When talking about security, especially security of the operating system, certainly most of peoples would think that security is the protection system on your computer. But actually these two terms have different meanings. Security of the operating system includes all matters relating to key data is completely protected, whereas protection is an act of preventing the use of accesses that are not supposed to do. While security considering other aspects that could threaten the security of your computer.
By looking at differences in the understanding of the terms we can distinguish what is a protection and security systems. In fact, there is no computer system in the world who has a perfect security system and qualified. However, at least we have our own mechanism or a way to secure and prevent things that are not desirable especially relating to the security of operating system. The operating system is only a fraction of the entire system software residing on your computer. Below are things about the security of the operating system you should know:
SECURITY
Computer system security is to ensure that resources are not used or modified by users who do not have access. Security system is divided into three, namely:
1. External security
Relating to the security of computer facilities from intruders, natural disasters, etc..
2. User Interface Security
Relating to the identification of the user prior to accessing programs and data.
3. Internal Security
Relating to a variety of security controls built in your computer hardware and operating system to maintain the integrity of program and data.
SECURITY ISSUES
On security, there are two important issues, namely:
1. Data loss
Data loss can be caused, among others:
- Disasters: fires, floods, earthquakes, wars, riots, etc..
- Hardware fault: hardware malfunction.
- Humans Errors: data entry errors, incorrect program execution, data loss can be overcome by performing the first backup is now available online.
Intruder consists of:
- Passive intruder, namely the unauthorized reading of data.
- Active intruder, the data did not change in the authorization.
SECURITY THREATS
Security objectives is to avoid, prevent and overcome threats to the system. Computer system security requirements are categorized three aspects, namely:
- Confidentiality (secrecy, such as privacy), assuredness that the information in a computer system accessible only by authorized parties.
- Integrity, assuredness that the computer system resources can only be changed by the parties who authorized.
- Availability, assuredness that the computer system resources can only be modified by authorized parties when needed.
TECHNIQUES FOR SECURING YOUR COMPUTER
Password
Users choose a code word as a security wall, remember and enter it when you will access a computer system. This technique has the disadvantage that very much and easily penetrated. Users tend to choose passwords that are easy to remember. Someone who is familiar with the user able to log in with something he knows about the user. In a trial expressed password protection can be penetrated easily. Experiments carried out are:
- There is a file containing the name, last name, street name, place of birth, date of birth, etc..
- Fill in the file are matched with password file results showed more than 86% match with the user password used in the password file.
Efforts to better secure the protection / password, among others:
1. Salting
Add a short string to a given user's password string so as to achieve a certain length.
2. One-Time Password
- Users must change passwords regularly. This effort to limit the chances of a password is known or exercised other users.
- User gets a book containing a list of passwords. Each time a user logs in, the user using the password contained in the following list of passwords.
- User bothered with must ensure that his book password should not be stolen.
3. A Long List of Questions and Answers
Variations on a user password is required to give a long list of questions and answers. These questions and answers selected by users so that usersto be easy to remember and do not need write down on paper. At login, the computer choose one of the questions at random, asking the user and check the answers given. Some sample questions: What is your father's first name?, Who is the hero when you as a child?, Etc..
4. Challenge-response
Users are given the freedom to choose the algorithm. The algorithm can be different in the morning, afternoon and different day from different terminals.
5. Physical identification
Another approach is to check that users have:
- Magnetic ribbon card (Magnetic Card).
- Physical fingerprint (fingerprint, voice print, finger length analysis, visual introduction to the camera, etc.).
- Signature analysis (provided board and a special pen).
- An analysis obliges the user (eg urine).
6. Restrictions
Restrictions can be done so minimize the chances of penetration by unauthorized users.
For example:
- Restrictions login: Login is only allowed at a certain terminal, only at certain times and days.
- Restrictions on the call-back: Login can do by anyone. When you have a successful login, the system immediately disconnect and call the phone number that has been agreed.
- Restrictions on the number of login attempts: Login is limited to 3 times, and immediately locked down and notified to the administrator. All logins are recorded and operating systems reported about the time usage logging, where users login terminal.
Note:
In addition to using a password or key words, you should add it by using antivirus to protect your data from the dangers of malicious files that are circulating in cyberspace. The attack of these viruses can erase your data and will continue to evolve the data to your computer if you do not use qualified antivirus.
0 comments:
Post a Comment