Unit-5

Chapter-1

System Protection

Goals of Protection

Today the computer systems have become more sophisticated and universal in
their applications; the need to protect their integrity has also grown. Protection was
originally considered as an adjunct to multiprogramming operating systems, so that
unreliable users might safely share a common logical name space, such as a directory
of files, or share a common physical name space, such as memory. Modern protection
concepts have evolved to increase the reliability of any complex system that makes
use of shared resources. We need to provide protection for several reasons. The most
obvious is the need to prevent the mischievous, intentional violation of an access
restriction by a user. Safe sharing of a common logical address space(directory of
files) or common physical address space(memory). If anyone want to share a file or
directory, it should be shared safely. Fair and reliable resource usage Program in the
system resource can use the reliable resource only accordance to the policies which
are stated that particular process
E.g. Process P1--→ granted to use only Printer. P1→ is not granted to access
using printer, using scanner, and etc. that will be unfair

Principles & Domain of Protection

Principles of Protection

 The principle of least privilege dictates that programs, users, and systems

be given just enough privileges to perform their tasks.
 This ensures that failures do the least amount of harm and allow the least of
harm to be done.
 For example, if a program needs special privileges to perform a task, it is better
to make it a SGID program with group ownership of "network" or "backup" or
some other pseudo group, rather than SUID with root ownership. This limits the
amount of damage that can occur if something goes wrong.
 Typically each user is given their own account, and has only enough privilege to
modify their own files.
 The root account should not be used for normal day to day activities - The
System Administrator should also have an ordinary account, and reserve use of
the root account for only those tasks which need the root privileges

Domain of Protection

 A computer can be viewed as a collection of processes and objects (both HW &

SW).
 The need to know principle states that a process should only have access to
those objects it needs to accomplish its task, and furthermore only in the

1
 modes for which it needs access and only during the time frame when it needs
access.
 The modes available for a particular object may depend upon its type .

Domain Structure

 A protection domain specifies the resources that a process may access.

 Each domain defines a set of objects and the types of operations that may be
invoked on each object.
 An access right is the ability to execute an operation on an object.
 A domain is defined as a set of < object, { access right set } > pairs, as shown
below. Note that some domains may be disjoint while others overlap.

Figure - System with three protection domains.

 The association between a process and a domain may be static or dynamic.

o If the association is static, then the need-to-know principle requires a way
of changing the contents of the domain dynamically.
o If the association is dynamic, then there needs to be a mechanism
for domain switching.
 Domains may be realized in different fashions - as users, or as processes, or as
procedures. E.g. if each user corresponds to a domain, then that domain
defines the access of that user, and changing domains involves changing user
ID.

An Example: UNIX

 UNIX associates domains with users.

 Certain programs operate with the SUID bit set, which effectively changes the
user ID, and therefore the access domain, while the program is running. ( and
similarly for the SGID bit. ) Unfortunately this has some potential for abuse.
 An alternative used on some systems is to place privileged programs in special
directories, so that they attain the identity of the directory owner when they
run. This prevents crackers from placing SUID programs in random directories
around the system.
 Yet another alternative is to not allow the changing of ID at all. Instead, special
privileged daemons are launched at boot time, and user processes send
messages to these daemons when they need special tasks performed.

2
An Example: MULTICS

 The MULTICS system uses a complex system of rings, each corresponding to a

different protection domain, as shown below:

Figure - MULTICS ring structure.

 Rings are numbered from 0 to 7, with outer rings having a subset of the
privileges of the inner rings.
 Each file is a memory segment, and each segment description includes an entry
that indicates the ring number associated with that segment, as well as read,
write, and execute privileges.
 Each process runs in a ring, according to the current-ring-number, a counter
associated with each process.
 A process operating in one ring can only access segments associated with
higher ( farther out ) rings, and then only according to the access bits.
Processes cannot access segments associated with lower rings.
 Domain switching is achieved by a process in one ring calling upon a process
operating in a lower ring, which is controlled by several factors stored with each
segment descriptor:
o An access bracket, defined by integers b1 <= b2.
o A limit b3 > b2
o A list of gates, identifying the entry points at which the segments may
be called.
 If a process operating in ring i calls a segment whose bracket is such that b1
<= i <= b2, then the call succeeds and the process remains in ring i.
 Otherwise a trap to the OS occurs, and is handled as follows:
o If i < b1, then the call is allowed, because we are transferring to a
procedure with fewer privileges. However if any of the parameters being
passed are of segments below b1, then they must be copied to an area
accessible by the called procedure.
3
 oIf i > b2, then the call is allowed only if i <= b3 and the call is directed to
one of the entries on the list of gates.
 Overall this approach is more complex and less efficient than other protection
schemes.

Access Matrix

The Access Matrix is a security model for a computer system's protection state.
It is described as a matrix. An access matrix is used to specify the permissions of
each process running in the domain for each object. The rows of the matrix represent
domains, whereas the columns represent objects. Every matrix cell reflects a set of
access rights granted to domain processes, i.e., each entry (i, j) describes the set of
operations that a domain Di process may invoke on object Oj.

There are various methods of implementing the access matrix in the operating
system. These methods are as follows:

1. Global Table

2. Access Lists for Objects

3. Capability Lists for Domains

4. Lock-Key Mechanism

Global Table

It is the most basic access matrix implementation. A set of ordered

triples <domain, object, rights-set> is maintained in a file. When an
operation M has been performed on an object Oj within domain Di, the table is
searched for a triple <Di, Oj, Rk>. The operation can proceed if this triple is located;
otherwise, an exception (or error) condition has arrived. This implementation has
various drawbacks. The table is generally large and cannot be stored in the main
memory, so additional input and output are required.

Access Lists for Objects

Every access matrix column may be used as a single object's access list. It is
possible to delete the blank entries. For each object, the resulting list contains
ordered pairs <domain, rights-set> that define all domains for that object and a
nonempty set of access rights.

We may start by checking the default set and then find the access list. If the
item is found, we enable the action; if it isn't, we verify the default set. If M is in the
default set, we grant access. Access is denied if this is not the case, and an
extraordinary scenario arises.

4
Capability Lists for Domains

A domain's capability list is a collection of objects and the actions that can be
done on them. A capacity is a name or address that is used to define an object. If you
want to perform operation M on object Oj, the process runs operation M, specifying
the capability for object Oj. The simple possession of the capability implies that
access is allowed.

In most cases, capabilities are separated from other data in one of two ways.
Every object has a tag to indicate its type as capability data. Alternatively, a
program's address space can be divided into two portions. The programs may access
one portion, including the program's normal instructions and data. The other portion
is a capability list that is only accessed by the operating system.

Lock-Key Mechanism

It is a compromise between the access lists and the capability lists. Each object
has a list of locks, which are special bit patterns. On the other hand, each domain has
a set of keys that are special bit patterns. A domain-based process could only access
an object if a domain has a key that satisfies one of the locks on the object. The
process is not allowed to modify its keys.

Now, let's take an example to understand the implementation of an access

matrix in the operating system.

Example:

In this example, there are 4 domains and objects in the above matrix, and also
consider 3 files (including F1, F2, and F3) and one printer. Files F1 and F3 can be read
by a process running in D1. A process running in domain D4 has the same rights
as D1, but it may also write on files. Only one process running in domain D2 has
access to the printer. The access matrix mechanism is made up of various policies

5
and semantic features. Specifically, we should ensure that a process running in
domain Di may only access the objects listed in row i.

The protection policies in the access matrix determine which rights must be
included in the (i j)th entry. We should also choose the domain in which each process
runs. The OS usually decides this policy. The Users determine the data of the access-
matrix entries.

