TELKOM
NIKA Indonesia
n
Journal of
Electrical En
gineering
Vol. 13, No. 2, Februa
ry 20
15, pp. 387 ~ 398
DOI: 10.115
9
1
/telkomni
ka.
v
13i2.705
9
387
Re
cei
v
ed
No
vem
ber 1
9
, 2014; Re
vi
sed
Jan
uar
y 5, 20
15; Accepted
Jan
uary 23, 2
015
Dynamic RWX ACM Model Optimizing the Risk on Real
Time Unix File System
P. K. Patra, P. L. Pradhan*
Dept. of CSE Centra
l Institute of
T
e
chnol
og
y, CSVT
U, Raipur, CG, India
*Corres
p
o
ndi
n
g
author, e-ma
i
l
: citrprcs@redi
ffmail.com.
A
b
st
r
a
ct
T
he preve
n
tive
control is o
ne
of the w
e
ll adv
ance co
nt
rols f
o
r recent sec
u
r
i
ty for protectio
n
of data
and serv
ices from th
e unc
ertainty. Becaus
e, incr
eas
in
g the importa
nc
e of busi
ness,
commu
n
ic
atio
n
techno
lo
gies
a
nd
grow
ing
th
e exter
nal
risk
is a
very c
o
mmo
n
p
h
e
n
o
m
e
n
o
n
n
o
w
-
a-days. T
h
e
sys
tem
security risks put forward to the
ma
nag
e
m
e
n
t focus
on
IT
inf
r
astructure (O
S). T
he top
ma
nag
e
m
ent
has
to
deci
de w
hethe
r to accept ex
pected l
o
sses
or to invest
in
to technica
l se
curity mec
h
a
n
i
s
ms in
order t
o
m
i
nim
i
z
e
the fr
equency
of at
t
a
cks, thefts as
well as
unc
ertainty. Th
is
work contributes
to
the development
of an opti
m
i
z
at
ion
mo
del that
ai
ms to deter
mine the o
p
ti
mal
cost to be invested into sec
u
rity mec
h
a
n
is
ms
deci
d
in
g on the
meas
ure co
mpon
ent of
UF
S attribute. Our mo
de
l shou
ld b
e
desi
gn in suc
h
w
a
y, the Read
,
W
r
ite & Execu
t
e auto
m
atic
all
y
Pr
otected, D
e
tected a
nd
C
o
rrected
on
R
T
OS. W
e
have to opti
m
i
z
e
t
h
e
system attacks
and
dow
n ti
me by i
m
ple
m
en
ting RWX AC
M mec
h
a
n
is
m
base
d
o
n
se
mi
-grou
p
structur
e,
me
an w
h
il
e i
m
provi
ng the thr
oug
hp
ut of
the Busin
e
ss, Res
ources & T
e
ch
nol
ogy.
Ke
y
w
ord:
rea
d
w
r
ite exec
ut
e, Unix
file
sy
stem, acc
e
ss
c
ontrol
mech
a
n
is
m, prev
enti
v
e d
e
tect corr
ective
control, risk mitigati
on,
real ti
me oper
atin
g system
Copy
right
©
2015 In
stitu
t
e o
f
Ad
van
ced
En
g
i
n
eerin
g and
Scien
ce. All
rig
h
t
s reser
ve
d
.
1. Introduc
tion
The re
al time
operating system is a
colle
ction of
hard
w
a
r
e, software & a
p
p
licatio
n
that mana
ge
s
system
re
sou
r
ces an
d
provid
es
c
o
mmon se
rv
ic
es
f
o
r re
sou
r
ce
s,
pro
g
ra
m,
appli
c
ation &
use
r
s. Th
e
operating
system is
an e
s
sential
com
p
onent of
the system software
(sh
e
ll, file & kernel
) in
com
puter
system.
The
hi
gh lev
e
l lang
uag
e (appli
c
ation
progra
m
s) u
s
ua
lly
requi
re
s an operating sy
stem
to
function. The tim
e
-sha
ring
op
erating
sy
ste
m
s
sched
ule
&
resch
edul
e ta
sks fo
r effici
e
n
t use of th
e
internal
utilities th
at may
also
in
clude
auditing
sy
stem
softwa
r
e for
reso
urce & co
st allocation
of pro
c
e
s
sor
and mem
o
ry
time, mass
st
orag
e, printin
g
and othe
r re
source
s [4-5].
There are variou
s ki
nd
s of
preventive control availa
b
l
e
and impl
e
m
ented o
n
o
peratin
g
system to p
r
otect ou
r IT assets fo
r ex
ternal
& internal ha
cker. T
he PDC mod
e
l & Mech
ani
sm
traditionally prevent
the
core comp
o
nents of
OS
. The proce
s
sor & m
e
m
o
ry is th
e core
comp
one
nt o
f
any type’s ope
rating
system. The
pro
c
e
s
sor
an
d kern
el is
fully function
al
depe
nden
cy
on ea
ch othe
rs, but file an
d shell i
s
the
comm
uni
cati
on co
mpon
en
ts of the OS. We
can imp
r
ove t
he perfo
rma
n
c
e of OS by updating the
ke
rnel time to time. Kernel is the Nucl
eu
s of
the operating
system [6-7].
