Introduction Today we live in a world where technology is the way to go. Even in this century there are people that are still clueless on the operating system. It is different, exciting when a new and advance system comes out. But some of us are so confused when it comes to the basics of new technology. Operating systems are programs which manages the computer’s hardware. The systems provide a basic for the applications programs between the computer user and its hardware. When looking, there are so many different types of operating systems that are available. The four main operating systems that are used are Windows, Mac, UNIX, and Linux. For every computer there are many different items that make the system a whole. When it comes to the different operating systems there are different features available, even though when you think of computers a person might think security will all be the same but there are difference between each one. As you read more you will understand the security and the difference between a MAC, UNIX/LINUX and Windows systems and how each one works. Access control goal is to protect a resource from unauthorized access while facilitating seamless and legitimate use of such resources. Presently, each day users hold the need to access to those resources through a broad line of devices, such as PCs, laptops, PDA, smartphones and kiosks. Most organizations need to provide protection for their files and allow the correct people to access. The fundamental goal of an Access management system is to maintain confidentiality of user information and access, integrity of information control, availability of information and resources and accountability for knowing who holds the access to such information.

File Management
File management and file systems are a core part of the user experience for most users. They provide many essential and necessary functions for the user as well as almost anyone else working with a computer system. They provide anything from long term existence to the ability to create and delete stored data. Another benefit is the ability to share files between processes. This has streamlined new software creation because the program doesn’t have to be built as a standalone. This keeps programmers from having to reinvent the wheel every time they write a program making them cheaper and easier to write. This also saves disk space on the users system. The next benefit is structure which provides a hierarchy within a file system allowing for more complex structures.
A file system also provides a number of functions from the ability to create to the ability to write. File systems allow for the creation of files which means you can add new files to the system. The ability to create new files allows for the ability to organize and structure programs or data. This can allow for more complex structures.
It used to be when someone said anything about file management; the first thing that would come to mind is a metal container with four or five drawers in it. Now when someone mentions file management, they're most likely talking about any kind of electronic system that is used to put the files in order. Most people have used some form a file management system but don't even realize it. If you have save any kind of document on your computer whether you use a Microsoft Windows system or a UNIX/Linux Mac system, they both have file management systems available.
Microsoft's file management system turned out to be a lot better for the end user than the older DOS command line interface. The Microsoft's file manager allows for end users to print, move, delete, copy or rename files and folders on the computer. The end users can also add permissions to any file or folder that they create. That means that they can allow certain users to read, write or modify on the file or folders. File and folder management tasks are provided with every Windows folder. Hyperlinked tasks list will be displayed by the folders contents if you open it up. Once you pick a folder, you can click the task to allow you to do a number of things like delete it, copy, move or rename it. Files can also be sent out in an email or published on the web.
Unix/Linux File Management
UNIX/Linux uses the distinction of inodes to refer to files or segments of files on the system and uses pointers to indicate where the files are on the storage media. There are some slight differences between each version of Unix/Linux but we will not go into those differences in this paper and will only cover the basics of file management. No matter what version of Unix/Linux is being used the file structure and permissions do seem to be consistent with one another.
The use of inodes acts as a key or represents the file as a whole. So if there are 10 inodes then that means that they are all representing one file. The inode also represents any attributes that those files may have. The inode has file permissions, location, and where the file is on the storage media (Stallings, 2012).
By means of a file access control structure on the UNIX operating system, each individual user is given a user ID (special user identification number). Users on a UNIX operating system will be allocated to a main class and possibly a variety of classes that will be associated with a unique class ID. Whenever a user creates a file, it is indicated by the individual’s unique user ID along with the user’s main class ID. Each individual user's accessibility is managed by the administrator with a file access control security type structure. The administrator can manage the permissions of all three main classes; read, write, and execute. “Permissions that apply to a directory are distinct from those that apply to any file or directory it contains. The fact that a user has the right to write to the directory does not give the user the right to write to a file in that directory. That is governed by the permissions of the specific file. The user would, however, have the right to rename the file.” (Stallings, 2012).
The file managers’ function is to regulate all of the files on a system that is stored on the storage mediums. There are several tasks that the file manager must perform in order to manage these files. The file manager must be able to identify the unique naming conventions of the files in order to complete its tasks. The file manager must also be able to determine the location of the files, the sectors that make up the file on the storage medium, and the order of those sector that make up the file. It is important that the file manager work with the device manager and use effective algorithms for the read and write of files. The file manager also gives or denies access to files by users or programs. The file manager also is in cooperation with the process manager to allocate or de-allocate files to the processor. The last task is that the file manager provides easy commands that assist users and/or programs in file handling (Gallert, 2000).

SECURITIES

Linux has been deemed one of the most secure operating systems available to date. So what makes Linux one of the top secure operating systems? That is the question that we will be answering with this paper.
Starting with SELinux which was started by the NSA (National Security Agency) and had additions from several other groups such as Network Associates, Treys, and others.
Released as a set of patches in the beginning SELinux has molded its way into the Linux kernel as of kernel release 2.6. This was needed since in the early stages of SELinux it provided its own security framework which caused issues with GNU/Linux because it put Linux into single access-control architecture.
This created the LSM (Linux Security Framework). LSM provides the way that security models are implemented as loadable kernel modules.
So what actually makes SELinux such an enhanced security system? The ability to contain programs and daemons to just their bare needed access needs. This is all done through access control. MAC (Mandatory Access Control not Media Access Control) which is more secure than its counterpart DAC (Discretionary Access Control). But SELinux even went a step further by adding RBAC (Role Based Access Control). RBAC works with the roles each user and/or groups has assigned to their login. Linux also has several other security features that help make it on the most secure operating systems to date.
Chroot jail is another one of these functions.

Security of a system when you are open to the internet is paramount in the world of servers. Linux has many layers of ever evolving security in order to keep up with the world of attackers in cyberspace. This is one of the reasons that Linux is one of the most used servers for internet sites and has few viruses engineered towards it.
IP Tables

Developed by the Netfilter organization the IP tables package for Linux is an evolution of the IP chains which came from the IPv4 Linux firewall package. Paul Russel was the initial head author of the organization and also behind the IP chains project The Netfilter organization began to come together in 1999 and through collaboration and research recognized the shortcomings of the IP chains package and developed this new product in order to address these concerns and make needed improvements.
The improvements added to the new IP tables package helped improve performance and overall security. Better integration with the kernel led to improved speed and reliability but the true value came from the new security features. Stateful packet inspection allows the firewall to keep track of every connection passing through it allowing for better monitoring and can even view certain contents and attempt to anticipate actions of certain protocols. Also the ability to filter packets based on MAC address and TCP header flags help to prevent attacks using malformed packets. Even a rate limiting feature that is designed to eliminate some denial of service type attacks. These improvements have led to IP tables being the default firewall package for installed under RedHat and Fedora Linux systems.
Despite the work done to the IP tables package in order to improve it there are still vulnerabilities to be exploited. Vulnerabilities to denial of service and even an arbitrary filter rule issue have been exploited in the package.

Security for computers is one of the most important aspects of a system that has to be in place.

For this paper I will be writing about four security features that Linux systems use; these are SELinux,

chroot jail, openSSH, and iptables. I will briefly describe what they do to provide security.

SELinux (security enhanced Linux) was developed by the NSA, who chose Linux as its

operating system to create a more secure operating system. Since the development of SELinux by the

NSA most Linux distributions now implement SELinux as a standard. Traditional Linux systems use a

security called (DAC) discretionary access control. With these approach users and their objects, i.e., files

or processes run by the user have the same access as the user. So if an attacker got hold of an admin

account they would have complete control over any files or services that account runs or has access to.

SELinux uses (MAC) mandatory access control. With this, services and files are controlled by policies

saying what may or may not be done. MAC enforces these security policies that limit what users and

programs can do. Security threats coming from user errors, attackers, or software problems are limited

by MAC. SELinux has three modes that it can function in:

Enforcing- This is the default state where SELinux security policy is enforced, anything not permitted

by the security policy cannot be done.

Permissive- This is the diagnostic state, SELinux does not enforce the security policy but sends any

warnings to a log that can be reviewed to build a working security policy.

Disabled- No security policy is implemented.

On top of these modes there are three policies implemented by SELinux:

Targeted- This policy applies MAC controls only to certain or named processes.

MLS- This is multi-level security protection.

Strict- This policy applies MAC controls to all processes.

There are different types of Linux Security Technologies. Discretionary Access Control, SELinux (Security Enhanced Linux), chroot jail, and iptables are just a few. This paper is only going to discuss the latter three. Discretionary Access Control is the more traditional, however; DAC is not as secure and will not be discussed here.1
The U.S National Security Agency (NSA) is the organization behind the creation of SELinux. The NSA implemented a Mandatory Access control within the Linux Kernel. This MAC is named Flask.2
There are three main policies that SELinux uses to apply MAC. There is the Targeted, where the MAC controls will only be used for a specific process or processes, there is the Multilevel Security protection, and the Strict. The strict puts MAC controls to all processes. The targeted is not as secure as the strict, however; the targeted is easier to maintain. If one uses the strict, the administrator will have to customize the policy. Failure to do so could cause other users a significant problem in performing his or her assigned duties. 3
The main reason the MAC has been created are to help prevent security threats to a system. Threats from user errors, software flaws, and malicious users can be reduced by implementing MAC. MAC will only allow the user to do the processes permitted by the policies applied. 4

The next Linux Security Technology to be discussed in this paper is chroot. There was not a particular organization behind this security technology. This utility was introduced in Version 7 of UNIX in 1979.

With a world that is vastly growing in size so does our use for technology. With this use of technology come lots of potential threats and hazards. Our world today is ever so growing with its relationship with the internet or World Wide Web (WWW). Many places use the internet to access sites, software, music, book, and so forth, the list goes on. But with this advance in technology come lots of threats to consumers alike. Such as hackers, viruses, people who don’t know what they are doing, and even people who you may call your best friend. Threat comes in many shapes and sizes which is why operating systems such as Linux develop ways to keep your personal files safe from these unwarranted threats. Some of these measures include, but is not limited to; iptables, SELinux, chroot jail, TCP Wrappers, firewalls, PolicyKit, NX or No eXecute, PIE or Position Independent Executables, Netfilter, and the list goes on (“Fedora Projects” & Vepstas).
When a user first approaches Linux it looks similar to what a windows operating system would resemble. With Linux a user has the ability to access every file within the operating system through the use of a terminal or command prompt. Through the use of Linux programming potential threats can gain access to you file system and everything housed within it. Linux is free software that comes with many great security features that any user or administrator greater access and control over the system. The choice can be a bit much for most, but we will discuss a few of these choices here.
Security-Enhanced Linux also known as SELinux is a security program that was developed in partner by the National Security Agency or NSA and Red Hat Developers (“Fedora Project”). So what exactly is it that SELinux does? SELinux was designed so that the Administrator could enforce policies that will limit what a user or particular program would be able to access.