|
Linux vs. Windows security |
|
|
|
Source: AME Info - Posted by Pax Dickinson
|
Microsoft and Linux both provide support for authentication, access control, audit trail/logging, Controlled Access Protection Profile, and cryptography. However, Linux is superior due to Linux Security Modules, SELinux, and winbind. The user of a Linux system can decide to add additional security mechanisms to a Linux distribution without having to patch the kernel.
Various access control mechanisms have been built on top of LSM; for example, building compartments that keep applications separate from each other and from the base operating system, which limits the impact of a security problem with an application. Linux base security is further enhanced by solutions, such as Tripwire, that enable System Integrity Check functionality to periodically verify the integrity of key system files and warn those responsible for system security whether a file's contents or properties have been changed.
A limitation of Windows base security is MSCAPI, which trusts multiple keys for code signing. Microsoft's model focuses on providing one build of a product that can enable weak or strong encryption simultaneously. Although modules are not all signed by one key, since MSCAPI trusts a large number of root certifying authorities, and trusts multiple keys for code signing, it only takes one key to be compromised to make the entire system vulnerable to attack.
Read this full article at AME Info
Powered by AkoComment! |