The relationship between the domain and the processes might be static or
dynamic. The access matrix provides a way for defining the control for this domain-
process association. We perform a switch action on an object when we switch a
process from one domain to another. We may regulate domain switching by
containing domains between the access matrix objects. If they have access to switch
rights, processes must be enabled to switch from one domain (Di) to another
domain (Dj).

According to the matrix, a process running in domain D2 can transition to

domains D3 and D4. A process in domain D4 may change to domain D1, and a
process in domain D1 may change to domain D2.

Access control

Access control is an essential element of security that determines who is

allowed to access certain data, apps, and resources—and in what circumstances. In
the same way that keys and pre-approved guest lists protect physical spaces, access
control policies protect digital spaces. In other words, they let the right people in and
keep the wrong people out. Access control policies rely heavily on techniques like
authentication and authorization, which allow organizations to explicitly verify both
that users are who they say they are and that these users are granted the
appropriate level of access based on context such as device, location, role, and much
more.

Access control keeps confidential information—such as customer data and

intellectual property—from being stolen by bad actors or other unauthorized users. It

6
also reduces the risk of data exfiltration by employees and keeps web-based threats
at bay. Rather than manage permissions manually, most security-driven
organizations lean on identity and access management solutions to implement access
control policies.
There are four main types of access control – each of which administrates
access to sensitive information in a unique way.
 Discretionary Access Control (DAC)
In DAC models, every object in a protected system has an owner,
and owners grant access to users at their discretion. DAC provides case-
by-case control over resources
 Mandatory Access Control (MAC)
In MAC models, users are granted access in the form of a clearance.
A central authority regulates access rights and organizes them into tiers,
which uniformly expand in scope. This model is very common in
government and military contexts
 Role Based Access Control (RBAC)
In RBAC models, access rights are granted based on defined
business functions, rather than individuals’ identity or seniority. The goal
is to provide users only with the data they need to perform their jobs—
and no more
 Attribute Based Access Control (ABAC)
In ABAC models, access is granted flexibly based on a combination
of attributes and environmental conditions, such as time and location.
ABAC is the most granular access control model and helps reduce the
number of role assignments

Access Control involves identifying a user based on their credentials and

then authorizing the appropriate level of access once they are authenticated.
Passwords, pins, security tokens—and even biometric scans—are all
credentials commonly used to identify and authenticate a user. Multifactor
authentication (MFA) adds another layer of security by requiring that users be
verified by more than just one verification method.
Once a user’s identity has been authenticated, access control policies grant
specific permissions and enable the user to proceed as they intended.
The goal of access control is to keep sensitive information from falling into
the hands of bad actors. Attacks on confidential data can have serious
consequences—including leaks of intellectual property, exposure of customers’ and
employees’ personal information, and even loss of corporate funds.
Access control is a vital component of security strategy. It’s also one of the
best tools for organizations who want to minimize the security risk of unauthorized
access to their data—particularly data stored in the cloud.
As the list of devices susceptible to unauthorized access grows, so does the
risk to organizations without sophisticated access control policies. Identity and
access management solutions can simplify the administration of these policies—
but recognizing the need to govern how and when data is accessed is the first
step.

7
Implementation of Access Control
 Connect on goals
Align with decision makers on why it’s important to implement an access
control solution. There are many reasons to do this—not the least of which is
reducing risk to your organization. Other reasons to implement an access
control solution might include:
• Productivity: Grant authorized access to the apps and data employees
need to accomplish their goals—right when they need them.
• Security: Protect sensitive data and resources and reduce user access
friction with responsive policies that escalate in real-time when threats arise.
• Self-service: Delegate identity management, password resets, security
monitoring, and access requests to save time and energy.
 Select a solution
Choose an identity and access management solution that allows you to both
safeguard your data and ensure a great end-user experience. The ideal
should provide top-tier service to both your users and your IT department—
from ensuring seamless remote access for employees to saving time for
administrators.
 Set strong policies
Once you’ve launched your chosen solution, decide who should access your
resources, what resources they should access, and under what conditions.
Access control policies can be designed to grant access, limit access with
session controls, or even block access—it all depends on the needs of your
business.

Some questions might arise along the way might include:

• Which users, groups, roles, or workload identities will be included or
excluded from the policy?
• What applications does this policy apply to?
• What user actions will be subject to this policy?
 Follow best practices
Set up emergency access accounts to avoid being locked out if you
misconfigure a policy, apply conditional access policies to every app, test
policies before enforcing them in your environment, set naming standards
for all policies, and plan for disruption. Once the right policies are put in
place, you can rest a little easier.

Revocation of Access Rights

 The need to revoke access rights dynamically raises several questions:

o Immediate versus delayed - If delayed, can we determine when the
revocation will take place?
o Selective versus general - Does revocation of an access right to an
object affect all users who have that right, or only some users?
o Partial versus total - Can a subset of rights for an object be revoked, or
are all rights revoked at once?
8
 o Temporary versus permanent - If rights are revoked, is there a
mechanism for processes to re-acquire some or all of the revoked rights?
 With an access list scheme revocation is easy, immediate, and can be selective,
general, partial, total, temporary, or permanent, as desired.
 With capabilities lists the problem is more complicated, because access rights
are distributed throughout the system. A few schemes that have been
developed include:
o Reacquisition - Capabilities are periodically revoked from each domain,
which must then re-acquire them.
o Back-pointers - A list of pointers is maintained from each object to each
capability which is held for that object.
o Indirection - Capabilities point to an entry in a global table rather than
to the object. Access rights can be revoked by changing or invalidating
the table entry, which may affect multiple processes, which must then re-
acquire access rights to continue.
o Keys - A unique bit pattern is associated with each capability when
created, which can be neither inspected nor modified by the process.
 A master key is associated with each object.
 When a capability is created, its key is set to the object's master
key.
 As long as the capability's key matches the object's key, then the
capabilities remain valid.
 The object master key can be changed with the set-key command,
thereby invalidating all current capabilities.
 More flexibility can be added to this scheme by implementing
a list of keys for each object, possibly in a global table.

9
 Chapter-2

System Security
System security

System security may be threatened through two violations, and these are as
follows:

1. Threat
A program that has the potential to harm the system seriously.

2. Attack
A breach of security that allows unauthorized access to a resource.

There are two types of security breaches that can harm the system: malicious
and accidental. Malicious threats are a type of destructive computer code or web
script that is designed to cause system vulnerabilities that lead to back doors and
security breaches. On the other hand, Accidental Threats are comparatively easier to
protect against.

Security may be compromised through the breaches. Some of the breaches are
as follows:

1. Breach of integrity
This violation has unauthorized data modification.

2. Theft of service
It involves the unauthorized use of resources.

3. Breach of confidentiality
It involves the unauthorized reading of data.

4. Breach of availability
It involves the unauthorized destruction of data.

5. Denial of service
It includes preventing legitimate use of the system. Some attacks may be
accidental.

Goals of Security System

There are several goals of system security. Some of them are as follows:

10
 1. Integrity
Unauthorized users must not be allowed to access the system's
objects, and users with insufficient rights should not modify the system's
critical files and resources.

2. Secrecy
The system's objects must only be available to a small number of
authorized users. The system files should not be accessible to everyone.

3. Availability
All system resources must be accessible to all authorized users, i.e.,
no single user/process should be able to consume all system resources. If
such a situation arises, service denial may occur. In this case, malware
may restrict system resources and preventing legitimate processes from
accessing them.

