Академический Документы
Профессиональный Документы
Культура Документы
I.
I NTRODUCTION
Security measures have always been given great consideration in the design of operating systems. The purpose of
this is to not only ensure that an operating systems actions
will function correctly, but to also prevent malicious entities
from negatively modify with them. As security mechanisms
improve, so do external aggression tactics in parallel. For this
reason, there must be continuous progress made in the field of
operating systems security. The advent of the Internet Age has
brought with it various new concerns for operating systems architects ranging from keyloggers to unwanted script injections.
Such attacks are often concealed in uploaded files on the internet, with attacks being as basic as fake emails that phish for
a users personal information and as complicated as malicious
code hidden within a modified copy of an otherwise innocuous
executable file. Nevertheless, computer security experts have
striven to protect operating systems everywhere from foreign
attacks by implementing an assortment of authentication, authorization, and access control mechanisms. With that idea
in mind, we must note that as the internet rapidly expands
from being user-to-server or user-to-user focused many of
these security measures must be reevaluated. No longer should
operating system security be thought in terms of users, but at
the fields forefront is the idea of an automated agent that
has no physical representation [or]particular service provider
but rather establishes contracts with service providers to get
or provide access to data to accomplish some function for
users[1].
II.
BACKGROUND
M ETHOD
tradeoffs between both sides of the regulation spectrum. Network breaches would not be as dangerous due to applicationisolated homogenization at the cost of regulation accessibility.
Conversely, regulation of security protocols would be simplified due to homogenization at the cost of the increased threat in
network breaches. The concern behind this approach would be
that although it contains the benefits of both heterogenization
and homogenization, it implements neither optimally while
also containing the tradeoffs of both. Essentially the problem
with partial homogenization of the IoTs security protocols is
its potential lack of an audience; for some parties this approach
would not be specific and safe enough, and for others this
approach would be too restrictive to apply on a large scale.
C. Effects on Operating Systems
Regardless of security standardization policies, the potential dangers of an increasingly complex IoT should be apparent
to operating system architects. An operating system wishes
to preserve its authentication and authorization policies even
in the presence of the internet. Security breaches achieved
by malicious entities through the internet can force operating
systems to run unintended code and modify or extract user files
or directories. Consequences could range from minor instances
such as text-file corruption to graver instances such as the
installation of a keylogger without detection by the operating systems defense mechanisms. In handling the security
problems of the Internet of Things, we must also consider
the potential harm done to individual operating systems. The
breach of an online service has the potential to give the attacker
access to information on numerous users and possible ways
to infiltrate their computers. We can easily understand the
implications of such an incident, especially for websites such
as Facebook which cater to millions of users. Failure in the
security protocols of large online services could potentially
threaten and expose millions of operating systems. As attacks
on online services threaten more operating systems than usertargetted attacks, the security implications of the Internet of
Things growth should be held with the same, if not more,
weight as security issues for individual operating systems.
IV.
C ONCLUSION
R EFERENCES
[1] The Security Implications of IoT: A Roundtable Discussion
with Four Experts Network World. Web. 13 Mar. 2015.
http://www.networkworld.com/article/2881754/internet-of-things/thesecurity-implications-of-iot-a-roundtable-discussion-with-fourexperts.html
[2] Haller, N. et al, On Internet Authentication, Naval Research Laboratory,
Oct 1994.
[3] Understanding Linux File Permissions, Linux.com. Web. 13 Mar.
2015. http://www.linux.com/learn/tutorials/309527-understanding-linuxfile-permissions
[4] Barnhart, E. et al, Consideration for Machine-to-Machine communications architecture and security standardization, IEEE 5th International
Conference. IEEE, Dec 2011.
[5] Buyya, R. et all, Internet of Things (IoT): A vision, architectural elements, and future directions, The University of Melbourne. Department
of Electrical and Electronic Science, 2013.