- Supervisory: A system routine, or highly privileged routine, is being executed by the system.
- Ready: Processing can be resumed for an application.
- Wait: A specific event must be completed before another process resumes.
- (Needs review: Problem: An application is being run by the system.(?))
Blog
-
Operating System States
-
Control Objects for Information and Related Technology (COBIT)
Control Objects for Information and Related Technology (COBIT)
- can be used to as the basis for internal and external security audits.
- determines the security mechanisms to be implemented for a system.
-
ISO / IEC 27001:2005
ISO / IEC 27001:2005
- can be used for certifying a company’s ISMS and making comaprisons to other companies’ ISMSs.
- Defines a company’s ISMS and how it’s structured, controlled, run, and maintained.
-
ISO / IEC 27002
ISO / IEC 27002
- Defines the way in which security mechanisms should be run
- Provides guidelines for ensuring that security controls are consistent with industry best practices
-
Information Technology Security Evaluation Criteria (ITSEC)
Information Technology Security Evaluation Criteria (ITSEC) involves evaluation assurance by reviewing the development practices, documentation, configuration management and testing mechanisms of a system. Also, it provides separate ratings for functionality and assurance.
-
Trusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria aren’t a good evaluation tool for commercial systems, because it’ won’t address the issue of data integrity. It evaluates the security policy and assurance levels of a system.
-
Active and passive protection types
Active
- Prevents any unauthorized access to objects
- Includes mechanisms for memory protection
Passive
- Prevents the unauthorized disclosure of information
- Includes the use of cryptographic techniques
-
Questions for potential cloud data storage
- What are the points of exposure for data flowing in and out of the cloud?
- How critical is the data to be used within the cloud to the organization’s operations?
- What data is being considered for use in the cloud?
- Should the organization adopt a private or public cloud?
-
Security issues in grid computing
- The grid’s quality of service needs to remain at a level acceptable to users.
- Host machines on the grid shouldn’t be over-utilized to the extent that their local clients are denied service.
- Trust levels need to be managed when new grid members join, or existing depart.
-
Fire prevention, suppression and detection
Prevention
- Use non-flammable building materials
- Conduct training on how to respond when a fire occurs
Suppression
- Use portable fire extinguishers
Detection
- Install heat-detectors
- Install ionization smoke detectors