Archite
c
ture of the Operating System:
Figure 1. Internal Stru
cture
of RTOS
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 13, No. 2, Februa
ry 2015 : 387 – 398
388
The
ope
ratin
g
System
con
t
rol i
s
a
step
by step
pr
oc
es
s o
f
s
e
c
u
r
e
ly c
o
n
f
ig
ur
in
g a s
y
s
t
e
m
to prote
c
t it
again
s
t un
aut
hori
z
ed
a
c
ce
ss, m
ean
whi
l
e takin
g
ste
p
s to m
a
ke t
he sy
stem m
o
re
reliabl
e. Gen
e
rally anythin
g that is don
e in t
he nam
e of system. Prevent
ive co
ntrol en
su
re
s the
system is
se
cure, reli
able a
nd high avail
able for
high
IT culture. O
peratin
g syst
em cont
rol is
the
pro
c
e
ss to a
ddre
s
s securi
ty weakn
e
sses in op
er
ation syste
m
s
by implem
ent
ing the latest
OS
patch
es, hot f
i
xes and
upd
ates a
nd req
u
ired m
ana
g
e
ment p
r
oce
dure
s
a
nd po
licie
s are app
ly to
redu
ce attacks and syste
m
down
time
men while
increa
se th
e throu
ghp
ut of the syst
em.
Preventive co
ntrol of
the
o
perat
in
g
syst
ems is the
first
step to
wa
rds
safe
gua
rdi
ng
system
s f
r
om
intrusi
on. Th
e workstation
s
, appli
c
ation
s
, netwo
rk
a
n
d serve
r
s typically ar
rive from the vend
or,
installe
d with
a multitude of developm
ent tools
an
d
utilities, whi
c
h altho
ugh
benefi
c
ial to the
use
r
, also p
r
o
v
ide potential
back-d
o
o
r
acce
ss to the sy
stem
s [8-10].
2. Existing C
ontrol for
th
e Risk Op
tim
i
zation
2.1. Prev
entiv
e
Controls [
6
-7
], [10
]
Preventive control
s
a
r
e i
m
pleme
n
ted
to stop
the loss
related to a
risk
from occ
u
rring
whe
n
the risk situatio
n prese
n
ts itself,
the preventi
v
e contro
l
ki
cks in and p
r
event the lo
ss.
Preventive te
chni
que
s a
r
e
the mo
st co
mplete form
of stop l
o
ss
control, be
ca
use
the lo
ss is
prevente
d
by
their
natu
r
e.
The
r
e
are
costs a
s
so
ci
ated
with p
r
ev
entive c
ontro
l that mu
st b
e
con
s
id
ere
d
to get the ful
l
picture of the im
pa
ct to
the busi
n
e
s
s. Preventio
n
can m
ean t
h
e
contin
uou
s cl
ose
examin
ation
of ea
ch case, per
fo
rmi
ng o
n
an
alysis for the
ri
sk co
ndition
an
d
stoppi
ng the
risk
whe
neve
r
it is i
dentifi
ed. Th
i
s
can
be mo
re
expen
sive way to co
ntrol th
an
simply en
abli
ng the p
r
o
c
e
ss to p
e
rfo
r
m
,
identif
ying erra
nt excepti
ons
after the
y
have occu
rred
and takin
g
them out of the pro
c
e
ss
stream for co
rrective action
in due co
urse of time.
While
attempting to
prevent e
r
rors
whe
never it
is
co
st
effect
ive to do
so,
many p
r
od
uct
i
on lin
es in th
e
manufa
c
turi
n
g
se
ctor
also
use d
e
tectiv
e techni
que t
o
wee
d
out
errors, whi
c
h
is a mo
re cost
effective
way of
deali
ng wit
h
all of
the po
ssi
ble per
mut
a
tions of e
r
ro
r
conditio
n
s that may exi
s
t in
the
p
r
o
c
e
ss. The altern
ative
of
buil
d
ing
preventative
co
ntrol
s
fo
r
each
scena
ri
o would
be
cost
prohi
bitive. T
he m
onitori
ng & m
anagement of
the preventive
control
s
also
will need to
be
con
s
id
ere
d
when dete
r
mini
ng wh
at
is be
st for the bu
si
ness.
