Information Technology Reference
In-Depth Information
Chapter 4
The Last Line of Defense:
A Comparison of Windows and Linux
Authentication and Authorization Features
Art Taylor
Rider University, USA
abStract
With the rise of the Internet, computer systems appear to be more vulnerable than ever from security
attacks. Much attention has been focused on the role of the network in security attacks, but evidence
suggests that the computer server and its operating system deserve closer examination since it is ulti-
mately the operating system and its core defense mechanisms of authentication and authorization which
are compromised in an attack. This chapter provides an exploratory and evaluative discussion of the
authentication and authorization features of two widely used server operating systems: Windows and
Linux.
the laSt line of defenSe: the
operating SyStem
of the host operating system. This alteration is
often with the intent of propagating the malicious
program and continuing the attack (virus, Trojan
horse) or potentially damaging, stealing or alter-
ing some content on the host machine. While this
type of attack may be aided by the network and
security weaknesses therein, the attack could not
be successful without ultimately compromising
the host operating system. While much attention
has focused on securing the network, since it is
ultimately the operating system which is compro-
mised, a closer examination of the defense mecha-
The number of computer security incidents re-
ported from various forms of attacks has increased
significantly since the introduction of the Internet
(CERT1; Yegneswaran, Barford, & Ullrich, 2003).
Though it is clear that the introduction of the Inter-
net coupled with the decreased cost of networking
has helped to pave the way for attackers, the end
result of most malicious attacks is the alteration
Search WWH ::
Custom Search