Threats to Operating System Integrity:
Operating system control objectives are sometimes not achieved because of flaws in the operating system that are exploited either accidentally or intentionally.
Accidental threats include hardware failures that cause the operating system to crash. Operating system failures are also caused errors in user application programs that the operating system cannot interpret. Accidental system failures may cause whole segments of memory to be ‗dumped‘ to disks and printers, resulting in the unintentional disclosure of confidential information.
Intentional threats to the operating system are most commonly attempts to illegally access data or violate user privacy for financial gain. However, a growing form of threat is from destructive programs from which there is no apparent gain. These exposures come from three sources:
i) Privileged personnel who abuse their authority. Systems administrators and systems programmers required unlimited access to the operating system to perform maintenance and to recover from system failures. Such individuals may use this authority to access users‘ programs and data files.
ii) Individuals, both internal and external to the organization, who browse the operating system to identify and exploit security flaws,
iii) An individual who intentionally (or accidentally) inserts a computer virus or other form of destructive program into the operating system.