An Integrated RFOS Model for Risk Assessment on Real Time Operating System

An Integrated RFOS Model for Risk Assessment on Real Time Operating System

Prashant Kumar Patra (Department of Computer Science and Engineering, Biju Patnaik University of Technology (BPUT), Bhubaneswar, Odisha, India) and Padma Lochan Pradhan (Department of Computer Science and Engineering, Central Institute of Technology, Naya Raipur, Chhattisgarh, India)
DOI: 10.4018/ijsita.2014040103
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

The preventive control is the one of the best and well advanced control in all aspects of day to day life. The prevention afforded to an automated system control system in order to attain the highest applicable objectives of preserving the confidentiality, integrity and high availability of information system resources (including hardware, system software, firmware, processor, memory and data).The risk assessment is the process of identifying vulnerabilities and threats to operating system resources to achieving highest business objectives and deciding what counter measures to take in reducing the lowest level of risk. The proposed RFOS model and mechanism provides accountability for individuals who are accessing sensitive information on application, system software, server and network. This accountability is accomplished through access control mechanisms that require Confidentiality, Integrity, Authentication, Access control, Non repudiation, Availability and Privacy through operating system audit function. We have to develop the dynamic RFOS model for risk optimization process on operating system. This paper contributes to the development of an optimization mechanism that aims to determine the optimal cost to be invested into security model and mechanisms deciding on the measure component of operating system resources (i.e. Processor, Memory, File System, Kernel). Furthermore, this algebraic model and mechanism optimize the cost, time and resources is supposed to optimize the system risks. The control is inversely proportional to the risk and control is directly proportional to the standard. In this research paper, we are proposing integrated, hierarchical and dynamic way of Relation, Function, Operation and Services Model for optimizing the risk on the real time operating system. Preventive Control is inversely proportional to the Risk and directly proportional to the Quality.
Article Preview

1. Introduction

The increased applications of business, computer and communications system (BCCS) by IT industries has increased the risk of theft of proprietary information. The real time operating system control and audit is a primary method of preventing system resources (Processor, Memory and Encryption Key) (Schneier., 1996). The system control is probably the most important aspect of communications security and becoming increasingly important as basic building block for computer security (Stalling, 2006). The preventing control is inversely proportional to the risk and mean while control is directly proportional to the quality of standard(S). The preventive control provides accountability for individuals who are accessing sensitive information on application, system software, server and network. This accountability is accomplished through access control mechanisms that require identification, authentication, authorization, non-repudiation, availability, reliability and integrity through the audit function. We have to develop the method and mechanism for risk assessment on operating system based on available product, technology, business and resources (Weber, 2002).

1.1. Real Time Operating System [10, 14, 15]

The operating system of a computer (Server) being highly secure depends on a number of su-systems (tools and utilities) that working efficient and reliable manner in around the clock to avoid conflict resolution among the resources. The modern operating system provides access to a number of resources and sub-system, which are available to system software running on the system and to external devices like communication networks (LAN-LAN-WAN-WAN-LAN). The real time operating system is the most important and high available system software (program) that run on the heart of the computer (kernel). The every general-purpose computer must have an operating system to run other multiple application and business programs (William, 2009; Tanenbaum, 2010).

In the large scale operating system the multitasking, multiuser, time sharing operating system where multiple programs can be running at the same time, the operating system determines which applications should run in what order and how much time should be allowed for each application before giving another application a turn. It manages the sharing of internal memory among multiple applications. It handles input and output to and from attached hardware devices, such as hard disks, printers, and dial-up ports. On computers that can provide parallel processing, an operating system can manage how to divide the program (parallel program) so that it runs on more than one processor at a time (Kai, 2008; William, 2009; Tanenbaum, 2010).

The operating system control is a step by step process of securely configuring a system to protect it against unauthorized access, mean while taking steps to make the system more reliable. Generally, anything that is done in the name of system, the preventive control ensures the system is secure, reliable, scalable and high available for high IT culture. The operating system control is the process to address security weaknesses in operation systems by implementing the latest OS patches, hot fixes and updates and following procedures and policies to reduce attacks and system down time mean while decreases the throughput of the system. The preventive control of the operating systems is the first step towards safeguarding systems from intrusion. The workstations, applications, network and servers typically arrive from the vendor, installed with a multitude of development tools and utilities, which although beneficial to the user, but also provide potential back-door access to the systems time (Kai, 2008; William, 2009; Tanenbaum, 2010).

The operating system performs these services for applications (See Figure 1).

Figure 1.

RTOS architecture

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 8: 4 Issues (2017): Forthcoming, Available for Pre-Order
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing