to the object. Most of the Win32 API security calls relate to the management of security descriptor. To create a security descriptor, storage for it is first allocated and then initialized using InitializeSecurityDescriptor. 47
  • 4. Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 2.4 Implementation of Security Security in Windows 2000 is implemented by a number of components. Logging is handled by winlogon and authentication is handled by lsass and msgina.dll. The result of successful login is a new shell with its associated access token. This process uses the SECURITY and SAM keys in the registry. When a user opens an object, the security manager checks to see if the caller has all the rights required. It performs this check by looking at the caller access token and the DACL associated with the object. As soon as it finds an entry that matches the caller’s SID or one the callers groups the access found there is taken as definitive. If all the rights the caller needs are available, the open succeeds, otherwise it fails. After an object has been opened, a handle to it is returned to the caller. On subsequent calls, the only check that is made is whether the operation now being tried was in the set of operations requested at open time, to prevent a caller from opening a file for reading and then trying to write on it. Any log entries required by the ACL are made. 3. Comparison of Security Protection Mechanism b/w UNIX and Windows (wikipedia, 2009) Windows Linux More than 800 pieces of Linux malware have Malware According to Kaspersky Lab, more than been discovered. Some malware has 11,000 malware programs for Windows propagated through the Internet. were discovered in the second half of 2005. Botnets - networks of infected computers controlled by malicious persons - with more than one million computers have been witnessed. Users are advised to install and run anti- malware programs. Open vs. Claims its platform is more secure because Claims its platform is more secure because Closed of a comprehensive approach to security all of its code is reviewed by so many people using the Security Development Lifecycle. that bugs are detected However, due to the nature of closed source, only company programmers can fix bugs. Response Claims closed source offers a faster and Bugs can be fixed and rolled out within a day speed more effective response to security issues, of being reported, though usually it takes a though critical bug fixes are only released few weeks before the patch is available on all once a month after extensive programming distributions. and testing and certain bugs have been known to go unpatched for months. User In Windows Vista, all logged in sessions Users typically run as limited accounts, Accounts (even for those of "administrator" users) run having created both administrator and user with standard user permissions, preventing accounts during install, preventing malicious malicious programs from gaining total programs from gaining total control of the control of the system. system. Prior versions of Windows would assign administrator status to the first user account created during the setup process. The majority of users did not change to an 48
  • 5. Journal of Information Engineering and Applications www.iiste.org ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol 2, No.2, 2012 account type with fewer rights, meaning that malicious programs would have full control over the system. 4. Conclusion Linux and Windows differ in many aspects. First of all, the Linux GUI is optional while the Windows GUI is an integral component of the OS; speed, efficiency and reliability are all increased by running a server instance of Linux without a GUI, something that server versions of Windows can not do. The detached nature of the Linux GUI makes remote control and remote administration of a Linux computer simpler and more natural than a Windows Computer. Secondly the command prompts of these operating systems are quite different. In general, the command interpreters in the Windows 9x series are very similar to each other and the NT class versions of Windows (NT, 2000, XP) also have similar command interpreters. There are, however differences between a Windows 9x command interpreter and one in an NT class flavor of Windows. Linux, like all versions of UNIX, supports multiple command interpreters, but it usually uses one called BASH (Bourne Again Shell). Others are the Korn shell, the Bourne shell, ash, and the C shell (pun, no doubt, intended). The costs are amazingly different. While you have to pay some hundred dollars for a new version of Windows, you can simply go and download Linux. As it comes from the nature of Linux, there are no manuals or simple installers for the free version, however. You really have to know what you are doing while using this free package. There are also some easy automated packages of Linux for low prices, as well. The security issues with Windows are the biggest cons of Microsoft. Most of the malicious files, spyware, adware programs deal with Windows. You generally do not deal with these kinds of unwanted circumstances unless you are working with Windows. The user-id and password protection for Windows can also be easily bypassed, whereas Linux offers a strong protection. After mentioning some of the different aspects of these operating systems, it can be said that all Linux needs to compete with Windows is some user friendly interface and a strong company support which can provide the users with technical information and user manuals References: Modern Operating System, 2nd Edition, Andrew S. Tanenbaum Difference b/w Unix and Windows [online] Available :http://www.wikipedia.com Security mechanism difference b/w windows and UNIX [online] Available: http://www.google.com.pk 49
  • 6. International Journals Call for Paper The IISTE, a U.S. publisher, is currently hosting the academic journals listed below. The peer review process of the following journals usually takes LESS THAN 14 business days and IISTE usually publishes a qualified article within 30 days. Authors should send their full paper to the following email address. More information can be found in the IISTE website : www.iiste.org Business, Economics, Finance and Management PAPER SUBMISSION EMAIL European Journal of Business and Management EJBM@iiste.org Research Journal of Finance and Accounting RJFA@iiste.org Journal of Economics and Sustainable Development JESD@iiste.org Information and Knowledge Management IKM@iiste.org Developing Country Studies DCS@iiste.org Industrial Engineering Letters IEL@iiste.org Physical Sciences, Mathematics and Chemistry PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Chemistry and Materials Research CMR@iiste.org Mathematical Theory and Modeling MTM@iiste.org Advances in Physics Theories and Applications APTA@iiste.org Chemical and Process Engineering Research CPER@iiste.org Engineering, Technology and Systems PAPER SUBMISSION EMAIL Computer Engineering and Intelligent Systems CEIS@iiste.org Innovative Systems Design and Engineering ISDE@iiste.org Journal of Energy Technologies and Policy JETP@iiste.org Information and Knowledge Management IKM@iiste.org Control Theory and Informatics CTI@iiste.org Journal of Information Engineering and Applications JIEA@iiste.org Industrial Engineering Letters IEL@iiste.org Network and Complex Systems NCS@iiste.org Environment, Civil, Materials Sciences PAPER SUBMISSION EMAIL Journal of Environment and Earth Science JEES@iiste.org Civil and Environmental Research CER@iiste.org Journal of Natural Sciences Research JNSR@iiste.org Civil and Environmental Research CER@iiste.org Life Science, Food and Medical Sciences PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Journal of Biology, Agriculture and Healthcare JBAH@iiste.org Food Science and Quality Management FSQM@iiste.org Chemistry and Materials Research CMR@iiste.org Education, and other Social Sciences PAPER SUBMISSION EMAIL Journal of Education and Practice JEP@iiste.org Journal of Law, Policy and Globalization JLPG@iiste.org Global knowledge sharing: New Media and Mass Communication NMMC@iiste.org EBSCO, Index Copernicus, Ulrich's Journal of Energy Technologies and Policy JETP@iiste.org Periodicals Directory, JournalTOCS, PKP Historical Research Letter HRL@iiste.org Open Archives Harvester, Bielefeld Academic Search Engine, Elektronische Public Policy and Administration Research PPAR@iiste.org Zeitschriftenbibliothek EZB, Open J-Gate, International Affairs and Global Strategy IAGS@iiste.org OCLC WorldCat, Universe Digtial Library , Research on Humanities and Social Sciences RHSS@iiste.org NewJour, Google Scholar. Developing Country Studies DCS@iiste.org IISTE is member of CrossRef. All journals Arts and Design Studies ADS@iiste.org have high IC Impact Factor Values (ICV).