2.2. Dete
ctiv
e Con
t
rols [6
-7], [10]
Dete
ctive co
ntrols a
r
e u
s
ed in
situatio
ns
whe
r
e
it is more imp
o
rt
ant to un
de
rstand that
some
thin
gs
have h
app
en
ed that
it was to p
r
event f
r
om h
appe
nin
g
. In
some
case
s, a
dete
c
tive
control
will ensure that a
desi
r
abl
e event did ind
eed occur, prov
iding feedback
t
hat the process
is
workin
g a
s
intend
ed. Evaluation
of th
e dete
c
ti
ve control
s
req
u
ire
prov
ing th
a
t
the dete
c
tio
n
occurs with
a high de
gre
e
of accuracy and reliabi
l
i
ty. When it is impo
rtant to detect that
an
action
ha
s o
c
curred, it
wi
ll be eq
ually
importa
nt
to
rely on th
e control to
not
miss any vali
d
occurre
n
ces whe
r
e that
detection
should b
e
ta
king pl
ace
and to flag
only those
valid
occurre
n
ces
of predefin
ed
interest. To asse
ss the
s
e
control
s
, we
will need to unde
rsta
nd the
trigge
r event
and the
me
chani
sm u
s
ed
to identify i
t. The ri
sks
associate
d
with
detective
con
t
rol
are the risk
of not k
n
owing a s
i
tuation or event
has oc
curred .If this
failu
re to
detec
t
happens
regul
arly, the
control
cann
o
t
be a
s
sesse
d
as defe
c
tive. Whe
n
eval
uating the
co
st-be
nefit for
this
control type, we mu
st re
view wh
at h
appe
ns to
th
e pro
c
e
s
s if the events o
r
situatio
n is not
detecte
d an
d then a
s
se
ss th
e cost
s of this
scenari
o
ag
ain
s
t the cost
of developi
ng,
impleme
n
ting
and mai
n
tai
n
ing the
co
ntrol. A
ll syste
m
based lo
g
s
autom
ated
gene
rate o
n
the
developm
ent & produ
ction
serve
r
.
2.3. Correc
t
i
v
e Controls [
6
-7
], [10
]
A
co
rre
ctive control
fixes errant situati
ons
or event
s a
s
th
ey a
r
e
identified. It
assume
s
some
amo
u
n
t
of detection
is inh
e
re
nt in it
s mi
ssio
n
of fixing out-of-b
ond
s
co
ndition
s. The
s
e
controls
a
r
e useful whe
n
simple co
rre
ctions
ar
e ea
si
ly found and
fixed a
proce
ss
without lot
o
f
risk a
nd
co
m
p
lexity. The risk of n
o
t fin
d
ing
and
fixing the
s
e
ite
m
s m
u
st
be
con
s
id
ere
d
when
asse
ssi
ng th
e total cost
and b
enefit
of su
ch
a control. It will
need to
be
determi
ned
that
corre
c
tive act
i
ons a
r
e p
o
ssible a
nd p
e
rformed a
c
cu
rately to the satisfactio
n
of the pro
c
e
ss
in
orde
r to dra
w
co
ncl
u
si
on
s that
these
kind
s of co
ntrols
are ef
fec
t
ive. Determ
ining what is
acceptable in term
s of
corrective
actions will
be part
of
this proc
ess. T
h
ose
sit
uations that
are
not caug
ht a
nd fixed th
at
do n
o
t re
quire att
ention
will need
to b
e
identified
an
d examin
ed f
o
r
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
Dynam
ic RWX ACM Mode
l Optim
i
zing the Ri
sk o
n
R
eal Time Unix File Sy
s
t
em (P. K.
Patra)
389
false
po
sitive and
false
ne
gative impli
c
a
t
ions.
Comp
a
r
ing thi
s
co
ntrol to on
e that
preve
n
ted th
e
need fo
r co
rrection in th
e first pla
c
e m
a
y be valid
assessment whe
n
evaluating wheth
e
r
the ri
ght
kind
s of
co
ntrols are em
pl
oyed to mitig
a
te ri
sk i
n
a
pro
c
e
ss.
The
co
st to fix al
ong
with
co
st to
identified o
r
cost to p
r
eve
n
t all will
no
w n
eed to
be
part of the cost
b
enefit analy
s
i
s
. The
PC,
DC,
CC & Hig
h
Availability are a great
servi
c
es to dat
a & service
s
all the
time in aroun
d the globe.
Figure 2. PDC Preventin
g Data & Services
3. Data
Collection
Base
d on
Existin
g
Control (RTOS DATA)
There are n
u
mbe
r
of prev
entive co
n
t
rol metho
d
s desi
gn an
d
develope
d
as p
e
r
requi
rem
ent
of the se
cu
re com
puting
to achiev
e t
he de
sired l
e
vel of org
a
n
izatio
n obje
c
tive.
There are fe
w method
s
develop
ed b
a
se
d on UN
IX server a
n
d
system progra
mming.
The
preventive co
ntrol is inve
rsely propo
rtional to the Risk
[4-5], [8-9].
Table 1. Sam
p
le of RTOS
UFS Data Collectio
n
SN
SYSTEM FILES
A
C
TI
O
N
PL
A
N
REM
A
RKS
1
/etc/sy
s
tem
Can be upd
ate t
he kernel & n-bit
processor
Can be i
m
pr
o
v
e th
e
sy
st
em
p
e
r
f
o
r
ma
n
c
e
KERNEL
2
/etc/hosts
Develop the scripts: allow
/
disallow as per
polic
y
,
chimed
000= /etc/nnn-m
a
rk disallow
P
r
ev
en
t
a
t
i
v
e
con
t
r
o
l
[ H, M, L
]
Can be i
m
pr
o
v
e th
e
s
y
s
t
e
m
securi
t
y
3
/etc/services
Disable the third parti
es services. Remove the ft
p, http,
telnet, port no, printer, IP
services. Those services are
not require
d.
pre
v
en
tati
v
e
co
ntrol
[ H, M, L ]
Can b
e
i
m
p
r
o
v
e th
e sy
st
em
securit
y
4
/use/bin/rash,
etc/pam.conf
Disable all remot
e
services:
chmod 000 /usr/bin/rsh, rksh,
rcp, ipcs, ruser, rlogin, uptime.
P
r
ev
en
t
a
t
i
v
e
con
t
r
o
l
SHELL
5
/var
y
/
dam/m
essage
Date & time stamp ( DC: event
mg
mt)
Intern
al au
dit
p
u
rpos
e
D
e
t
e
ct
i
v
e
co
n
t
ro
l
6
/etc/r
c.conf scr
ipt
Run level scr
ipt
Run level script have to
develo
p
as pe
r r
equir
e
ment.
/etc/init.conf,rc2.d exam
ple: htt
p
d
_
flags="NO"
pre
v
en
tati
v
e
co
ntrol
[ H, M, L
]
7
/etc/init.conf
OS
services, run level
P
r
ev
en
t
a
t
i
v
e
con
t
r
o
l
8 etc/ssh
/ssh
d_c
onfi
g
CKM file
s
y
ste
m
Au
t
o
m
a
t
e
d
C
o
n
t
r
o
l
Cr
y
p
t
ogra
p
h
y
enable thro
ug
h
ssh
impl
eme
n
tati
on
A
E
S
:
256
bits c
h
ipp
e
r
aes256-c
h
r.ss
h-
ke
y
gen -
b
1024
-f /etc/ss
h
_h
ost
_ke
y
-
n '' chm
od -
- - /
e
tc/ssh
/ssh_
c
o
n
fig
pre
v
en
tati
v
e
co
ntrol
n=1024, 204
8, 4
096
chime
d
r
w
x (i. e. 4
2 1
)
– blank
is n
o
thi
n
g
[ H, M, L
]
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 13, No. 2, Februa
ry 2015 : 387 – 398
390
4. Existing in UFS Problem
As per ab
ove
data colle
ction,
the automated co
ntrol
(PDC) is
not available of the re
cent
RTOS. Th
ere is g
r
eat
risk on th
e corrective a
c
tion
& rea
c
tion
on file sy
ste
m
, applicatio
n &
resou
r
ces o
n
this cu
rrent secu
rity age. The mu
ltiple
Relatio
n
, Fun
c
tion, Ope
r
ati
on and Se
rvice
s
is h
appe
ning
over
a mul
t
iple clie
nts,
bu
si
ne
ss,
a
pplication a
n
d
re
so
urce
s on a
comp
lex
hetero
gen
eo
us IT infrastructure for all
the time
& every time. The
r
efore, re
sou
r
ce
confli
cts a
r
e
the bigge
st issue ove
r
a co
mplex netwo
rk, platform an
d use
r
appli
c
ation.
5. Proposed
D
y
namic R
W
X ACM Mo
del for Risk
Optimiza
tion
This pa
per
contri
bute
s
to the define
and
devel
op
ment of an o
p
timal model
that our
obje
c
tive to determin
e
the minimal cost,
quality & time to be invested into the risk a
s
se
ssm
e
n
t
and ma
nag
e
m
ent on the
measure co
m
pone
nts of
Unix file syst
em
attribute
s
(Re
ad, Write &
Execute). Th
at’s why we
are calling
as
it
RWX
model
for
system
ba
se
d ri
sk a
nalysis.
Furthe
rmo
r
e,
this mech
an
ism optimi
z
e
the co
st,
time & reso
urce
s is supp
ose
d
to redu
ce the
system
attack, down time and vu
lnerabilities. We have
to
optimi
ze the technology &
resource
co
st and max
i
mize
s the bu
sine
ss (throu
ghput). We h
a
ve to protect
our data an
d
services to o
v
er
a multiple bu
sine
ss, resou
r
ce
s & tech
no
logy on all the time (24 x 7 x 52).