Program threats

The operating system's processes and kernel carry out the specified task as
directed. Program Threats occur when a user program causes these processes to do
malicious operations. The common example of a program threat is that when a
program is installed on a computer, it could store and transfer user credentials to a
hacker. There are various program threats. Some of them are as follows:

1.Virus
A virus may replicate itself on the system. Viruses are extremely
dangerous and can modify/delete user files as well as crash computers. A virus
is a little piece of code that is implemented on the system program. As the user
interacts with the program, the virus becomes embedded in other files and
programs, potentially rendering the system inoperable.

2. Trojan Horse
This type of application captures user login credentials. It stores them to
transfer them to a malicious user who can then log in to the computer and
access system resources.

3. Logic Bomb
A logic bomb is a situation in which software only misbehaves when
particular criteria are met; otherwise, it functions normally.

4. Trap Door
A trap door is when a program that is supposed to work as expected has
a security weakness in its code that allows it to do illegal actions without the
user's knowledge.

System Threats

System threats are described as the misuse of system services and network
connections to cause user problems. These threats may be used to trigger the
11
program threats over an entire network, known as program attacks. System threats
make an environment in which OS resources and user files may be misused. There
are various system threats. Some of them are as follows:

1. Port Scanning
It is a method by which the cracker determines the system's
vulnerabilities for an attack. It is a fully automated process that includes
connecting to a specific port via TCP/IP. To protect the attacker's identity, port
scanning attacks are launched through Zombie Systems, which previously
independent systems now serve their owners while being utilized for such
terrible purposes.

2. Worm
The worm is a process that can choke a system's performance by
exhausting all system resources. A Worm process makes several clones, each
consuming system resources and preventing all other processes from getting
essential resources. Worm processes can even bring a network to a halt.

3. Denial of Service
Denial of service attacks usually prevents users from legitimately using
the system. For example, if a denial-of-service attack is executed against the
browser's content settings, a user may be unable to access the internet.

Network Threats

1. Unauthorized access

Unauthorized access refers to attackers accessing a network without receiving

permission. Among the causes of unauthorized access attacks are weak
passwords, lacking protection against social engineering, previously
compromised accounts, and insider threats.

2. Distributed Denial of Service (DDoS) attacks

Attackers build botnets, large fleets of compromised devices, and use them to
direct false traffic at your network or servers. DDoS can occur at the network
level, for example by sending huge volumes of SYN/ACC packets which can
overwhelm a server, or at the application level, for example by performing
complex SQL queries that bring a database to its knees.

3. Man in the middle attacks

A man in the middle attack involves attackers intercepting traffic, either
between your network and external sites or within your network. If
communication protocols are not secured or attackers find a way to circumvent
that security, they can steal data that is being transmitted, obtain user
credentials and hijack their sessions.

4. Code and SQL injection attacks

12
 Many websites accept user inputs and fail to validate and sanitize those inputs.
Attackers can then fill out a form or make an API call, passing malicious code
instead of the expected data values. The code is executed on the server and
allows attackers to compromise it.

5. Privilege escalation
Once attackers penetrate your network, they can use privilege escalation to
expand their reach. Horizontal privilege escalation involves attackers gaining
access to additional, adjacent systems, and vertical escalation means attackers
gain a higher level of privileges for the same systems.

6. Insider threats
A network is especially vulnerable to malicious insiders, who already have
privileged access to organizational systems. Insider threats can be difficult to
detect and protect against, because insiders do not need to penetrate the
network in order to do harm. New technologies like User and Even Behavioral
Analytics (UEBA) can help identify suspicious or anomalous behavior by internal
users, which can help identify insider attacks.

Cryptography for Security

Cryptography is the study of securing communications from outside
observers. Encryption algorithms take the original message, or plaintext, and convert
it into cipher text, which is not understandable. The key allows the user
to decrypt the message, thus ensuring on they can read the message. The strength of
the randomness of an encryption is also studied, which makes it harder for anyone to
guess the key or input of the algorithm. Cryptography is how we can achieve more
secure and robust connections to elevate our privacy. Advancements in cryptography
makes it harder to break encryptions so that encrypted files, folders, or network
connections are only accessible to authorized users.

Cryptography focuses on four different objectives:

1. Confidentiality: Confidentiality ensures that only the intended recipient can

decrypt the message and read its contents.

2. Non-repudiation: Non-repudiation means the sender of the message cannot

backtrack in the future and deny their reasons for sending or creating the message.

3. Integrity: Integrity focuses on the ability to be certain that the information

contained within the message cannot be modified while in storage or transit.

4. Authenticity: Authenticity ensures the sender and recipient can verify each
other’s identities and the destination of the message.

These objectives help ensure a secure and authentic transfer of information.

History of Cryptography
Cryptography began with ciphers, the first of which was the Caesar Cipher.
Ciphers were a lot easier to unravel compared to modern cryptographic algorithms,

13
but they both used keys and plaintext. Though simple, ciphers from the past were the
earliest forms of encryption. Today’s algorithms and cryptosystems are much more
advanced. They use multiple rounds of ciphers and encrypting the ciphertext of
messages to ensure the most secure transit and storage of data. There are also
methods of cryptography used now that are irreversible, maintaining the security of
the message forever.

The reason for more advanced cryptography methods is due to the need for
data to be protected more and more securely. Most of the ciphers and algorithms
used in the early days of cryptography have been deciphered, making them useless
for data protection. Today’s algorithms can be deciphered, but it would require years
and sometimes decades to decipher the meaning of just one message. Thus, the race
to create newer and more advanced cryptography techniques continues.

The intention of cryptography is to keep data and messages secure and

inaccessible to potential threats or bad actors. It is often working behind the scenes
to encrypt and decrypt data you are sending through social media, applications,
interactions on websites, and email. Symmetric cryptography can be used for these
purposes:

 Card transactions and payment applications

 Random number generation
 Signature verification to ensure the sender is who they claim to be

Asymmetric cryptography can be used for the following purposes:

 Email messages
 SIM card authentication
 Web security
 Exchange of private keys

Types of Cryptography
Cryptography can be broken down into three different types:

 Secret Key Cryptography

 Public Key Cryptography
 Hash Functions

Secret Key Cryptography, or symmetric cryptography, uses a single key to

encrypt data. Both encryption and decryption in symmetric cryptography use the
same key, making this the easiest form of cryptography. The cryptographic algorithm
utilizes the key in a cipher to encrypt the data, and when the data must be accessed
again, a person entrusted with the secret key can decrypt the data. Secret Key
Cryptography can be used on both in-transit and at-rest data, but is commonly only
used on at-rest data, as sending the secret to the recipient of the message can lead
to compromise.
Examples:

14
  AES
 DES
 Caesar Cipher

Public Key Cryptography, or asymmetric cryptography, uses two keys to

encrypt data. One is used for encryption, while the other key can decrypts the
message. Unlike symmetric cryptography, if one key is used to encrypt, that same
key cannot decrypt the message, rather the other key shall be used.

One key is kept private, and is called the “private key”, while the other is
shared publicly and can be used by anyone, hence it is known as the “public key”. The
mathematical relation of the keys is such that the private key cannot be derived from
the public key, but the public key can be derived from the private. The private key

15
should not be distributed and should remain with the owner only. The public key can
be given to any other entity.

Examples:

 ECC
 Diffie-Hellman
 DSS

Hash functions are irreversible, one-way functions which protect the data, at
the cost of not being able to recover the original message. Hashing is a way to
transform a given string into a fixed length string. A good hashing algorithm will
produce unique outputs for each input given. The only way to crack a hash is by
trying every input possible, until you get the exact same hash. A hash can be used for
hashing data (such as passwords) and in certificates.

