Computer Systems Security

ComputerSystems Security

LinuxOperating System

Themost common definition of an operating system is that it is systemsoftware that normally takes care of or manages both hard andsoftware resources. In addition, it provides a common service forcomputer programs. It is classified as a component of the systemsoftware in a computer system. The operating system offers aid to theapplication programs to enable them function. It is a very importantcomponent that requires security. Securing this component isimportant having in mind the basic understanding that this is themost important software that runs on the computer. This device, it isresponsible for managing the computer’s memory and the processesperformed by the device. There are hosts of the operating systems,which includes Microsoft windows, Mac OS, and Linux. The threeexamples are the most commonly known types of operating system(Lawrence,2016). However,there are also advanced operating systems such as Unix. It is amulti-user system, which allows more than one person to use a singlecomputer at the same time. This discussion entails investigationof the level of security contained in Linux as well as outliningthe security measures it contains. It also tries to assess the levelof vulnerability Linux possess.

LinuxSecurity Status

Well,Linux is similar to a Unix and POSIX-compliant computer operatingsystems. Linux is assembled with the principle of free and opensource software development as well as distribution. Experts arguethat Linux is actually the best known and most commonly utilized typeof open source OS. Linux is functioning as an operating system sitsunderneath every other software in a system unit (Gasser,2010).TheLinux TM distributions for years now have been receiving a host ofsimilar criteria certification. A two-year-old ongoing open sourcedevelopment effort that is aimed at making Linux compliant to setsecurity and protection outline was recently devices known ascontrolled access protection profile. It is a certification criterionthat Linux is trying to use to look submissive to the protectionoutline such as the Role-Based access control protection profileincluding the labeled security protection profile. This recent Linuxinnovation aimed at modernizing software security has seen theaddition of important features such as the SELinux and a number ofother Linux components. There is the a feature that security systemdevelopers have worked hard to come up with so that they can makeLinux move in the direction to comply with LSPP and RBACPP protectionprofiles(Fort, 2011). Thisdiscussion will be able to brief on the current state of Linuxsecurity status on shed light on its development. There is also theLinux security module that was aimed at enabling the creation of awide range of security management for Linux systems. The main userthe Linux security module known is NSA SELinux module although thereis a possibility that a number of other security minded developershave the urge of using this security functionality.

LinuxSecurity Level

Thecommon criteria certification for Linux distributions has continuallybeen done since the 1stcertification took place. Researchers have credited Linux to havingmade noticeable progress towards the direction of trying to come toterms with the added functional requirements. They argue that it hasworked hard in trying to reach the set rising assurance levels. Itis not only Linux on toes but also other software developers comingfrom different organizations are sweating in addition of the featuresnecessary to certify against the set functional requirements. The setfunctional requirements are that any operating system has toimplement a compulsory security policy known as the multilevel accesscontrol. This has to be enforced by every software developer inrelation to what is referred to as BLP access rules regardingsoftware operations(Gasser, 2010).LinuxCommon Criteria Certification has seen various activities change fromthe primary documentation including test process of thefunctionalities that existed before to a more advanced functionality.This new brand functionality constitutes of the most moderncertification. It stretches way toward the creation of a host of anew variety of security features that are needed to match the MLSstandards rendered to comply with the RBACPP and LSPP certification.The history of the Linux common criteria certification can assist alot in trying to define the current RBACPP and LSPP certificationefforts. This is for the reason that each move made in thedevelopment of functionality certifications has its background fromthe immediate successors it takes from.

Evaluationof Linux Security Capabilities

SLES8 SP 3 received an EAL3+ certification regarding criteria ofcertification governed by the controlled Access protection profile in2004. Research argues that this certification was very important forLinux for the reason that it set a milestone without forgetting thefact that it was the first time ever an open source operating systemin this case Linux recorded a certification pass in reference to aprotection profile (Lawrence,2016). Itwas a huge success for Linux because the SLES 9 and RHEL 4 attainedan EAL2+ meaning that both of them were compliant with the CAPP. Thesecurity capabilities that were evaluated for Linux that scored EAL2+certification now presented an important forum for the softwaredevelopers to gain an advantage of attaining a conformance that wouldbe on top of CAPP. Linux has experienced several audit systemiterations up to this moment .The common criteria certificationefforts by software developers have equipped Linux with what can bedescribed as added security features that give Linux the green lightto utilize a range of environments (Fort,2011). Thisis the same environments that Linux was not there before recommendedto be used. It is important to understand that at the beginning MLSwas basic to usage in the only military and government installation.Now, RBAC is capable of assisting institutions such as medical andfinancial departments in meeting data processing needs that arestrict in nature. In addition, the most import thing with Linuxhaving modernized feature is that in an open environment the use ofthese operating system it will assist in improving the securitystandards to a greater extent.

Assessmentof Linux Vulnerability

Thetask of developing functionality that would make Linux reduce thelevel of vulnerability proved to be rather more difficult that it wasinitially thought. The final result never actually reflected theprospects in which the software developers had in mind. For instance,SELinux gives a flexible framework for defining security rules. Theproblem is that it mainly focuses on the type enforcement policy andnothing else. For a while, SELinux support for an MLSpolicy has beenavailable. The problem is that it has not presented an easyopportunity for it to be used the reason being that there is asupport tool which developers are working hard to come up with. Thehope is that with time, Fedora and Red Hat Enterprise Linux will in ashort time have the required facility necessary to set up a systemmeeting LSPP requirements to the highest certificatory level(Lawrence,2016).The MLS, as well as TE capabilities of SELinux developed by softwareengineers, provided a primary protection functionality that was muchrequired to meet the LSPP and RBACPP threshold target. SELinux was asecurity functionality that provides a stepping stone for thedevelopment of various features by software experts that broughtabout modifications to allow the operating software be used in strictenvironments (Gasser, 2010).At the moment, there are developments that are in place with theparties involved in eliminating the level of vulnerability have beenable to come to a common understanding to get better results. Certainfeatures considered problematic have been eliminated in order forLinux to impose additional restrictions on certain applications toremediate potential security problems now and in the near future.


Theoperating system allows one to communicate with computer bearing thefact that an individual is totally unaware of the computers language.So it is a special component that requires protection thus securityto ensure it performs its duties to perfection. It is important tonote that as computers have progressed or continue to develop, so dothe operating systems(Fort, 2011).Viruses, as well as worms, often spread byconvincing computer users to do something while in operation that isprohibited not to. This includes things like open attachments whichunknowingly carry viruses and worms. It important for softwaredevelopers coming up with systems those with the modernizedfunctionality features which secure enough to help curb the problemof vulnerability.


Fort,G. (2011).&quotNationalSecurity Agency Shares Security Enhancements to LINUX&quot.NSA Press

Release.NationalSecurity Agency Central Security Service. 2001-01-02.Retrieved 10April 2016

Gasser,F.(2010). Fedora13 Security-Enhanced Linux User Guide.Fedora Documentation

Project.p.&nbsp96. ISBN&nbsp978-1-59682-215-3.Retrieved 10April 2016

Lawrence,S. (2016). SELinux Project.Retrieved 10April 2016