Figure 3. Techn
o
logy, Busine
ss & Re
source
s Preve
n
ting Data & Service
s
We
have to
implem
ent
our idea
ba
sed
o
n
the
S
E
MIGRO
U
P
(iso
morphi
sm
graph
)
theory, how t
he ope
rating
system optim
izing a
s
per
our bu
sin
e
ss requi
rem
ent. Our obj
ective
is
that maximize our b
u
si
ne
ss
(thro
ugh
p
u
t) and mi
ni
mize
s ou
r te
chn
o
logy & reso
urce
s cost and
time.
5.1. Define
We have to
desi
gn & develop this o
p
timization m
e
thod ba
se
d o
n
Semi grou
p. Like a
semi
gro
up i
s
a set
with a
binary o
p
e
r
ati
on but the
r
e i
s
no
re
quire
ment for
an i
n
verse fun
c
ti
on o
r
an identity elements. In order to be a semi grou
p,
a set of object
s
plus an ope
ration, must obey
the follo
wing
axioms. A
se
mi group
is importa
nt whe
n
we a
r
e l
o
o
k
ing at
co
set
s
.For
all r,
w, x
€
S, the equation ( r. w ) . x = r . (w. x) holds. Fo
r a
ll p
,
d, c € S,
the equation ( p
. d ) . c = p .
(d .
c
)
holds
[1-3].
PDC:
Asso
ciativ
e L
o
w: (P U D
)
U C = P U (
D
U C), (P
∩
D)
∩
C
= P
∩
( D
∩
C)
Distri
butiv
e L
o
w: P U (D
∩
C)
= (P U D
)
∩
(P U C), P
∩
(D U C
)
=
(P
∩
D) U
(P
∩
C)
RWX
:
Asso
ciativ
e L
o
w: (R
U W
)
U X = R U (
W U X) , (R
∩
W)
∩
X =
R
∩
( W
∩
X)
Distri
butiv
e L
o
w: R U
(W
∩
X) = (R
U W
)
∩
(R
U X), R
∩
(W
U X)
= (R
∩
W)
U (R
∩
X)
Let us con
s
i
der
R={P, D, C} & M={
R
, W, X ).
It
i
s
eas
y
to verify that the f
o
llowing
operation tabl
es give Semi
Grou
p Stru
cture
s
for R &
M respe
c
tively.
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
Dynam
ic RWX ACM Mode
l Optim
i
zing the Ri
sk o
n
R
eal Time Unix File Sy
s
t
em (P. K.
Patra)
391
We have
to
maintain
th
e seq
uen
ce
a
s
follows:
1
st
we have
take
care
of the
Prevent, 2
nd
Dete
ct, then
Co
rre
ct. Th
ese th
ree
pa
ramete
rs sho
u
ld be
sati
sfied a
c
cordi
n
g
to our
data
&
servi
c
e
s
for b
e
tter perfo
rm
ance & high secu
rity.
The
High Availability is
Risk Mitigation.
[K=PC+DC+CC ].
We
can optimize the ri
sk
factor by he
lp of these
six eleme
n
ts. A
ll these sixe elem
ent
s dep
end
o
n
each othe
rs.
Availabilities i
s
the main
co
nce
r
n am
ong
the all of them.
As pe
r bu
sin
e
ss & re
so
urce m
anag
em
ent the PDC
& RWX M
o
d
e
l and
Mech
anism
are
very well suit
ed for multipl
e
RFOS & Te
chn
o
logy in a
r
oun
d the glo
be on 24 x 7 x 52 pattern.
5.2. Design
This isomo
r
p
h
ism
sets
of elem
ents a
r
e eq
ually
sat
i
sfying to
the
tran
sitive, u
n
ion
of,
asso
ciative, d
i
stributive &
compo
s
ition
a
nd Sum
of all
for th
e
Risk
Mitigation. We are p
r
op
osi
n
g
this ide
a
ba
sed on
directe
d
graph th
eory as follo
ws
.
We h
a
ve to d
e
sig
n
an
d de
velop the
se
curity
& reliability policy for our
compl
e
x
IT infrast
r
ucture.
We have to
find out the best
solution to
applying st
ep
by step of algorithm, meth
od, model
& mech
ani
sm. We have to d
r
aw two identi
c
al
dire
cted g
r
a
p
h
one fo
r P
D
C & an
other for
RWX.
Th
e
both of the
s
e two di
re
cte
d
graph
wo
rking
for high avail
ability on 24 x 7 x 52 pattern in
around the security wo
rld as follows [1-3].
