Download Fulltext PDF

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Copland (operating system) wikipedia , lookup

RSTS/E wikipedia , lookup

DNIX wikipedia , lookup

Spring (operating system) wikipedia , lookup

VS/9 wikipedia , lookup

Distributed operating system wikipedia , lookup

Unix security wikipedia , lookup

CP/M wikipedia , lookup

Burroughs MCP wikipedia , lookup

Process management (computing) wikipedia , lookup

Paging wikipedia , lookup

Transcript
GENERAL I ARTICLE
Operating Systems
2. Functions, Protection and Security Mechanisms
M Suresh Babu
The objectives and stages of operating systems introduced
in Part 1 are continued here. Four major components process management, input-output (I/O) device management, memory management, file management and protection are discussed.
M Suresh Babu is
currently a fourth year
undergraduate student in
the Department of
Computer Science and
Engineering, Narayana
Engineering College,
Nellore, Andhra Pradesh.
He would like to work in
operating systems,
computer networks and
also in Internet security
concepts.
Introduction
The process concept and concurrency are at the heart of modern
operating systems (OS). A process is the unit of work in a
computer system. A process must be in main memory during
execution. To improve the utilization of central processing unit
(CPU) as well as the speed of its response to its users, the
computer must keep several processes in memory. Many different memory-management schemes are discussed.
The role of the OS in a computer I/O subsystem is to provide the
simplest interface possible to the rest of the system. Protection
is an internal problem. Security must consider both the computer system and the environment within which the system is
used. Both the above concepts are also discussed.
Process Management
Part 1. Objectives and
Evolution, Resonance, VoL7,
No.3, pp.18-24, 2002.
Keywords
Memory management, process
management, I/O device management, file management.
A process can be thought of as a program in execution. A process
will need a number of resources such as CPU time, memory, files
and I/O devices to accomplish its tasks. These resources are
allocated to the process either when it is created or while it is
executing. The OS is responsible for the following activities in
process management: the creation and deletion of both users'
and system processes; the scheduling of processes; and the
provision of mechanisms for synchronization, communication
and deadlock handling for processes.
-60-------------------------------~~------------R-E-S-O-N-A-N-C-E--I-A-p-ri-I-2-0-0-2
GENERAL I ARTICLE
New: The process is
being created.
Running: Instructions are
being executed.
Waiting: The process is
waiting for some event
to occur.
Ready: The process is
waiting to be assigned to
a processor.
Terminated: The process
has finished execution.
Present-day computer systems allow multiple programs to
be loaded into memory and to be executed concurrently.
This evolution requires firmer control and more compartmentalization of the programs. This has led to the notion of
a process which is more than the program code.
Figure 1.
We emphasize that a program itself is not a process; a
program is a passive (static) entity, such as the contents of
a file stored on disk, whereas a process is an active (dynamic) entity, with a program counter specifying the next
instruction to execute and a set of associated resources. As
a process executes, it changes state. The state of a process is
defined in part by the current activity of that process as
shown in Figure 1.
The objective of time sharing is to allow fast interaction of
users with their respective programs by rapidly switching
their processes running in the CPU. Whenever the CPU
becomes idle, the OS must select one of the processes in the
ready queue to be executed. This selection process is
carried out by CPU scheduler by implementing scheduling
algorithms like First Come-First Serve, Shortest-Job-First,
Priority, Round-Robin, Multilevel Queue Scheduling depending on the objective and the system. A cooperating
process is one that can affect or be affected by the other
processes executing in the system. Cooperating .processes
Whenever the CPU
becomes idle, the OS
must select one of the
processes in the ready
queue to be executed.
CPU scheduler carries
out this selection
process.
-R-ES-O-N-A-N--CE--I--AP-r-il--2-00-?--------------~-------------------------------61
GENERAL
The role of the
as
in computer I/O
subsystem is to
provide the
simplest interface
possible to the rest
of the system.
I
ARTICLE
may either directly share a logical address space, or be allowed to
share data only through files. The former case is achieved
through threads or lightweight processes and later by using
synchronization techniques like Bounded-Buffer, Readers and
Writer, Dining Philosopher Problems. (See [1]).
INPUT/OUTPUT Device Management
Perhaps the messiest aspect of OS design is input/output [I/O].
