Using Security Mechanisms to Enhance Security

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Using Security Mechanisms to Enhance Security:


To enhance security, mechanisms should be established and implemented to control processes and applications. These mechanisms could include process isolation, protection rings, and trusted computer base (TCB).

Process Isolation: Process isolation, executed by the operating system, maintains a high level of system trust by enforcing memory boundaries. Without process isolation, processes would overlap on each other’s memory space, compromising data or possibly making the system unstable.

The operating system must also block unauthorized users from entering areas of the system to which they should not have access. These restrictions are done through the use of a virtual machine, which gives the user the impression they have full-access to the system, but in reality, processes are completely isolated. Further, some operating systems also use hardware isolation to increase system security. With hardware isolation, the processes are segmented both logically and physically. 

Single-State and Multistate Systems: Single-state and multistate systems were developed to meet the requirements of handling sensitive government information with categories such as sensitive, secret, and top secret.

These systems have influence on whether the sensitive information that is processed and retained on a system is managed by the system itself, or by an administrator.

Single-state systems: also known as dedicated systems, are programmed to process a single category of information and are dedicated to one mode of operation. The system administrator is responsible for maintaining policy and procedures, while delegating which users have access and what level of access to the system.

Multistate systems: allow multiple users to log in to the system and access various types of data correlated to the users’ levels of clearance. Multistate systems can run as a compartmentalized system and assign data on a need-to-know basis.

Rings of Protection:

 

View Topics

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel