Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download 9781439079201_PPT_ch15
Document related concepts
Transcript
Understanding Operating Systems Sixth Edition Chapter 15 Windows Operating Systems Learning Objectives • • • • • • After completing this chapter, you should be able to describe: The design goals for Windows operating systems The role of MS-DOS in early Windows releases The role of the Memory Manager and Virtual Memory Manager The use of the Device, Processor, and Network Managers System security challenges The Windows user interface Understanding Operating Systems, Sixth Edition 2 Windows Development • First Windows product communication method – Graphical user interface (GUI) • Primary user communication method • Needed underlying operating system to translate users’ requests into system commands • Windows 1.0 (1985) – First Windows application – Ran on PC-compatible microcomputers – Not a true operating system • Ran on top of MS-DOS • Interface between MS-DOS and user Understanding Operating Systems, Sixth Edition 3 Early Windows Products • Advancements in Windows – Increasingly sophisticated GUI design • Increasingly powerful desktop computers • Windows 3.1 – Standardized look and feel • Similar to Apple’s Macintosh computer – Entry level product • Single-user installations or small-business environments Understanding Operating Systems, Sixth Edition 4 Early Windows Products (cont'd.) • Windows for Workgroups – Accommodate network users’ needs (small business) • Programs and features for small LANs • Share directories, disks, printers • Personal intercommunication: e-mail, chat programs Understanding Operating Systems, Sixth Edition 5 Operating Systems for Home and Professional Users • Disadvantages running Windows on MS-DOS – – – – Little built-in security No multitasking No interprocess communication capability Difficulty moving MS-DOS to other platforms • MS-DOS worked closely with hardware • Microsoft response – Developed and released succession of Windows • Not mere GUIs; had home and office user appeal – Development of powerful networking products • Windows NT (New Technology) Understanding Operating Systems, Sixth Edition 6 Operating Systems for Home and Professional Users (cont'd.) Understanding Operating Systems, Sixth Edition 7 Operating Systems for Networks • Windows NT Development (1993) – No reliance on MS-DOS support – Primary market requirements • • • • • Portability Multiprocessing capabilities Distributed computing support Government procurement compliance requirements Government security certification Understanding Operating Systems, Sixth Edition 8 Operating Systems for Networks (cont'd.) Understanding Operating Systems, Sixth Edition 9 Operating Systems for Networks (cont'd.) • Windows NT versions – Windows NT Workstation • Individuals • Desktop operating system – Windows NT Server • Small to medium-sized offices • Web servers and off-site locations – Windows NT Server Enterprise Edition • Larger and more complex networks Understanding Operating Systems, Sixth Edition 10 Operating Systems for Networks (cont'd.) • Windows NT name changed (1999) • Windows 2000 four packages – – – – Windows 2000 Professional Windows 2000 Server Windows 2000 Advanced Server Windows 2000 Datacenter Server • Windows Server 2003 – Same four packages plus Web edition • Windows Server 2008 Release 2 (2009) Understanding Operating Systems, Sixth Edition 11 Design Goals • Fulfilling marketing requirements – Incorporate security features – Facilitate decision making (coding process) • Windows networking operating systems – Influenced by several operating system models • Use already-existing frameworks • Introduced new features – Object model • Manage and allocate resources • Symmetric multiprocessing (SMP) • Maximum multiprocessor performance Understanding Operating Systems, Sixth Edition 12 Design Goals (cont'd.) • Needs – Accommodate user needs – Optimize resources • Response – Five design goals • • • • • Extensibility Portability Reliability Compatibility Performance Understanding Operating Systems, Sixth Edition 13 Extensibility • Easily enhancing operating system • Ensuring code integrity: separate functions – Privileged executive process • • • • Kernel mode Processor’s mode of operation All machine instructions allowed System memory accessible – Nonprivileged processes “protected subsystems” • User mode • Certain instructions not allowed • System memory not accessible Understanding Operating Systems, Sixth Edition 14 Extensibility (cont'd.) • Four more features – Modular structure • New components added to executive process – Objects • Abstract data types manipulated by special services • System resources managed uniformly – Drivers • New file systems, devices, and networks added to system at any time – Remote procedure call • Application calls remote services • Regardless of location on network Understanding Operating Systems, Sixth Edition 15 Portability • Operate on different machines – Different processors or configurations – Minimum amount of recoding • System guidelines to achieve goal – Written in a standardized, high-level language • Available in all machines – Accommodated ported hardware – Minimized direct code interaction with hardware • Reduced incompatibility errors – Hardware-dependent code isolated into modules • Easily modifiable when ported Understanding Operating Systems, Sixth Edition 16 Portability (cont'd.) • Windows NT and successors’ features – Modular code – Written in C (most of code) – Hardware abstraction layer (HAL) • Dynamic-link library • Provides isolation from vendors’ hardware dependencies Understanding Operating Systems, Sixth Edition 17 Reliability • Robustness of system • Ability to protect itself and users – Accidental or deliberate user programs’ damage • Features strengthening system – Structured exception handling – Modular design – NTFS file system (NT file system) • Can recover from all error types – Advanced security architecture – Virtual memory strategy Understanding Operating Systems, Sixth Edition 18 Compatibility • Execute programs written for other operating systems (or earlier system versions) – Use protected subsystems • Provide application execution different from primary programming interface – Provides source-level POSIX application compatibility – Recent Windows versions • Support existing file systems • FAT, CDFS, NTFS – Built-in verification • Important hardware and software Understanding Operating Systems, Sixth Edition 19 Performance • Achieve good performance levels • Windows features – Testing and optimization system calls, page faults, crucial processes – Incorporate local procedure call (LPC): guarantee fast communication among protected subsystems – Maximize speed of frequently used system services – Critical Windows networking software elements built into operating system privileged portion Understanding Operating Systems, Sixth Edition 20 Memory Management • Every operating system – Has own physical memory view – Makes application programs access memory in specified ways • Full physical memory – Virtual Memory Manager pages some memory contents to disk • Challenge for all Windows operating systems – Run application programs (Windows, POSIX) • Without programs crashing into each other’s memory Understanding Operating Systems, Sixth Edition 21 Memory Management (cont'd.) • Memory layout (recent Windows versions) – Operating system: high virtual memory – User code and data: low virtual memory • User process – Cannot read or write system memory directly • Memory paged to disk – User-accessible memory – System memory segment labeled paged pool • Memory never paged to disk – System memory segment labeled nonpaged pool Understanding Operating Systems, Sixth Edition 22 Memory Management (cont'd.) Understanding Operating Systems, Sixth Edition 23 User-Mode Features • VM Manager (virtual machine manager) – User-mode subsystems share memory efficiently – Provides process services to manage virtual memory • • • • • • Allocate memory in two stages Read and/or write protection for virtual memory Lock virtual pages in physical memory Retrieve information about virtual pages Protect virtual pages Rewrite virtual pages to disk Understanding Operating Systems, Sixth Edition 24 Virtual Memory Implementation • VM manager reliance – Address space management – Paging techniques • Address space management – Upper half of virtual address space • Accessible only to kernel-mode processes – Code in lower part (kernel code and data) • Never paged out of memory Understanding Operating Systems, Sixth Edition 25 Virtual Memory Implementation (cont'd.) • Paging (VM manager is pager) – Transfers pages • Between memory page frames and disk storage – Complex combination • Software policies: when to bring a page into memory and where to put it • Hardware mechanisms: exact manner VM Manager translates virtual addresses into physical addresses – Pager not portable – Windows: small code and well isolated Understanding Operating Systems, Sixth Edition 26 Virtual Memory Implementation (cont'd.) • Paging policies – Dictate how and when paging done – Composition • Fetch policy: determines when pager copies a page from disk to memory • Placement policy: determines where virtual page is loaded in memory • Replacement policy: determines which virtual page is removed from memory to make room for a new page Understanding Operating Systems, Sixth Edition 27 Processor Management • Windows – Preemptive-multitasking, multithreaded operating system • Windows NT process – Requires at least one thread • Default – Process contains one thread Understanding Operating Systems, Sixth Edition 28 Processor Management (cont'd.) • Thread composition – A unique identifier – Contents of volatile set of registers indicating processor’s state – Two stacks used during thread’s execution – Private storage area: used by subsystems and dynamic-link libraries Understanding Operating Systems, Sixth Edition 29 Processor Management (cont'd.) • Threads – Thread components called thread’s context – Actual data forming context varies from one processor to another – Kernel • Schedules threads for execution on a processor – Thread actually executes code – Overhead incurred by thread is minimal – Unitasking • Process with single thread Understanding Operating Systems, Sixth Edition 30 Processor Management (cont'd.) Understanding Operating Systems, Sixth Edition 31 Processor Management (cont'd.) • Multithreading using multitasking – Systems with multiple processors • Process has as many threads as CPUs available • All threads belonging to one process: share global variables, heap, environment strings • Versions of Windows since NT – Include some synchronization mechanisms • Avoid problems with multiple threads Understanding Operating Systems, Sixth Edition 32 Processor Management (cont'd.) Understanding Operating Systems, Sixth Edition 33 Device Management • Windows NT I/O system and networking descendents provide: – Multiple installable file systems (FAT, CDFS, NTFS) – Services making device-driver development easy • Workable on multiprocessor systems – Adding drivers to the system (system administrators) • Remove them dynamically – Fast I/O processing • Drivers written in high-level language – Mapped file I/O capabilities • Image activation, file caching, application use Understanding Operating Systems, Sixth Edition 34 Device Management (cont'd.) • I/O system – Packet driven • I/O request represented by I/O request packet (IRP) – IRP • Data structure controlling how I/O operation processed at each step • I/O manager IRP creation – Creates an IRP representing each I/O operation – Passes