The devices attached to a computer vary in multiple dimensions. Devices transfer a character or a block of characters at a
time. They can be accessed sequentially or randomly. They
transfer data synchronously or asynchronously. They are dedicated or shared. They can be read-only or read-write. They also
vary greatly in speed.
Because of all these device variations, the OS needs to provide a
wide range of functionality to applications, to allow them to
control all aspects of the devices. The role of the OS in computer
I/O is to manage and controlI/O operations and I/O devices.
One key goal of an OS's I/O subsystem is to provide the simplest
interface possible to the rest of the system. Because devices are
a performance bottleneck, another key is to optimize I/O for
maximum concurrency.
The basic hardware elements involved in I/O are buses, device
controllers and the devices themselves. The work of moving
data between devices and main memory is performed by CPU as
programmed I/O, or is offloaded to a DMA controller. The
kernel's I/O subsystem provides numerous services. Among
these are I/O scheduling, buffering, spooling, error handling
and device reservation.
Another service is name translation, to make the connection
between hardware devices and the symbolic file names used by
applications. It involves several levels of mapping that translate
from a character string name to a specific device driver and
device address, and then to physical addresses of I/O ports or bus
controllers. This mapping may occur within the file-system
--------~-------RESONANCE I April 2002
62
GENERAL I ARTICLE
name space, as it does in UNIX, or in a separate device name
space, as it does in MS-DOS.
Memory Management
In a uniprogramming system, main memory is divided into two
parts: one part for the operating system (resident monitor,
kernel) and the other for the program currently being executed.
In a multiprogrammed system, the 'user' part of memory must
be further sub-divided to accommodate multiple processes. The
task of sub-dividing is carried out dynamically by the OS and is
known as memory management. v
Effective memory management is vital in a multiprogrammed
system. If only a few processes are in memory, then for much of
the time all the processes will be waiting for I/O and the processor will be idle. Thus, memory needs to be allocated efficiently
to pack as many processes into memory as possible. While
surveying the various mechanisms and policies associated with
memory management, it is good to keep in mind the requirement that memory management is intended to satisfy. The five
requirements are: relocation, protection, sharing, logical organization and physical organization.
. Effective memory
management is
vital in a
multi programmed
system. If only a
few processes are
in memory, then
for much of the
time all the
processes will be
waiting for I/O and
the processor will
be idle.
The core task of any memory management system is to bring
programs into main memory for execution by the processor. In
almost all-modern multiprogrammed systems, this task involves
a sophisticated scheme known as virtual memory. Virtual
memory is in turn based on the use of one or both of two basic
techniques: segmentation and paging.
There are several memory management techniques of OS provided for this concept (see Table 1 and [4]).
File Management
In most applications, the file is the central element. Whatever
the objective of the application, it involves the generation and
use of data files. The input to applications is a file, and in virtu-
-R-ES-O-N-A-N--CE--I-A-p-r-il--2-00-2--------------~-------------------------------6-3
GENERAL I ARTICLE
Table 1. Comparison of memory management systems.
Technique
Description
Strength
Weakness
Fixed partitioning.
Main memory is divided into a
number of static partitions at
system generation time. A
process may be loaded into a
partition site equal to or greater
than the process site.
Simple to
implement; little
OS overhead.
Inefficient use of
memory due to
internal
fragmentation.
Numbers of active
processes are fixed.
Dynamic
partitioning.
Partitions are created
dynamically, so that each
process is loaded into a partition
of exactly the same size as that
process.
No internal
fragmentation;
more efficient
use of main
memory.
Inefficient use of
processor due to
the need for
compaction to
counter external
fragmentation.
Simple paging
Main memory is divided into a
number of equal size frames.
Each process is divided into a
number of equal size pages of
the same length.
No external
fragmentation.
A small amount of
internal
fragmentation.
Simple
segmentation.
Each process is divided into a
number of segments. A process
is loaded by loading all of its
segments into dynamic partitions
that need not be contiguous.
No internal
fragmentation.
Need for
compaction.
Virtual memory
paging.
As with simple paging, except
that it is not necessary to load all