Some of the most famous hashing algorithms are:

 MD5
 SHA-1
 SHA-2 family which includes SHA-224, SHA-256, SHA-384, and SHA-
512
 SHA-3
 Whirlpool
 Blake 2
 Blake 3

User Authentication

There is a growing demand for different types of user authentication

technologies for both online and in physical systems. The motivation to authenticate
users ranges from access control reasons to business development purposes like
adding e-commerce elements.

Organizations need to understand that passwords are not the only way to
authenticate users. There is a wide variety of authentication technologies and an even
greater range of activities that require authentication methods.

Authentication is the process of identifying users that request access to a

system, network, or device. Access control often determines user identity according
to credentials like username and password. Other authentication technologies like
biometrics and authentication apps are also used to authenticate user identity.

User authentication is a method that keeps unauthorized users from accessing

sensitive information. For example, User A only has access to relevant information
and cannot see the sensitive information of User B. 

Cybercriminals can gain access to a system and steal information when user
authentication is not secure. The data breaches companies like Adobe, Equifax, and

16
Yahoo faced are examples of what happens when organizations fail to secure their
user authentication. 

Hackers gained access to Yahoo user accounts to steal contacts, calendars and
private emails between 2012 and 2016. The Equifax data breach in 2017 exposed
credit card data of more than 147 million consumers. Without a secure authentication
process, any organization could be at risk.

Five Common Authentication Types

Cybercriminals always improve their attacks. As a result, security teams are

facing plenty of authentication-related challenges. This is why companies are starting
to implement more sophisticated incident response strategies, including
authentication as part of the process. The list below reviews some common
authentication methods used to secure modern systems.

1. Password-based authentication

Passwords are the most common methods of authentication. Passwords

can be in the form of a string of letters, numbers, or special characters. To
protect yourself you need to create strong passwords that include a
combination of all possible options. 

However, passwords are prone to phishing attacks and bad hygiene that

weakens effectiveness. An average person has about 25 different online
accounts, but only 54% of users use different passwords across their accounts. 

The truth is that there are a lot of passwords to remember. As a result,

many people choose convenience over security. Most people use simple
passwords instead of creating reliable passwords because they are easier to
remember. 

The bottom line is that passwords have a lot of weaknesses and are not
sufficient in protecting online information. Hackers can easily guess user
credentials by running through all possible combinations until they find a match.

2. Multi-factor authentication

17
 Multi-Factor Authentication (MFA) is an authentication method that
requires two or more independent ways to identify a user. Examples include
codes generated from the user’s smartphone, Captcha tests, fingerprints, voice
biometrics or facial recognition. 

MFA authentication methods and technologies increase the confidence of

users by adding multiple layers of security. MFA may be a good defense
against most account hacks, but it has its own pitfalls. People may lose their
phones or SIM cards and not be able to generate an authentication code.

3. Certificate-based authentication

Certificate-based authentication technologies identify users, machines or

devices by using digital certificates. A digital certificate is an electronic
document based on the idea of a driver’s license or a passport. 

The certificate contains the digital identity of a user including a public key,
and the digital signature of a certification authority. Digital certificates prove the
ownership of a public key and issued only by a certification authority. 

Users provide their digital certificates when they sign in to a server. The
server verifies the credibility of the digital signature and the certificate
authority. The server then uses cryptography to confirm that the user has a
correct private key associated with the certificate.

4. Biometric authentication

Biometrics authentication is a security process that relies on the unique

biological characteristics of an individual. Here are key advantages of using
biometric authentication technologies:

 Biological characteristics can be easily compared to authorized features

saved in a database. 
 Biometric authentication can control physical access when installed on
gates and doors. 
 You can add biometrics into your multi-factor authentication process.
18
 Biometric authentication technologies are used by consumers, governments and
private corporations including airports, military bases, and national borders. The
technology is increasingly adopted due to the ability to achieve a high level of security
without creating friction for the user. Common biometric authentication methods
include:

 Facial recognition—matches the different face characteristics of an individual

trying to gain access to an approved face stored in a database. Face recognition
can be inconsistent when comparing faces at different angles or comparing people
who look similar, like close relatives. Facial liveness like ID R&D’s passive facial
liveness prevents spoofing.

 Fingerprint scanners—match the unique patterns on an individual’s fingerprints.

Some new versions of fingerprint scanners can even assess the vascular patterns
in people’s fingers. Fingerprint scanners are currently the most popular biometric
technology for everyday consumers, despite their frequent inaccuracies. This
popularity can be attributed to iPhones.
 Speaker Recognition —also known as voice biometrics, examines a speaker’s
speech patterns for the formation of specific shapes and sound qualities. A voice-
protected device usually relies on standardized words to identify users, just like a
password.
 Eye scanners—include technologies like iris recognition and retina scanners. Iris
scanners project a bright light towards the eye and search for unique patterns in
the colored ring around the pupil of the eye. The patterns are then compared to
approved information stored in a database. Eye-based authentication may suffer
inaccuracies if a person wears glasses or contact lenses.

5. Token-based authentication

Token-based authentication technologies enable users to enter their

credentials once and receive a unique encrypted string of random characters in
exchange. You can then use the token to access protected systems instead of
entering your credentials all over again. The digital token proves that you
already have access permission. Use cases of token-based authentication
include RESTful APIs that are used by multiple frameworks and clients.

Authentication technology is always changing. Businesses have to move beyond

passwords and think of authentication as a means of enhancing user experience.
Authentication methods like biometrics eliminate the need to remember long and
complex passwords. As a result of enhanced authentication methods and
technologies, attackers will not be able to exploit passwords, and a data breach will
be prevented

Firewalling to protect Systems & Networks

It is a big challenge to protect our sensitive data from unwanted and

unauthorized sources. There are various tools and devices that can provide different

19
security levels and help keep our private data secure. One such tool is a 'firewall' that
prevents unauthorized access and keeps our computers and data safe and secure.

A firewall can be defined as a special type of network security device or a

software program that monitors and filters incoming and outgoing network traffic
based on a defined set of security rules. It acts as a barrier between internal private
networks and external sources (such as the public Internet).

The primary purpose of a firewall is to allow non-threatening traffic and prevent

malicious or unwanted data traffic for protecting the computer from viruses and
attacks. A firewall is a cyber security tool that filters network traffic and helps users
block malicious software from accessing the Internet in infected computers.

This is one of the most problematic questions whether a firewall is a hardware

or software. As stated above, a firewall can be a network security device or a
software program on a computer. This means that the firewall comes at both levels,
i.e., hardware and software, though it's best to have both.

Each format (a firewall implemented as hardware or software) has different

functionality but the same purpose. A hardware firewall is a physical device that
attaches between a computer network and a gateway. For example, a broadband
router. On the other hand, a software firewall is a simple program installed on a
computer that works through port numbers and other installed software.

Apart from that, there are cloud-based firewalls. They are commonly referred to
as FaaS (firewall as a service). A primary advantage of using cloud-based firewalls is
that they can be managed centrally. Like hardware firewalls, cloud-based firewalls are
best known for providing perimeter security.

Firewalls are primarily used to prevent malware and network-based attacks.

Additionally, they can help in blocking application-layer attacks. These firewalls act as
a gatekeeper or a barrier. They monitor every attempt between our computer and
another network. They do not allow data packets to be transferred through them
unless the data is coming or going from a user-specified trusted source.

