Operating System Long Questions and AnswersHere in this section of Operating System Long Questions and Answers,We have listed out some of the important Long Questions with Answers on Design Principles of Security which will help students to answer it correctly in their University Written Exam.

Lists of Long Descriptive type Questions that may be asked in Written Exams.

  • (1) Write short note on Design Principles of Security.

Question-1 Write short note on Design Principles of Security.

Principles of Least Privileges:

  • It restricts how privileges are granted.
  • This principle states how the privileges are to be granted to a subject. A subject should be given only those privileges that it requires for completing a task.
  • If a subject does not need a specific right it should not be granted that right.
  • For example, if a subject requires append rights to an object then it must be given only the append rights and not the write rights.

Principe of Fail Safe Defaults:

  • It restricts how privileges are initialized when a subject or object are created.
  • This principle states that unless the subject is given explicit access to the object it should be denied access to that object.
  • This means that the default access to object is none.
  • All the access rights should be given explicitly granted.

Principle of Economy of Mechanisms:

  • This principle simplifies the design and implementation of security mechanisms.
  • This principle states that security mechanism should be as simple as possible.
  • If design is simple there are fewer chances for errors.
  • The checking and testing procedure becomes simpler.

Principles of Complete Mediation:

  • This principle states that all the accesses to object be checked in order to ensure that they are allowed.
  • Whenever a subject attempts to read an object the OS mediate the action.
  • First it determines if the subject is allowed to access the object.
  • If so it provides resources for reading the object.
  • If the subject reattempts the read operation then it checks if the subject is still allowed to read the object and then allows for reading.

Principle of Open Design:

  • This principle suggests that complexity doesn’t add security.
  • This principle states that the security of mechanism should not depend on the secrecy of its design or implementation.

Principles of Separation of Privileges:

  • This principle states that the access of an object should not depend only on fulfilling a single condition.
  • There should be multiple conditions required to grant privilege and two or more system components work together to enforce security.

Principles of Least Common Mechanism

  • This principle states that the amount of mechanism common to and depending on multiple users should be kept to the minimum possible.

Principles of user Acceptability

  • This principle states that the mechanism used for protection should be acceptable to the users and should be easy to use.
  • Otherwise, the user may feel a burden to follow the protection mechanism.
Share with : Share on Linkedin Share on Twitter Share on WhatsApp Share on Facebook