Building a Secure System

Intro to Operating Systems
POS/355

Building a Secure System Consider building a company’s computer network system to allow a set number of people to use this system. This computer system needs to be safe, secure and above all protected so the information doesn’t fall into the wrong hands. There are many different protection designs to choose from, each will be dependent upon the size of the company and the type of computer system to be used. Smaller companies will have different levels of protection than larger companies. I am going to discuss creating a computer network system that can handle 5000 people and allow 4990 of them to have access to one file. This larger company will have to be protected from outside as well as from within. There will have to be different levels of protection to ensure the different levels within the company. I will discuss the use of a UNIX system to help us with our protection scheme. The UNIX system has a basic level of protection that will need to be adjusted or reworked to provide the level of protection needed for the different levels within the company. To get this protection we will have to set unique user ID’s and passwords to restrict the access from non-users in the beginning. After the initial set up these users will have to have further protection to prevent unwanted access to files that are more sensitive and not be able to make changes to them. In the company we have set up, we will grant access to the 4990 users and allow them to have access to a specific file while blocking the remaining 10 users. The easiest way to achieve this is to use an ACL, or Action Control List, which is an identity dependent protection scheme used by a system to grant or restrict access to sensitive data.(Rouse, January, 2006, p. 1)
An ACL can be set up for on person or a group of individuals all with different levels of privileges. When the ACL is set up it can designate who gets what rights. The group of users will be first given a default set of access and then an administrator will assign each person with the different levels at which they are allowed to have access. A beginner would have limited access compared to the administrator. And the list goes on. The users will all be assigned designations or ranks and in these ranks they will have access to specific files and rights to do certain functions all monitored by the administrator. In this case of the 5000 users involved it may be easier to specify what the ten users will have access to and allow the remaining 4990 to have complete access, but I think it would be better to have a training plan for the 4990 users set up by the administrator to train the ones who want to go up in rank, allowing specific access controlled by either a completing a set of programs and/or by the administrators approval. This way there would not have to be a code written to support all 4990 users. In any system there will always be different levels of users. Some will have the capacity to read only access, while others will have the privilege to have read/write capabilities. Either way we set up the user’s access points, the system we set up will look at the ACL to know what permission to give each one using it. And as each person is building a set of their own specific user files it will be easier for the administrator to control them. As the persons who control some of the specific files grants permission to them, the ACL regulates access for the names that are on that list. Not only do we need to have protection from users not