The operating system provides steps to stop interference with the use of physical and logical resources, known as protection and security. Safety and security are sometimes used interchangeably as they don’t sound very distinctive. However, the terms protection and security are very different. The most important difference between security and radial protection in the fact that the management of external information dangers in computer systems, while protection addresses internal threats.
|Provides access to the system only to legitimate users.||Controls access to system resources.|
|Type of threat involved|
|Describes who is authorized to use the system.||Specifies which files a particular user can access.|
|Do you drive|
|more complex concerns.||Quite simple queries.|
|Authentication and encryption are performed.||Set or modify authorization information.|
What is security?
The security of a system revolves around the external environment and, in addition, requires an adequate protection system. Security systems incorporate the protection of your computer resources against unauthorized access, malicious alterations and inconsistencies. Here in the special circumstance, the resources are the data saved in the system, CPU, memory, disks, etc.
System security highlights the process of machine authentication in order to secure physical resources as well as the integrity of data stored on the system. Security provides a mechanism to safeguard user applications and data against interference by an entity or individual external to the machine. For example, in an organization, the data is obtained by different employees, but it cannot be obtained by a user who does not exist in that particular organization or a user who works in other commercial companies. It is the critical task for an organization to provide some security mechanism so that no external user can access the information of the organization.
What is protection?
Protection is a security component that controls access to a system by optimizing the types of file access allowed to users. The Protection of a system must ensure the consent of users or processes. Because of this, these authorized users or processes can operate on the CPU, memory segments, and other sources. The protection mechanism must provide a means of specifying the controls to be imposed, along with a way of enforcing them.
The protection was perceived as an addition to a multiprogramming operating system, to prevent untrusted users from sharing common physical and logical namespaces, such as an instance, a file directory, and memory, respectively. Protection is required to intercept the intentional and perverse violation of an access restriction with a user. However, it is important to ensure that each existing active program component on a system uses system resources only reliably, as directed by policies. It includes preventing the user’s data and applications from interference by other users of this machine.
Protection can be translated by an example similar to that given in security, any organization can have several departments under which many employees operate. Different departments can share common information with each other, but not sensitive information. So, different workers have different data access rights according to which they can access the specific data.
- Security provides a mechanism to verify the identity of the user or process to allow them to use the machine. On the other hand, protection controls access to system resources.
- Security is a broad term that handles more complex queries, while protection falls under identifiers and security under less elaborate topics.
- The security policy describes whether the specific person can use the machine or not. As against, the protection policy specifies what the user can access the particular resource (eg file).
- Protection requires the internal threat type, while in Security external threats are also involved.
- Authorization is used in the protection mechanism. Rather, the security mechanism authenticates and encrypts the user or process to enforce data integrity.