Introduction to security

What is security?

A computer operating system stores and processes information in the form of electronic data. In doing so, a computer operating system (also known as an operating system, a computer system, or simply a system) provides an interface between you, the user of the computer, and the computer. An operating system provides you with commands, library routines, functions, and programs that allow you to tell the computer how to store and process the information that belongs to you.

The need for computer security comes mainly from the multiuser nature of computer systems. If every computer user had a locked office containing a private computer, then there would be no need for a secure operating system. But most computer systems have many users who share resources. The security mechanisms in UnixWare provide for the controlled sharing of computer resources, and therefore provide security. Even single-user systems require security if they are eventually used to export information.

Security, for a computing system, means that the information on the system is protected from unauthorized disclosure. For the purposes of this discussion, security also encompasses the concept of integrity, that is, the assurance that information is protected from unauthorized modification or corruption.

There are many ways in which the security of a computer system can be violated. Unauthorized access to read or write files can be the result of

To perform its storage and processing functions correctly, a computer system must keep data separate from other data and must also restrict access to data. Computer systems typically have mechanisms that identify users to the system, keep data separate, and limit access to data. By making access decisions, these mechanisms enforce rules about who can access what, supplying basic security.

Most computer systems make access decisions based on a unique identity assigned to each user on the system, typically known as a login. While you are logged in, all data you enter, create, and process belongs to you. Data is stored in named files on the computer system. Each file you own is kept separate from the rest of your files and from the files belonging to other users.

To help administrators protect information from unauthorized access, UnixWare offers a variety of security mechanisms.

UnixWare supplies basic security through the use of the login and passwd mechanisms, which identify you to the system and put you in control of your data, and through the use of access permission bits, and, optionally, Access Control Lists (ACLs), which allow you to determine what other users can access your files. This is security by access control.

Next topic: Elements of the security policy
Previous topic: Who should read this?

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004