20
 Firewalls are designed in such a way that they can react quickly to detect and
counter-attacks throughout the network. They can work with rules configured to
protect the network and perform quick assessments to find any suspicious activity. In
short, we can point to the firewall as a traffic controller.

Some of the important risks of not having a firewall are:

1. Open Access

If a computer is running without a firewall, it is giving open access to

other networks. This means that it is accepting every kind of connection that
comes through someone. In this case, it is not possible to detect threats or
attacks coming through our network. Without a firewall, we make our
devices vulnerable to malicious users and other unwanted sources.

2. Lost or Comprised Data

Without a firewall, we are leaving our devices accessible to everyone.

This means that anyone can access our device and have complete control
over it, including the network. In this case, cybercriminals can easily delete
our data or use our personal information for their benefit.

3. Network Crashes

In the absence of a firewall, anyone could access our network and shut
it down. It may lead us to invest our valuable time and money to get our
network working again.

Therefore, it is essential to use firewalls and keep our network, computer, and
data safe and secure from unwanted sources.

Firewalls have been the first and most reliable component of defense in network
security for over 30 years. Firewalls first came into existence in the late 1980s. They
were initially designed as packet filters. These packet filters were nothing but a setup
of networks between computers. The primary function of these packet filtering
firewalls was to check for packets or bytes transferred between different computers.

Firewalls have become more advanced due to continuous development,

although such packet filtering firewalls are still in use in legacy systems.

As the technology emerged, Gil Shwed from Check Point

Technologies introduced the first stateful inspection firewall in 1993. It was named as
FireWall-1. Back in 2000, Netscreen came up with its purpose-built
firewall 'Appliance'. It gained popularity and fast adoption within enterprises because
of increased internet speed, less latency, and high throughput at a lower cost.

The turn of the century saw a new approach to firewall implementation during
the mid-2010. The 'Next-Generation Firewalls' were introduced by the Palo Alto
Networks. These firewalls came up with a variety of built-in functions and capabilities,
such as Hybrid Cloud Support, Network Threat Prevention, Application and Identity-

21
Based Control, and Scalable Performance, etc. Firewalls are still getting new features
as part of continuous development. They are considered the first line of defense when
it comes to network security.

A firewall system analyzes network traffic based on pre-defined rules. It then

filters the traffic and prevents any such traffic coming from unreliable or suspicious
sources. It only allows incoming traffic that is configured to accept.

Typically, firewalls intercept network traffic at a computer's entry point, known

as a port. Firewalls perform this task by allowing or blocking specific data packets
(units of communication transferred over a digital network) based on pre-defined
security rules. Incoming traffic is allowed only through trusted IP addresses, or
sources.

As stated above, the firewall works as a gatekeeper. It analyzes every attempt

coming to gain access to our operating system and prevents traffic from unwanted or
non-recognized sources.

Since the firewall acts as a barrier or filter between the computer system and
other networks (i.e., the public Internet), we can consider it as a traffic controller.
Therefore, a firewall's primary function is to secure our network and information by
controlling network traffic, preventing unwanted incoming network traffic, and
validating access by assessing network traffic for malicious things such as hackers
and malware.

Generally, most operating systems (for example - Windows OS) and security
software come with built-in firewall support. Therefore, it is a good idea to ensure
that those options are turned on. Additionally, we can configure the security settings
of the system to be automatically updated whenever available.

Firewalls have become so powerful, and include a variety of functions and

capabilities with built-in features:
22
 o Network Threat Prevention

o Application and Identity-Based Control

o Hybrid Cloud Support

o Scalable Performance

o Network Traffic Management and Control

o Access Validation

o Record and Report on Events

Limitations of Firewall

When it comes to network security, firewalls are considered the first line of
defense. But the question is whether these firewalls are strong enough to make our
devices safe from cyber-attacks. The answer may be "no". The best practice is to use
a firewall system when using the Internet. However, it is important to use other
defense systems to help protect the network and data stored on the computer.
Because cyber threats are continually evolving, a firewall should not be the only
consideration for protecting the home network.

The importance of using firewalls as a security system is obvious; however,

firewalls have some limitations:

o Firewalls cannot stop users from accessing malicious websites, making it

vulnerable to internal threats or attacks.
o Firewalls cannot protect against the transfer of virus-infected files or software.

o Firewalls cannot prevent misuse of passwords.

o Firewalls cannot protect if security rules are misconfigured.

o Firewalls cannot protect against non-technical security risks, such as social

engineering.
o Firewalls cannot stop or prevent attackers with modems from dialing in to or
out of the internal network.
o Firewalls cannot secure the system which is already infected.

Therefore, it is recommended to keep all Internet-enabled devices updated.

This includes the latest operating systems, web browsers, applications, and other
security software (such as anti-virus). Besides, the security of wireless routers should
be another practice. The process of protecting a router may include options such as
repeatedly changing the router's name and password, reviewing security settings, and
creating a guest network for visitors.

23
Types of Firewall

Depending on their structure and functionality, there are different types of

firewalls. The following is a list of some common types of firewalls:

o Proxy Firewall

o Packet-filtering firewalls

o Stateful Multi-layer Inspection (SMLI) Firewall

o Unified threat management (UTM) firewall

o Next-generation firewall (NGFW)

o Network address translation (NAT) firewalls

Difference between a Firewall and Anti-virus

Firewalls and anti-viruses are systems to protect devices from viruses and other
types of Trojans, but there are significant differences between them. Based on the
vulnerabilities, the main differences between firewalls and anti-viruses are tabulated
below:

Attributes Firewall Anti-virus

Definition A firewall is defined as the Anti-virus is defined as the special

system which analyzes and type of software that acts as a
filters incoming or outgoing cyber-security mechanism. The
data packets based on pre- primary function of Anti-virus is to
defined rules. monitor, detect, and remove any
apprehensive or distrustful file or
software from the device.

Structure Firewalls can be hardware Anti-virus can only be used as

and software both. The software. Anti-virus is a program
router is an example of a that is installed on the device, just
physical firewall, and a like the other programs.
simple firewall program on
the system is an example
of a software firewall.

Implementation Because firewalls come in Because Anti-virus comes in the

the form of hardware and form of software, therefore, Anti-
software, a firewall can be virus can be implemented only at
implemented either way. the software level. There is no
possibility of implementing Anti-
virus at the hardware level.

Responsibility A firewall is usually defined Anti-viruses are primarily

24
 as a network controlling responsible for detecting and
system. It means that removing viruses from computer
firewalls are primarily systems or other devices. These
responsible for monitoring viruses can be in the form of
and filtering network infected files or software.
traffic.

Scalability Because the firewall Anti-viruses are generally

supports both types of considered less-scalable than
implementations, firewalls. This is because anti-
hardware, and software, virus can only be implemented at
therefore, it is more the software level. They don't
scalable than anti-virus. support hardware-level
implementation.

Threats A firewall is mainly used to Anti-virus is mainly used to scan,

prevent network related find, and remove viruses,
attacks. It mainly includes malware, and Trojans, which can
external network threats? harm system files and software
for example- Routing and share personal information
attacks and IP Spoofing. (such as login credentials, credit
card details, etc.) with hackers.

Computer Security Classifications

As per the U.S. Department of Defense Trusted Computer System's Evaluation
Criteria there are four security classifications in computer systems: A, B, C, and D.
This is widely used specifications to determine and model the security of systems and
of security solutions. Following is the brief description of each classification.

S.NO Classification Type & Description

1 Type A
Highest Level. Uses formal design specifications and verification techniques.
Grants a high degree of assurance of process security.