Figure 4. (a) [
P
DC]
Figure 4. (b) [
R
WX]
We can find the com
p
o
s
ition of the table as follo
w:
Table 2. (a
) [ PDCA ]
Table 2. (b
) [ RWXA ]
X
P
C D A
X
R W
X
H
P
P
C D A
R R W
X
H
C
C
P
A
D
W
W
R
H
X
D
D
A P C
X X H
R
W
A
A
D C P
H H X
W
R
Associative law: Multiplic
ation is a
s
so
ciat
ive in G, sin
c
e
asso
ciative
law hol
ds i
n
case of
matrix
multipli
cation: (PC) D
=
P (CD) Where
A
=
Availability, H=
High Ava
ilabil
i
ty. Let us onsider
R={P,D,C} & M=
{R, W,
X). It is
eas
y
to verify
that the followin
g
ope
ration t
able give
s S
e
mi
Grou
p Stru
cture
s
for
R & M respe
c
tively. AN
ISOMORPHISM G
R
APH in Between M & R, f(p) =
1, f(d) =
6, f(c) =
8,f(a)
=
3, f(c
)
=
5, f(i) =
2,
f(a.t) =
4, f(h) =
7
.
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 13, No. 2, Februa
ry 2015 : 387 – 398
392
Figure 5(a
)
Figure 5(b
)
5.3. Dev
e
lop
m
ent (Fu
n
cti
on)
We have to
move forward
to finding alternate
solutio
n
and alg
o
rith
m for risk opti
m
ization
on semi
-group
method.
T
h
is scalabl
e compl
e
x
se
m
i
group m
e
thod definitely will be solve
our
risk
a
nd se
cu
rity
issue on compl
e
x
real time
syste
m
f
o
r m
u
ltiple
cli
ent ap
plication, bu
sine
ss a
n
d
resou
r
ces
available fo
r m
u
lti- lo
cation
on any ti
me
arou
nd th
e cl
ock. We
hav
e to optimi
z
e
the
RTOS s
t
ep by s
t
ep as
follows
:
Table 3. [ DPC ->RWX ] Model-1.a Pre
v
ention on Write Acce
ss DCP Verses
RWX
* D
C
P
*
R
W
X
D
D
C
P
R X
R i
C C
P
D
W
R
X
P
P
D
C
X S
X R
No
w write a
c
ce
ss is p
r
eve
n
tive stage. Prevention i
s
b
e
tter than cure.
Diag
onal vie
w
(
P-P
-
P=W-W-W) BUSI
NESS OWNER
et us
consi
der th
at: f(D)=W,
f(C)=R, f(P)=X.
No
w, re
pla
c
in
g the fu
nctio
n
in
R by th
ei
r
ima
g
e
s
an
d
rea
r
rangi
ng t
he tabl
es,
we
obtain
exactly the t
able fo
r M. T
hus R &
M
are I
s
om
orp
h
i
c. The
r
efo
r
e,
this m
odel i
s
called
“
SE
MI-
GROUP as well as
ISOMORP
H
I
C
MO
DEL ON SYSTEM SECURITY FOR
RISK
OPTIMIZATION”. Then we can move f
o
rwards
to the NEXT OPTIMIZED LEVEL as follows.
Table 4. [ PDC ->RWX ]
Model
-1.b Detection on
Write Acce
ss PDC Verse
s
RWX
* P
D
C
*
R
W
X
P C
P
X
X
R
IS
D P
M
C
W
R
X
C D
C
P
R
S
X
R
OPTIMIZED LEVEL NOW WRITE ACCESS IS
DETECTIVE STAGE,
Diagonal view (D-D-D=W-W-W) B
U
SINESS OWNER
D
W
P
P
P
W
W
W
D
D
W
W
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
Dynam
ic RWX ACM Mode
l Optim
i
zing the Ri
sk o
n
R
eal Time Unix File Sy
s
t
em (P. K.
Patra)
393
Table 5. [ DPC ->RWX ] Model-1.c Co
rr
ection o
n
Writ
e
Acce
ss DCP Verse
s
RWX
* D
C
P
*
R
W
X
D P
D
C
X
X
R
S
C D
E
P
W
R
X
P
C
P D
R
I
X R
NO
W
WRITE ACCESS
IS CORRECT
I
VE STAGE.
Diag
onal vie
w
(
C-C
-
C
=
W-W
-W
)
BUSINESS OWNE
R
Figure 6. Writ
e
Activities
This g
r
a
phi
ca
l rep
r
e
s
entati
on sho
w
that, WRITE
ACCESS
is p
r
e
v
ented, dete
c
ted and
c
o
rrec
ted automatic
a
lly.
Table 6. [ DCP ->RX
W ] Model 2.a PREVEN
TION
ON EXECUT
E ACC
ESS DCP Verses
RXW
* D
C
P
*
R
W
X
D
D
C
R W
R
C C
P
D
X
R
W
P
D
C
W
W R
NOW EXECUTE ACCES
S
IS
PREVE
NTI
VE STAGE (ANY
BODY, ANY WHE
R
E &
ANY TIME
PREVENTION IS BETTE
R THA
N
CURE. Diagonal view (
P-P-P
=
X-X-X
) OT
HE
R.
