1 / 12

Chapter 4 – Protection in General Purpose Operating Systems

Chapter 4 – Protection in General Purpose Operating Systems. Protection features provided by general-purpose operating systems—protecting memory, files, and the execution environment Controlled access to objects User authentication. Protected Objects and Methods of Protections.

barnhartw
Télécharger la présentation

Chapter 4 – Protection in General Purpose Operating Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 4 – Protection in General Purpose Operating Systems • Protection features provided by general-purpose operating systems—protecting memory, files, and the execution environment • Controlled access to objects • User authentication

  2. Protected Objects and Methods of Protections • 1rst OS were simple utilities – executives • Multiprogramming OS required monitors which oversaw each program’s execution • Protected objects • Memory • Sharable I/O devices (disks) • Serially reusable devices (printers) • Shareable programs & subprocedures • Networks • Shareable Data

  3. Security Methods of Operating Systems • Physical Separation (different processes use different objects) • Temporal Separation (processes executed at different times) • Logical Separation (process appears to be alone) • Cryptographic Separation (processes conceal data and computations)

  4. Security Methods of Operating Systems • Want to be able to share resources without compromising security • Do not protect • Isolate different processes • Share all or nothing • Share via access limitation (granularity) • Share by capabilities • Limit use of an object

  5. Memory & Address Protection • Fence – confines user to one side of boundary • Use predefined memory addresses • Can protect OS, but not one user from another • Relocation – changes all addresses of program using offset • Base/Bounds Registers • Uses variable fence register (base register) to provide lower bound • Uses bounds register for upper address

  6. Memory & Address Protection • Tagged Architecture • Every word of machine memory has extra bits to indicate access rights (expensive) • Segmentation (program divided into pieces) • Each segment has name & offset • Each address reference is checked for protection • Different classes of data can be assigned different levels of protection • Users can share access to segments • User cannot access an unpermitted segment • Paging (program uses equal sized “pages”; memory divided into equal sized page frames)

  7. Control of Access to General Objects • Memory • File/data set • Program in memory • Directory of files • Hardware device • Data structure (stack) • Operating system table • Instructions (privileged) • Passwords / user authentication mechanism • Protection mechanism

  8. Goals in protecting objects • Check every access • Enforce least privilege • Verify acceptable usage

  9. Directory mechanism • Each user (subject) has a file directory, which lists all files accessible by user • List can become too large if many shared objects • Cannot revoke rights of everyone to an object • File names for different owners may be different

  10. Access Control List • One list for each object with list showing all subjects & their access rights • Can use wildcards to limit size of ACL • Access Control Matrix • Rows for subjects • Columns for objects • Sparse matrix of triples <subjects, objects, rights>

  11. Capability • Unforgeable token that gives possessor rights to an object • Predecessor of Kerberos • Can propagate capabilities to other subjects • Capabilities must be stored in inaccessible memory

  12. Procedure-Oriented Access Control • Procedure that controls access to objects including what subjects can do to objects

More Related