2 Type B
Provides mandatory protection system. Have all the properties of a class C2
system. Attaches a sensitivity label to each object. It is of three types.
 B1 − Maintains the security label of each object in the system. Label is
used for making decisions to access control.
 B2 − Extends the sensitivity labels to each system resource, such as
storage objects, supports covert channels and auditing of events.
 B3 − Allows creating lists or user groups for access-control to grant
access or revoke access to a given named object.

25
3 Type C
Provides protection and user accountability using audit capabilities. It is of
two types.
 C1 − Incorporates controls so that users can protect their private
information and keep other users from accidentally reading / deleting
their data. UNIX versions are mostly Cl class.
 C2 − Adds an individual-level access control to the capabilities of a Cl
level system.

4 Type D
Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this category.

26
 Chapter- 3

Case Studies
Linux

Linux is an open-source operating system like other operating systems such as

Microsoft Windows, Apple Mac OS, iOS, Google android, etc. An operating system is a
software that enables the communication between computer hardware and software.
It conveys input to get processed by the processor and brings output to the hardware
to display it. This is the basic function of an operating system. Although it performs
many other important tasks, let's not talk about that.

Linux is around us since the mid-90s. It can be used from wristwatches to

supercomputers. It is everywhere in our phones, laptops, PCs, cars and even in
refrigerators. It is very much famous among developers and normal computer users.

Evolution of Linux OS

The Linux OS was developed by Linus Torvalds in 1991, which sprouted as an

idea to improve the UNIX OS. He suggested improvements but was rejected by UNIX
designers. Therefore, he thought of launching an OS, designed in a way that could be
modified by its users.

Nowadays, Linux is the fastest-growing OS. It is used from phones to

supercomputers by almost all major hardware devices.

Structure Of Linux Operating System

An operating system is a collection of software, each designed for a specific

function.

Linux OS has following components:

27
1) Kernel

Linux kernel is the core part of the operating system. It establishes

communication between devices and software. Moreover, it manages system
resources. It has four responsibilities:

28
 o device management: A system has many devices connected to it like CPU, a
memory device, sound cards, graphic cards, etc. A kernel stores all the data
related to all the devices in the device driver (without this kernel won't be able
to control the devices). Thus kernel knows what a device can do and how to
manipulate it to bring out the best performance. It also manages
communication between all the devices. The kernel has certain rules that have
to be followed by all the devices.
o Memory management: Another function that kernel has to manage is the
memory management. The kernel keeps track of used and unused memory and
makes sure that processes shouldn't manipulate data of each other using virtual
memory addresses.
o Process management: In the process, management kernel assigns enough
time and gives priorities to processes before handling CPU to other processes. It
also deals with security and ownership information.
o Handling system calls: Handling system calls means a programmer can write
a query or ask the kernel to perform a task.

2) System Libraries

System libraries are special programs that help in accessing the kernel's
features. A kernel has to be triggered to perform a task, and this triggering is done by
the applications. But applications must know how to place a system call because each
kernel has a different set of system calls. Programmers have developed a standard
library of procedures to communicate with the kernel. Each operating system
supports these standards, and then these are transferred to system calls for that
operating system.

The most well-known system library for Linux is Glibc (GNU C library).

3) System Tools

Linux OS has a set of utility tools, which are usually simple commands. It is a
software which GNU project has written and publish under their open source license
so that software is freely available to everyone.

With the help of commands, you can access your files, edit and manipulate data
in your directories or files, change the location of files, or anything.

4) Development Tools

With the above three components, your OS is running and working. But to
update your system, you have additional tools and libraries. These additional tools

29
and libraries are written by the programmers and are called toolchain. A toolchain is a
vital development tool used by the developers to produce a working application.

5) End User Tools

These end tools make a system unique for a user. End tools are not required for
the operating system but are necessary for a user.

Some examples of end tools are graphic design tools, office suites, browsers,
multimedia players, etc.

Why use Linux?

This is one of the most asked questions about Linux systems. Why do we use a
different and bit complex operating system, if we have a simple operating system like
Windows? So there are various features of Linux systems that make it completely
different and one of the most used operating systems. Linux may be a perfect
operating system if you want to get rid of viruses, malware, slowdowns, crashes,
costly repairs, and many more. Further, it provides various advantages over other
operating systems, and we don't have to pay for it. Let's have a look at some of its
special features that will attract you to switch your operating system.

Free & Open Source Operating System

Most OS come in a compiled format means the main source code has run
through a program called a compiler that translates the source code into a language
that is known to the computer.

Modifying this compiled code is a tough job.

On the other hand, open-source is completely different. The source code is

included with the compiled version and allows modification by anyone having some
knowledge. It gives us the freedom to run the program, freedom to change the code
according to our use, freedom to redistribute its copies, and freedom to distribute
copies, which are modified by us.

30
In short, Linux is an operating system that is "for the people, by the people."

And we can dive in Linux without paying any cost. We can install it on Multiple
machines without paying any cost.

It is secure

Linux supports various security options that will save you from viruses,
malware, slowdowns, crashes. Further, it will keep your data protected. Its security
feature is the main reason that it is the most favorable option for developers. It is not
completely safe, but it is less vulnerable than others. Each application needs to
authorize by the admin user. The virus cannot be executed until the administrator
provides the access password. Linux systems do not require any antivirus program.

Favorable choice of Developers

Linux is suitable for the developers, as it supports almost all of the most used
programming languages such as C/C++, Java, Python, Ruby, and more. Further, it
facilitates with a vast range of useful applications for development.

Developers find that the Linux terminal is much better than the Windows
command line, So, they prefer terminal over the Windows command line. The
package manager on Linux system helps programmers to understand how things are
done. Bash scripting is also a functional feature for the programmers. Also, the SSH
support helps to manage the servers quickly.

A flexible operating system

Linux is a flexible OS, as, it can be used for desktop applications, embedded
systems, and server applications. It can be used from wristwatches to
supercomputers. It is everywhere in our phones, laptops, PCs, cars and even in
refrigerators. Further, it supports various customization options.

Linux Distributions

Many agencies modified the Linux operating system and makes their Linux
distributions. There are many Linux distributions available in the market. It provides a
different flavor of the Linux operating system to the users. We can choose any
distribution according to our needs. Some popular distros are Ubuntu, Fedora,
Debian, Linux Mint, Arch Linux, and many more.

For the beginners, Ubuntu and Linux Mint are considered useful and, for the
proficient developer, Debian and Fedora would be a good choice.

How does Linux work?

Linux is a UNIX-like operating system, but it supports a range of hardware

devices from phones to supercomputers. Every Linux-based operating system has the
Linux kernel and set of software packages to manage hardware resources.

31
 Also, Linux OS includes some core GNU tools to provide a way to manage the
kernel resources, install software, configure the security setting and performance, and
many more. All these tools are packaged together to make a functional operating
system.

How to use Linux?

We can use Linux through an interactive user interface as well as from the
terminal (Command Line Interface). Different distributions have a slightly different
user interface but almost all the commands will have the same behavior for all the
distributions. To run Linux from the terminal, press the "CTRL+ALT+T" keys. And, to
explore its functionality, press the application button given on the left down corner of
your desktop.

Microsoft Windows

Windows is a graphical operating system developed by Microsoft. It allows users

to view and store files, run the software, play games, watch videos, and provides a
way to connect to the internet. It was released for both home computing and
professional works.

Microsoft introduced the first version as 1.0

It was released for both home computing and professional functions of Windows
on 10 November 1983. Later, it was released on many versions of Windows as well as
the current version, Windows 10.

