Download Protection A computer system is a collection of processes and

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Burroughs MCP wikipedia , lookup

Distributed operating system wikipedia , lookup

DNIX wikipedia , lookup

Spring (operating system) wikipedia , lookup

VS/9 wikipedia , lookup

Security-focused operating system wikipedia , lookup

Process management (computing) wikipedia , lookup

Unix security wikipedia , lookup

Transcript 
Protection
A computer system is a collection of processes and objects. These objects may be
hardware (such as memory, CPU time, or I/O devices) or software (such as files,
programs), and they need to be protected.
Protection refers to a mechanism for controlling the access of programs, processes, or
users to the resources (objects) defined by a computer system. This mechanism must
provide a means for specification of the controls to be imposed, together with some
means of enforcement.
Reasons for protection
●
Need to prevent mischievous, intentional violation of an access restriction by a user,
●
Need to ensure that each active process in the system uses system resources only in
ways consistent with stated policies.
What if no protection mechanism?
1. Think of a unix-based server being used in a university for labs. Obviously, if theres
no protection mechanism implemented in unix, then every student can read/write the
files/data of others.
2. Consider a unix-like system where theres a root or the super user. Now, if theres no
proper protection mechanism, then any process could acquire root privileges and
thereby could cause damage.
3. Think of a situation where a process illegally gains access to the memory allocated to
some other process. Again this could happen because of the absence of protection
mechanisms.
Domain of protection
As mentioned before, a computer system consists of processes and objects. Each object
has a unique identifier in the system, and can be accessed only through well-defined and
meaningul operations. For example, a memory segment (object) supports read and write
(operations) while a CD-ROM (object) supports only read (operation). A process should
be allowed to access only those objects for which it has authorization.
'Need-to-know' principle
According to this widely held principle in the domain of OS protection, a process should
be able to access only those resources that it requires at a given point of time to complete
its current task. This requirement is useful in limiting the amount of damage a faulty
process can cause in the system.
Domain structure
Every process operates only within a protection domain, which specifies the resources
that the process may access. A domain is a collection of access rights. An access right is
basically an ordered pair, <object-name, rights-set>. For example, domain D can have the
access right <file F, {read, write}>. During the lifetime of a process, a process may be
allowed to change its domain (domain switching) or it may not be allowed to change its
domain (static).
The domain structure is realised in different ways in different operating systems. For
example, UNIX takes the approach wherein each user is associated with a domain (also
adopts the user/supervisor architecture). In MULTICS, the protection domains are
organized hierarchically into a ring structure (layered architecture).
Access matrix
Access matrix is a general model of protection. Access-matrix is simply a matrix in
which the rows represent domains, and the columns represent objects. Then the entry
access(i,j), defines the set of operations that a process executing in domain i, can invoke
on object j. Access matrix scheme provides us with the mechanism for implementing
policy decisions concerning protection. The policy decisions involve which rights should
be included in the (i,j)th entry. This separation of mechanism and policy is an import
design issue.
Implementation of an access matrix
An access matrix cannot be implemented as-is due to efficiency reasons. Imagine how
big and empty the matrix would be, when we have a large no. of users (domains) and an
even large no. of files, programs and other objects! Therefore, access matrixes are
implemented in a variety of ways in different operating systems:●
●
●
●
Global Table
Access lists for objects
Capability lists for domains (found in capability systems like Hydra, CAP, Mach)
Lock-key Mechanism
In addition to this, there are other issues to protection like revocation of access rights and
also language-based protection. If given an opportunity, we would be able to investigate
further into all of the above mentioned concepts and possibly present examples of how
protection is being implemented in today's widely used operating systems like Linux
(SELinux support), Solaris, Windows.
Related documents
Classification History
Classification History
Chap 14: Protection
Chap 14: Protection
Youth Risk and Resiliency Framework - NC 4-H
Youth Risk and Resiliency Framework - NC 4-H
PDF
PDF
lecture26
lecture26
Th C S t f E i St ti ti
Th C S t f E i St ti ti
nature-nurture
nature-nurture
Birth of the domains Bacteria, Archaea and Eucarya and of major
Birth of the domains Bacteria, Archaea and Eucarya and of major
Document
Document
Classification of Living Things – Figure 18
Classification of Living Things – Figure 18
Merge Against SSIS
Merge Against SSIS
Structural domains of P450-containing monooxygenase
Structural domains of P450-containing monooxygenase
Global Lead Architect for Information Security Domains
Global Lead Architect for Information Security Domains
1 - BioMed Central
1 - BioMed Central
Antibody learning primer File
Antibody learning primer File
Insights into polypharmacology from drug
Insights into polypharmacology from drug
MASE1 and MASE2: Two Novel Integral Membrane Sensory Domains
MASE1 and MASE2: Two Novel Integral Membrane Sensory Domains
3did: a catalog of domain-based interactions of
3did: a catalog of domain-based interactions of
EF-Tu PROTEIN DOMAINS
EF-Tu PROTEIN DOMAINS
On Exhaustion of Domains - Department of Mathematics, Statistics
On Exhaustion of Domains - Department of Mathematics, Statistics
Differentiable structures on finite sets
Differentiable structures on finite sets
The ACT Domain: A Small Molecule Binding Domain
The ACT Domain: A Small Molecule Binding Domain