IRP to appropriate driver – Disposes of packet when operation complete Understanding Operating Systems, Sixth Edition 35 Device Management (cont'd.) • Driver IRP receipt – Performs specified operation – Passes it back to I/O manager or – Passes it through I/O manager to another driver for further processing Understanding Operating Systems, Sixth Edition 36 Device Management (cont'd.) • I/O manager tasks – – – – Supplies code, common to different drivers Manages buffers for I/O requests Provides time-out support for drivers Records installable file systems loaded into operating system – Provides flexible I/O facilities • Subsystems (POSIX) implement their respective I/O application programming interfaces – Allows dynamic loading of device drivers and file systems • Based on users’ needs Understanding Operating Systems, Sixth Edition 37 Device Management (cont'd.) • Windows I/O services – Device-independent model • “Multilayered device driver” concept • Device driver made up of standard set of routines – Initialization routine, dispatch routine, start I/O routine, completion routine, unload routine, error logging routine Understanding Operating Systems, Sixth Edition 38 Device Management (cont'd.) • I/O manager – Determine driver called to process request • Using file object’s name – Driver object • • • • Represents individual driver in system I/O manager creates Created when driver loaded into system May have multiple device objects connected to it – Device object • Physical, logical, or virtual device on the system • Describes device characteristics Understanding Operating Systems, Sixth Edition 39 Device Management (cont'd.) Understanding Operating Systems, Sixth Edition 40 Device Management (cont'd.) Understanding Operating Systems, Sixth Edition 41 Device Management (cont'd.) • Device objects list – Represents physical, logical, virtual devices – Controlled by the driver • Advantages of using different objects – Portability • Frees I/O manager from knowing details about drivers • Follows pointer to locate driver – Easy loading of new drivers – Easy assigning drivers to control additional or different devices • If system configuration changes Understanding Operating Systems, Sixth Edition 42 Device Management (cont'd.) Understanding Operating Systems, Sixth Edition 43 Device Management (cont'd.) • I/O manager knows nothing about file system • Overhead – I/O manager passes information requests back and forth – Uses single-layer device driver approach • Simple devices (serial and parallel printer ports) – Uses multilayered approach • More complicated devices (hard drives) • I/O operations asynchronous – Almost all low-level operations Understanding Operating Systems, Sixth Edition 44 File Management • Windows current versions – Designed to be independent of file system on which they operate – Support multiple file systems for hard disks including: • MS-DOS’s FAT file system • 32-bit FAT file system • NTFS Understanding Operating Systems, Sixth Edition 45 File Management (cont'd.) • Virtual file – Primary file handling concept (current windows) – Programs perform I/O on virtual files • File handles manipulate them – Executive file object representing all sources and destinations of I/O • Processes call native file object services to read from or write to file • I/O manager directs virtual file requests – Real files, file directories, physical devices Understanding Operating Systems, Sixth Edition 46 File Management (cont'd.) • File objects – – – – Hierarchical names Protected by object-based security Support synchronization Handled by object services • Opening file – Process supplies file’s name and type of access required Understanding Operating Systems, Sixth Edition 47 File Management (cont'd.) • File objects bridge gap – Between physical devices’ characteristics and directory structures, file system structures, data formats • Provides memory-based representation of shareable physical resources • Created with new set of handle-specific attributes – Each time process opens a handle Understanding Operating Systems, Sixth Edition 48 File Management (cont'd.) Understanding Operating Systems, Sixth Edition 49 File Management (cont'd.) Understanding Operating Systems, Sixth Edition 50 File Management (cont'd.) • Mapped file I/O – Important feature of I/O system – Achieved by cooperation with I/O system and VM Manager – Memory-mapped files exploit VM capabilities • Cache manager uses mapped I/O – Manages its memory-based cache • File management system supports long filenames – Include spaces and special characters – Automatically shortens filenames when required Understanding Operating Systems, Sixth Edition 51 Network Management • Networking – Integral to Windows NT-based operating systems – Provides services • User accounts, resource security • Communication between computers – Named pipes • Provide high-level interface for passing data between two processes (regardless of locations) – Mailslots • Provide one-to-many and many-to-one communication mechanisms Understanding Operating Systems, Sixth Edition 52 Network Management (cont’d.) • Microsoft Networks (MS-NET) – Released in 1984 – Model for NT Network Manager • Three components – Redirector – Server message block (SMB) protocol – Network server • MS-NET components – Extensively refurbished and incorporated into Windows NT and later versions Understanding Operating Systems, Sixth Edition 53 Network Management (cont'd.) • Redirector – – – – Coded in C programming language Implemented as loadable file system driver Not dependent on system’s hardware architecture Function • Direct I/O request from user or application to remote server that has appropriate file or resource • Network can incorporate multiple redirectors Understanding Operating Systems, Sixth Edition 54 Network Management (cont'd.) • SMB