In 1993, the first business-oriented version of Windows was released, which is

known as Windows NT 3.1. Then it introduced the next versions, Windows 3.5, 4/0,
and Windows 2000. When the XP Windows was released by Microsoft in 2001, the
company designed its various versions for a personal and business environment. It
was designed based on standard x86 hardware, like Intel and AMD processor.
Accordingly, it can run on different brands of hardware, such as HP, Dell, and Sony
computers, including home-built PCs.

Editions of Windows

Microsoft has produced several editions of Windows, starting with Windows XP.
These versions have the same core operating system, but some versions included
advance features with an additional cost. There are two most common editions of
Windows:

o Windows Home

o Windows Professional

Windows Home

Windows Home is basic edition of Windows. It offers all the fundamental

functions of Windows, such as browsing the web, connecting to the Internet, playing
32
video games, using office software, watching videos. Furthermore, it is less expensive
and comes pre-installed with many new computers.

Windows Professional

Windows Professional is also known as Window Pro or win Pro. It is an enhanced

edition of Windows, which is beneficial for power users and small to medium-size
businesses. It contains all features of Windows Home as well as the following:

o Remote Desktop: Windows Professional editions allow users to create a

remote desktop connection. It provides users the option to connect with
another computer remotely, including share the control of its mouse, keyboard,
and view display. It is mainly accessed with the help of port 3389. Additionally,
we can also use the TeamViewer or VNC application to create a remote desktop
connection.
o Trusted Boot: It provides security as encrypting to the boot loader and
protects the computer from rootkits (Collection of software tools that allow
users to enter another computer through an unauthorized way known as
rootkits).
o Bitlocker: It allows users to encrypt a storage drive by using AES (Advanced
Encryption Standard) algorithm. This feature is present in Windows 7, and
Windows Vista (Only ultimate and Enterprise versions), including Windows
Server 2008.

Business laptops or computers mainly use the Bitlocker feature to protect their
data on the computer. As if your computer has been stolen, it is very difficult to break
the Bitlocker password. It can be unlocked by entering the correct password only.
Furthermore, if you forget your Bitlocker password, it cannot be retrieved.

o Windows Sandbox: A sandbox is located on a computer, network, or an online

service enables users to experiment or test computer security without
interrupting the system.
o Hyper-V: It stands for a hypervisor, and developed by Microsoft Corporation on
26 June 2008. It is also called Windows Server Virtualization. Hyper-V is used
for virtualization of x86-64 servers, running virtual machines and third party
software like VirtualBox.
o Group policy management: An admin can specify group policies in an
organization to manage different Windows users.

33
 o It provides support for the systems that have more than 128 GB of RAM.

o Furthermore, it also offers more Windows update installation options as well as

flexible scheduling and postponement around 34 days.

When Microsoft Windows was not introduced, all of the Microsoft users were
used MS-DOS operating system. Microsoft gave one word to most of its products; it
required a new Word that can represent its new GUI operating system. Microsoft
decided to call it Windows because it has the ability to perform several tasks and run
applications simultaneously.

Another reason behind calling it Windows was that you could not trademark a
common name like Windows. Its official name was Microsoft Windows, the first
version 1.0 of Windows was introduced in 1995.

History of Microsoft Windows

Since 1983, Microsoft is producing Windows. The founder of Microsoft 'Bill

Gates' announced for Microsoft Windows on 10 November 1983 and released the first
version of Windows in 1985. The following table contains history of Windows from
edition 1 to 10.

Version History

Windows Microsoft introduced Windows with its first version 1.0. It

1.0 was released on 20 November 1985, and at the beginning,
it was sold for $100.00. Additionally, it was the first effort
by Microsoft to produce a graphical user interface in 16-bit.

Windows The second version, Windows 2.0, was produced by

2.0 Microsoft on 9 December 1987 as well as it also introduced
the Window 386 on the same day. Initially, the price was
the same $100.00 for both of the Windows in the market.
It came with new features such as it was able to overlap
each other, and it also introduced the new way to maximize
and minimize the window, instead of using 'zooming' and
'iconizing' respectively.

Furthermore, it also included the control panel feature

where several system settings and configuration options
are available in one place. Even Microsoft Word and Excel
were also used for the first time on Windows 2.  

34
Windows It was released in June 1988, and at the beginning, its
286 price was $100.00. 

Windows It was the first Windows that needed a hard drive. It was
3.0 launched by Microsoft on 22 May 1990. Its full version was
sold for $149.95, and the updated version was $79.95.
Additionally, the multimedia supported Windows 3 was
introduced in October 1991.

Windows version 3.0 gained more success, and it became a

challenge for Apple's Macintosh and the Commodore Amiga
GUI as it was provided pre-installed on computers by PC
compatible manufacturers as well as Zenith Data Systems.
It was also able to run the MS-DOS program in Windows
that allowed multitasking in legacy programs as well as
supported 256 colors, which made the interface more
colorful and advanced.

Windows It was launched in April 1992, when it was in development

3.1 its code name was Sparta. It was the commonly used
operating system for the PC graphical user interface. In the
first two months after its release, more than one million
copies were sold. It made the Windows usable publishing
platform for the first time by introducing the TrueType
fonts. Minesweeper was also used for the first time on the
Windows 3.1.
It was needed only 1MB of RAM to run, and it allowed users
to control the MS-DOS programs with the help of a mouse
for the first time. Furthermore, it was also the first
operating system to be distributed on a CD-ROM.
Some other generations of version 3.1 are as follows:

o In 1992, the Windows for Workgroups 3.1 was

launched.
o Microsoft introduced Windows NT 3.1 on 27 July
1993.
o An updated version of Windows 3.1, Windows
3.11, was introduced on 31 December 1993.
o In February 1994, the Windows for Workgroups 3.11

35
 was launched.
o On 21 September 1994, the Windows NT 5 was
introduced.
o The next version Windows NT 3.51, was introduced
on 30 May 1995.

Windows As the name specifies, Windows 95 was launched on 24

95 August 1995, and within four days of its release, more than
one million copies were sold. It introduced the Start button
and Start menu features for the first time, including
important features such as a 32-bit environment,
multitasking, and taskbar. Furthermore, MS-DOS still
played a vital role in Windows 95, with the help of some
programs and elements.
Internet Explorer was also used on the Windows 95 for the
first time, but it could not be installed by default, it needed
the Windows 95 plus pack for it. Later, Windows 95
improved and included the IE browser by default.

Windows It was introduced on 24 February 1996.

95 Service
Pack

Windows On 29 July 1996, Windows NT 4.0 was launched.

NT 4.0

Windows
o The first version 0 of Windows CE was introduced
CE
in November 1996.
o The Second version 0 of Windows CE was launched
in November 1997.
o The next version 1 of Windows CE was released
in July 1998.
o The third version, 3.0 of Windows CE, was introduced
in 1999.

36
Windows It was developed on Windows 95, and introduced in June
98 1998. It was released, including Internet Explorer 4,
Windows Address Book, Outlook Express, Microsoft Chat,
and NetShow Player.
The second version of Windows 98 was introduced on 5
May 1999, in this version the NetShow Player was replaced
by Windows Media Player 6.2. It was also brought with the
address bar and back/forward navigation buttons in
Windows Explorer, and more other features.
Windows 98 came with the new feature Windows Driver
model for computer components and accessories, which
offered support to all future editions of Windows.
Furthermore, it was improved USB support including USB
mice and USB hubs.

Windows On 17 February 2000, it was launched.