P
P
P
X
X
W
C
I
C
C
W
W
X
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 13, No. 2, Februa
ry 2015 : 387 – 398
394
Table 7. [ PDC ->RX
W ]
Model:2.b DETECTION O
N
AUT
H
ENTI
CATION PDC Verse
s
RX
W
* P
D
C
*
R
W
X
P C
P
R
I
R
D P
C
X
R
S
W
C
C P
W
W R
OPTIMIZED LEVEL, NOW EXECUTE ACCESS IS
DETECTIVE STAGE. Diag
onal view (
D
-
D-
D=X
-
X-X
) OTHE
R.
Table 8. [ DCP ->RX
W ] Model: 2.c CORR
ECTIO
N
ON AILABILITY DCP verses RX
W
* D
C
P
*
R
W
X
D P
D
R
W
R
C D
P
X
C
CC
I
P
P D
W
i C
NOW EXECUTE ACCESS IS CORRE
CTIVE STAGE,
Diagonal
view (C
-C-C=X-X-X
) OT
HER
Figure 7. Execute Activities
This
gra
phi
ca
l rep
r
e
s
entati
on sho
w
that
,
EXECUTE ACCESS
is prevente
d
,
d
e
tected
and corre
c
ted
on the obje
c
ts in automate
d
way.
Table 9. [ DCP ->WRX ] Model:3.a PREVEN
TION ON REA
D
ACCESS DCP Verses
WRX
* D
C
P
*
W
R
X
D
D
C
W X
W K
C C
D
R
W
X
P
D C
X
X
W
NO
W
RE
AD ACCESS
IS
PREVENTIVE STAGE. P
R
EVENTION IS BETTER
THAN
CU
RE.
Diag
onal vie
w
(
P-P
-
P=
R-
R-
R)
BUSI
NESS OWNE
R
P
P
P
R
R
R
X
D
D
D
X
X
X
X
C
C
C
X
X
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
Dynam
ic RWX ACM Mode
l Optim
i
zing the Ri
sk o
n
R
eal Time Unix File Sy
s
t
em (P. K.
Patra)
395
Table 10. [ PDC ->WRX ] Model:3.b DE
TECT
IO
N MATRIX ON READ ACCES
PDC Verse
s
WRX
* P
D
C
*
W
R
X
P C
P
W X
W K
D P
C
R
W
X
C
C
P
X
X W
OPTIMIZED LEVEL DETECTING THE
READ ACCE
SS .
Diag
onal vie
w
(
D
-D
-D
=R-R
-R
)
BUSI
NESS OWNE
R
Table 11. [ DCP->WRX ] Model: 3.c CORREC
TIO
N
THE CO
NFI
D
ENTIALITY
DCP Verse
s
WRX
* D
C
P
*
W
R
X
D P
D
W
X
W
K
C D
P
R
W
X
P
P D
X
X
W
NOW READ
ACCESS IS
CORRECTIVE
STAGE Diagonal view (C-C-C=R-R-R)
BUSI
NESS
OWNER
Figure 8. Rea
d
Activities
This g
r
a
phica
l rep
r
esentati
on shows tha
t, READ is p
r
evented, det
ected
and
co
rre
cted
automatically. This is the
dynamic life cy
cle of
PDC & RWX based o
n
the semi-group,
isomo
r
p
h
ic &
directe
d
gra
ph theory. When
RWX op
timization techniqu
e appli
ed on OS, the
spa
c
e
& time complexity of Pro
c
e
s
so
r, Memo
ry a
nd u
s
e
r
s det
ails
can
be
detecte
d by
OS
system p
a
ra
meters is already define
d
in ex
isting risk a
s
se
ssm
ent method
on file syste
m
(
/var/adm/messages), then we
can fix up the
unix
file system
(UFS
) as per avail
ability of
techn
o
logy, reso
urce
s and
busin
ess req
u
irem
ent.
In this way we can dynami
c
al
ly optimize o
u
r
techn
o
logy & busi
n
e
ss ri
sk.
We ca
n con
c
lud
e
that
from
the abo
ve
optimization mo
del th
e op
eratin
g
syste
m
comp
one
nts
are the
shell
,
file, proce
s
sor, me
mory
& encryptio
n key have
to take high
est
prio
rities
of the Preve
n
tive, Dete
ctive and
Corre
c
tive, action
plan
, which is
sh
own i
n
the m
ode
l
1, 2 & 3
re
sp
ectively. In this
way, we
can im
p
r
ove t
he pe
rfo
r
man
c
e &
se
cu
rity of the hi
gh
e
n
d
READ, WRI
T
E and EX
ECUTE attri
butes fo
r th
e tech
nology
, busin
ess
& resource
s.