Protocol – High-level specification • Formatting messages sent across network – OSI model correlation • Application layer (layer 7) • Presentation layer (layer 6) – API called NETBIOS interface • Used to pass I/O requests structured in SMB format to remote computer – SMB protocols and NETBIOS API • Adopted in several networking products before appearing in Windows Understanding Operating Systems, Sixth Edition 55 Network Management (cont'd.) • Windows Server operating systems – Written in C • Complete compatibility with existing MS-NET and LAN manager SMB protocols – Implemented as loadable file system drivers – No dependency on hardware architecture • Where operating system running Understanding Operating Systems, Sixth Edition 56 Directory Services • Active Directory – Database storing all information types – General-purpose directory service for heterogeneous network – Built entirely around DNS and LDAP – Groups machines into administrative units called domains • Each domain gets a DNS domain name (e.g., pitt.edu) • Each domain must have at least one domain controller • Domain can have more than one domain controller – Active Directory clients use standard DNS and LDAP protocols to locate objects on the network Understanding Operating Systems, Sixth Edition 57 Directory Services (cont'd.) Understanding Operating Systems, Sixth Edition 58 Security Management • Windows network operating systems – Provide object-based security model – Security object • Represent any resource in system (file, device, process, program, or user) – Allows administrators to give precise security access • To specific objects in system allowing them to monitor and record how objects used • Windows biggest concern – Aggressive patch management needed • Combat many viruses and worms Understanding Operating Systems, Sixth Edition 59 Security Basics • U.S. Department of Defense – Identified and categorized operating system features – Seven levels of security • Compliance with Class C2 level security – Features in Windows • • • • A secure logon facility Discretionary access control Auditing ability Memory protection Understanding Operating Systems, Sixth Edition 60 Security Basics (cont'd.) • Multilayered security system – Strives to prevent access by unauthorized users • Password management: first security layer • NTFS: second security layer – File access security • Distinguishes between owners and groups • Users decide operation types person is allowed to perform on a file • Gives user auditing capabilities – Automatically keeps track of who uses files and how Understanding Operating Systems, Sixth Edition 61 Security Terminology • Built-in security – Necessary element for managers of Web servers and networks – Requires authentication mechanism allowing client to prove identity to server – Client supplies authorization information – Server uses information to determine specific access rights given to client – Provides data integrity using various methods • Windows uses Kerberos security Understanding Operating Systems, Sixth Edition 62 Security Terminology (cont'd.) • Kerberos Security – Authentication, data integrity, data privacy, mutual authentication – Each domain has own Kerberos server – Microsoft implemented standard Kerberos protocol – Microsoft separated users of distributed security services from their providers • Allows support for many options without unusable complexity Understanding Operating Systems, Sixth Edition 63 Security Terminology (cont'd.) Understanding Operating Systems, Sixth Edition 64 User Interface • Start an application – Double-click application icon – Select it from Start menu • Quit application – Select Exit from File menu – Click “x” in top-right corner of window Understanding Operating Systems, Sixth Edition 65 User Interface (cont'd.) • Start Menu – Divides functions into logical groups – Users access common functions • • • • • All Programs Documents, Pictures, Music, and Computer Control Panel Help and Support Search Understanding Operating Systems, Sixth Edition 66 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 67 User Interface (cont'd.) • Windows Task Manager – Open • Pressing and holding the CTRL, ALT, delete keys – User view running applications and processes • Set priorities of each – User views information • Performance, networking, users logged into system • Windows Explorer (standard utility program) – Contains director, file display tools, file-finding tool – Series of pull-down menus • File, Edit, View, Tools, Help, etc. Understanding Operating Systems, Sixth Edition 68 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 69 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 70 User Interface (cont'd.) • Networked systems – Identify and access network resources • Folders, printers, connections to other nodes • Command interface – Resembles MS-DOS – Available from most Windows desktops • • • • Keyboard shortcuts: (CTRL+C for copy) Built-in input methods and fonts for languages Windows offers an on-screen keyboard Resource monitor Understanding Operating Systems, Sixth Edition 71 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 72 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 73 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 74 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 75 User Interface (cont'd.) Understanding Operating Systems, Sixth Edition 76 Summary • Current Windows operating systems – Ease-of-use with technical power – Operate network across several platforms • Significant security controls – Allowed inroads to organizations requiring consistent protection – Authentication models support new user interfaces – Implementation of different security architectures • Require aggressive patch management – Target of viruses and worms Understanding Operating Systems, Sixth Edition 77