processes in main memory.
Non-resident pages that are
needed are brought in later
automatically from disk.
No external
fragmentation;
higher degree of
multiprogrammi
ng, large virtual
process space.
Overhead of
complex memory
management.
Virtual memory
segmentation.
As with simple segmentation
except that it is not necessary to
load all of the segments of a
process. Non-resident segments
that are needed are brought in
later automatically.
No internal
fragmentation,
higher degree of
memory
management;
large virtual
address space,
protection and
s.haring support.
Overhead of
complex memory
management.
-64--------------------------------~~-------------R-ES-O-N-A--N-C-E-I--A-p-ri-I-2-0-0-2
GENERAL
I ARTICLE
ally all applications, output is saved in a file for long-term
storage and for later access by the user and by other programs.
Files have a life outside of any individual application that uses
them for input and output. Users wish to access files, save them,
and maintain the integrity of their contents. To aid in these
objectives, virtually all computer systems provide separate filemanagement systems. Typically, such a system consists of
system utility programs that run as privileged applications.
File-management system needs special services from the as and
often the entire file management system is considered part of the
as.
When discussing about files the four terms that are in common
use are field, record, file, and database. Field is a basic element
of data. A record is a collection of related fields. A file is a
collection of similar records. A database is a collection of related
files. A file management system is that set of system software
that provides services to users and applications related to the use
of files. Typically, the only way that a user or application may
access files is through file management system. The operations
that are supported by file management system are: Retrieve_All,
Retrieve_One, Retrieve_Next, Retrieve_Previous, Insert_One,
Delete_One, Update_one, Retrieve_Few.
Suggested Reading
[1] Silberschatz and Galvin,
Operating System Concepts, Pearson Education,
India, Delhi, 2000.
[2] D H Dhamdhere, System
Programming and Operating Systems, Tata
McGraw Hill, 2000.
[3] Andrew S Tanenbaum,
Modem Operating Systems, Prentice Hall ofIndia, 2000.
[4] William Stallings, Operating Systems, Prentice
Hall of India, 2000.
Protection and Security
Sharing of programs and data among users of a computer system
necessitates strong emphasis on protection and security measures in an as. Both protection and security imply guarding
against intrusion in an as. However, in keeping with the
convention followed in as literature, a distinction is made
between two types of intrusion.
Protection: Guarding a user's data and programs against intrusion by internal entities of a system, e.g. other authorized users
of the system.
Security: Guarding a user's data and programs against intru-
Encryption is the
fundamental
technique for
protecting
confidentiality of
data. Hence it
forms the basis of
many protection
and security
mechanisms.
--------~-------RESONANCE I April 2002
65
GENERAL
Encryption key (K) ~
I
ARTICLE
Decryption Key (K~
,
Plain text
...... Encryption
Cipher text
Algorithnl (E)
Figure 2.
....
JIll'
Decryption
Algorithm (D)
Plain
text ....
....
sion by entities external to a system, e.g. unauthorized persons.
The various authorization provisions in a computer system may
not confer sufficient protection for highly sensitive data. In
such cases, data may be encrypted. It is not possible for encrypted data to be read unless the reader knows how to decipher
(decrypt) the encrypted data.
Encryption of Data
Encryption is the fundamental technique for protecting confidentiality of data. Hence it forms the basis of many protection
and security mechanisms. Encryption is the application of an
algorithmic transformation to data.
The original form of data in plain text is encrypted by an
Encryption Algorithm E by using Encryption Key K. The
transformed form is called cipher text. The cipher text is
transmitted to the destination where that form is to be decrypted using a Decryption Algorithm D with the same Key K
to obtain its plain text form, (See Figure 2).
Conclusions
Address for Correspondence
M Suresh Babu
In this short article, we have explained various facilities provided in OS. These advances in OS have considerably improved
the utilization of resources of a computer and eased their use.
C/o N Sudhakar Reddy
D. No. 16-3-1141F
Pinaki Nagar
Haranathapuram IV line
Nellore 524003
Andhra Pradesh, India.
Email:suresh_0529@
Acknowledgements: The author sincerely acknowledges Prof. E
V Prasad, Principal and K V Raghavendra Kumar, Head of the
Computer Science and Engineering Department, Narayana Engineering College, Nellore for their timely directions and helpful
suggestions to increase the richness of the contents of this article.
rediffmail. com
--------~-------66
RESONANCE I April 2002