A Comprehensive Analysis of the Protection of Operating System

We will call an operating system protected if it provides means of protection against the main threats to the confidentiality, integrity, and availability of information, updated considering the peculiarities of the operation of this instance of the operating system. In practical situations, a protected operating system usually contains means to control user access to various resources, to authenticate the user who starts using the operating system, and to register user actions that are potentially dangerous from a security point of view. In addition, the protected operating system must contain a means of preventing accidental or deliberate disabling of the operating system. We will refer to a security policy as a set of rules, regulations, and practices that govern how valuable information is stored and processed. As applied to the operating system, the security policy determines which users can work with the operating system, which users have access to which objects of the operating system, which events should be logged in the system logs, and so on. An adequate security policy will be called a security policy that provides a sufficient level of security for the operating system. It should be emphasized that an adequate security policy is not necessarily a security policy that achieves the highest possible system security. 1.2. Basic Approaches to Building Secure Operating Systems There are two main approaches to building secure operating systems - fragmented and complex. With a fragmented approach, first, protection is organized against one threat, then against another, etc. An example of a fragmented approach would be a situation when an unprotected operating system is taken as a basis, an antivirus package is installed on it, then an encryption system, a system for registering user actions, etc. The main disadvantage of the fragmented approach is obvious - when using this approach, the operating system protection subsystem is a set of disparate software products, as a rule, produced by different manufacturers. These software tools work independently of each other, it is almost impossible to organize their close interaction. In addition, individual elements of such a protection subsystem may not work correctly in the presence of each other, which leads to a sharp decrease in the overall reliability of the system. Since the protection subsystem, created based on a fragmented approach, is not an integral component of the operating system, if certain protective functions are disabled because of unauthorized actions of the offending user, the remaining elements of the operating system continue to function normally, With an integrated approach to the organization of protection, protective functions are introduced into the operating system at the stage of designing the operating system architecture and are an integral part of it. The individual elements of the protection subsystem, created based on an integrated approach, closely interact with each other in solving various problems related to the organization of information protection. Since the entire protection subsystem is developed and tested in aggregate, conflicts between its individual components are practically impossible. The protection subsystem, created based on an integrated approach, can be arranged in such a way that in case of fatal failures in the functioning of its key elements of the protection subsystem, it causes an emergency shutdown of the operating system, which does not allow an intruder to disable the protective functions of the system.