2000

Windows It was invented in September 2000, and it was the last

ME operating system, which was based on MS-DOS and in the
Windows 9x line. According to the enterprise market, it was
considered consumer-aimed Windows with the Windows
2000. It was also provided some useful features for
consumers as well as more automated system recovery
tools.
Additionally, an Internet Explorer, Windows Movie Maker,
and Windows Media Player 7 were used on Windows ME for
the first time.

Windows It was introduced on 17 February 2000. Basically, it was

2000 based on Microsoft business-oriented system Windows NT,
and later it provided the base for the Windows XP.
Furthermore, the automatic updating feature made their
appearance for the first time on Windows 2000, and it was
the first operating system to support hibernation.

Windows Windows XP was considered the best edition of Windows; it

XP was introduced on 25 October 2001. It followed Windows
ME and provided consumer-friendly elements. The 64-
bit version of Windows XP was introduced on 28 March
2003. Furthermore, Its Professional x64 version was

37
 introduced on 24 April 2005.

The start button and taskbar were replaced by including

the green Start button, blue task bar, and vista wallpaper,
as well as several shadows and more visual effects.
It also brought some important features, such as
ClearType, which helps to read content on LCD screens,
autoplay from CDs and other media, different automated
update, and recovery tools.

Additionally, It was used for the longest time, and even

when it was discontinued, it was used at an estimated 430
m PC.

Windows It was introduced by Microsoft In January 2007. It was

Vista brought the better look and feel user interface and included
transparent elements, security, and search. When it was in
the development phase, its code name was "Longhorn."
Windows Media Player 11 and Internet Explorer 7 were
made their appearance for the first time on Windows Vista,
included Windows Defender, an anti-spyware program. It
was also provided some useful features such as Windows
DVD Maker, speech recognition, and Photo Gallery.
Furthermore, it was the first operating system to be
distributed on DVD.

Windows On 27 February 2008, Microsoft introduced Windows Server

Server 2008.
2008

Windows 7 It was introduced on 22 October 2009 to overcome all

problems that were faced by Windows Vista. It was
released with user-friendly features and less dialogue box
overload. It was more stable, faster, and easy to use as
compared to release other previous versions. Additionally,
the handwriting recognition feature was used for the first
time on Windows 7.

As IE was the default browser in Microsoft Windows, the

antitrust investigations used Microsoft in Europe for making

38
 it a default browser. Consequently, it had to provide the
users the option to choose and install the browser on the
first boot.

Windows On 4 September 2012, Microsoft was released Windows

Server Server 2012.
2012

Windows 8 It was introduced by Microsoft on 26 October 2012. It was

released with new features, such as a fast operating
system, support for the USB 3.0 devices, and Web store.
The Web store is a place where you can download different
types of Windows applications; its full-screen mode was
run for the first time on Windows 8.

Windows It was launched by Microsoft on 17 October 2013. It was

8.1 re-launched the Start button, which was able to display the
Start screen from the desktop view of Windows 8.1.
Furthermore, it provided a way to select boot directly into
the desktop.

Windows On 29 July 2015, Microsoft introduced Windows 10. It was

10 released with some new features such as switching
between a keyboard and mouse mode and a tablet mode,
which was beneficial for the users who use computers like
surface Pro 3 with a detachable keyboard. It was designed
for all Windows platforms across several devices, as well as
Windows tablets and Phones, including common
applications.

Features of Windows

Microsoft Windows includes a lot of features to help users. Some of its excellent
features are as follows:

1. Control Panel: Windows provides a Control Panel feature that includes many

tools to configure and manage the resources on their computer. For example,
users can change settings for audio, video, printers, mouse, keyboard, network
connections, date and time, power saving options, user accounts, installed
applications, etc.

39
2. Cortana: Windows 10 introduced a feature named Cortana, which is able to
accept voice commands. It can perform various tasks such as it can answers
your questions, search data on your computer, online purchases, set reminders,
and appointments, etc. Furthermore, it acts like other voice-activated services
such as Google Assistant, Alexa, or Siri, including one more benefit of searching
the information on your computer. To open the Cortana in Windows 10,
press Window key + S.

40
3. File Explorer: It is also known as Windows Explorer, which displays your files
and folders on the computer. It allows users to browse the data on the hard
drive, SSD and other inserted removable disks like pen drives and CDs, and you
can manage the content according to the requirements such as delete, rename,
search, and transfer the data.

4. Internet browser: As the internet browser is very important to search for

anything, view pages, online shopping, play games, watch videos, etc. Windows
come with a pre-installed internet browser. in Windows 10, the Edge internet
browser is the default browser. Furthermore, Internet Explorer was the default

41
 browser in Microsoft Windows from the Windows edition 95 to 8.1 version.

5. Microsoft Paint: Since November 1985, Microsoft Windows comes with pre-

installed Microsoft Paint. It is a simple software to create, view, and edit an
image. It offers several tools to draw an image, crop, resize, and save an image
with a different file extension.

6. Taskbar: Windows comes with a taskbar that displays currently opened

programs, it also allows users to access any specific programs. Additionally, it
includes the notification area on the right side that shows date and time,
battery, network, volume, and other background running applications.

7. Start menu: Microsoft Windows contains a start menu to the left side of the
taskbar. It displays programs and utilities that are installed on the computer. It
can be simply opened by clicking on the Start menu button or pressing the start
key on the keyboard.

42
8. Task Manager: Windows includes the task manager feature that provides
detail of the running applications or programs on the computer. You can also
check how much of the system resources, such as RAM, CPU, disk I/O, are
being used by each of the applications.

9. Disk Cleanup: It is used to free up disk space with the help of deleting
temporary or unnecessary files. It also helps to enhance the performance of the
computer, and boost storage space to download the programs and documents.
To open Disk Cleanup, follow the below steps:
o Open the File Explorer by pressing Window + E.

o Then, right-click on any disk drive and select Properties option from the
drop-down list.

43
 o Now, click on the Disk Cleanup.

Difference between Linux and Windows OS

Below is a table to describe the major factors about Linux and Windows

operating systems:

Topic Windows Linux

Command Windows allows users to use Although the Linux command-line

Line the command line, but not as a offers more features for
Linux command line. To open administration and daily tasks, it
the command line, click on the does not offer much to end-users.
Run dialog box and type CMD in
the run search bar and press
Enter key.

Reliability Windows has improved its Linux is more reliable and secure
reliability in the past few years, then Windows OS. It mainly
but still it is less reliable as focuses on system security,
compared to Linux. process management, and up-
time.

Usability Windows is easier to use as it Although Linux has the ability to

provides a simple user perform complex tasks easier, its
interface. But its installation installation process is complicated.
process can take more time.

44
Security Microsoft has enhanced the Linux is a more secure operating
security features in Windows system as compared to Microsoft
over recent years. As it has a Windows. Even attackers found
huge user base, mostly for new difficulty in breaking the security
computer users, it can be easily with the help of Linux.
targeted for malicious coders.
Furthermore, among all of the
operating systems, Microsoft
Windows can be part of
developing malware and
viruses.

Support It provides users the online and A wide number of books are
integrated help systems, as well available to offer help about
as a large number of Linux, including online support.
informative books, are available
to provide help for people at all
skill levels.

Updates Regular Windows update makes Linux provides users full control
users frustrated by alerting the over updates. They can update it
Windows update for accordingly, and it takes less time
inconvenient times. to get an update as well as
Additionally, it takes more time without any reboot the system.
to get an update.

Licensing Microsoft Windows with license Linux operating system with a

does not allow to modify the license offers users the benefit to
software (don't have access to re-use the source code on any
the source code). It can be number of systems. It is also
installed only on the systems allowed the users to modify the
with a Windows license key. software and sell its modified
version.

45