The
preventive co
ntrol will be f
a
cilitate an
d resolve t
he va
riou
s issue
when it spa
n
s
several job
s
and
appli
c
ation
s
are
runni
ng
simultan
eou
sly un
d
e
r h
e
teroge
neou
s
com
p
lex ba
se
d
we
b
D
D
D
R
R
C
C
C
R
R
R
R
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 13, No. 2, Februa
ry 2015 : 387 – 398
396
infrast
r
u
c
ture
(B2B, B2C, P2P, G2G ) in ar
o
und t
he we
b wo
rl
d. These ab
ove optimizat
ion
model
s will b
e
very helpful for Instructio
n leve
l parall
e
lism for hig
h
end com
puting. We hop
e this
theoreti
c
al
an
d expe
rime
ntal ide
a
will b
e
very
m
u
ch
help to
the
p
a
rallel
comp
u
t
ing environm
ent
to optimize t
he ope
rating
system
software ri
sk.
We
can imp
r
ove
our ri
sk
opti
m
ization m
o
d
e
l
that, which
wi
ll be help to the risk ma
na
gement on o
p
e
rating
syste
m
.
5.4. Brief
Summar
y
of the D
y
namic RWX ACM Mo
del
Table 12. Life
Cycle of PDC & RWX Op
eration
MO
DEL ST
A
G
E
DESCRIPTI
O
N
A
C
TI
O
N
PL
A
N
Model
-
1.a
Model
-
1.b
Model
-
1.c
1
s
t
Round: on
Wr
ite Access
Diagonal view
(P
-P-P=W-W-
W)
Diagonal view (D-D-
D
=W-
W-
W)
Diagonal view (C-C-
C
=W-
W-
W)
Preventive Contr
o
l on Write Access
Detective Control
on Write Access
Corrective contro
l on Write Access
Model
-
2.a
Model
-
2.b
Model
-
2.c
2
n
d
Round:
Execute
Access
Diagonal view
(P-P-P-X
-X-
X)
Diagonal view
(
D
-D-
D
= X-X-
X)
Diagonal view
(
C
-C-
C
= X-X-
X)
Preventive Contr
o
l on Execute Ac
cess
Detective Control
on Execute Access
Corrective contro
l on Execute Access
Model
-
3.a
Model
-
3.b
Model
-
3.c
3
r
d
Round:
Read Access
Diagonal view
(
P
-P-P=R-R
-
R)
Diagonal view(
D
-D-
D
=R-R
-
R))
Diagonal view
(
C
-C-C
- R-
R-
R)
Preventive Contr
o
l on Read Access
Detective Contro
l on Read Access Corrective
Control on R
ead
Access
Model
-
1.c
Model
-
2.c
Model
-
3.c
Automated Corrective
Control
Diagonal view (
C
-C-
C
-W-W
-
W)
Diagonal view
(
C
-C-
C
-X-X
-
X)
Diagonal view
(
C
-C-
C
-R
-R-
R)
Corrective contro
l on Write Access
Corrective contro
l on Executive Access
Corrective contro
l on Read Access
5.5. Deplo
y
ment:
(Te
s
t,
Verification
,
Result
s &
Serv
ices) Pr
actical Impl
act
Analy
s
is on
RWX ACM
M
odel
We have to verify & validated the operat
i
ng syst
em integrity, high availability, reliability,
scalability, re
liability of Read, Write & Exec
ute Access over a UFS on RT
OS. We have to
protect,
Detect
and Correct
the UFS per busine
ss, resource requirement
and availability of
techn
o
logy.
We h
a
ve to a
pply som
e
re
view metho
d
on internal
UNIX ope
rating
system
on
super
use
r
mo
de.
This table
(
3) i
s
the
p
a
rt of
b
e
n
c
hmarkin
g
, p
e
rform
a
n
c
e
analysi
s
a
n
d
risk
asse
ssm
ent
of real time
o
peratin
g sy
stem over
a co
mplex we
b p
o
rtal ap
plication on l
a
rg
e scale
RTOS.
Table 13. Verific
a
tion of RTOS [8],
[9]
SN
INPUT ( S
ubje
c
t
)
Ho
w
to do
?
DESCRIPTI
O
NS
A
C
TI
ON
P
L
A
N
Wh
at
to
do
?
Risk
A
s
se
ssme
n
t
OUTP
UT (
O
b
j
ect)
What ha
pp
en &
When ?
?
01
/var/adm/messag
e
S
y
stem mesg (
event mgmt ) D
C
Date & time stamp
SECO
NDA
RY
RI
SK ASSESSME
N
T
02
/var/adm/s
y
s
log
sy
slog s
y
stem lo
gs
Detective control, Accountability
&
Authentication
03
/var/adm/sulog
super user log
Detective control, Accountability
&
Authentication
04
/var/adm/loginlog user
l
ogin log
Detective control, Accountability
&
Authentication
05
etc/ssh/sshd_co
n
fig
AES, CKM Ke
y
mgmt
Run the scripts: Preventive control
Evaluation Warning : The document was created with Spire.PDF for Python.