Download Unit 10 Final Project Kaplan University Unit 10 Project Julee

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
Document related concepts

RSTS/E wikipedia , lookup

Copland (operating system) wikipedia , lookup

Security-focused operating system wikipedia , lookup

DNIX wikipedia , lookup

Spring (operating system) wikipedia , lookup

Distributed operating system wikipedia , lookup

VS/9 wikipedia , lookup

Unix security wikipedia , lookup

Burroughs MCP wikipedia , lookup

CP/M wikipedia , lookup

Process management (computing) wikipedia , lookup

Paging wikipedia , lookup

Transcript 
Unit 10 Final Project
Kaplan University
Unit 10 Project
Julee Housenga
Wrapping Up Final- Project
IT 320
Operating Systems Concepts
By
Anthony Outlaw
October 2, 2010
1
Unit 10 Final Project
2
Operating systems are the most intrinsic part of almost all computer systems. They
control the resources, manage the CPU, interact with the software, administrate scheduling and
monitor logs, detect errors, and aid in the provision of security (Parsons, 2010). With the many
different definitions of an operating system one mainstay definition consistently mentioned is
that a Windows operating system is: system software that poses as a master controller of all the
executions in a Windows computer system environment (Parsons, 2010). What this means is that
the operating system lies in the heart of all of the computers activities, and the operating system
is the brains behind how well the computer performs, how the resources in a computer are
allocated, and how compatible a computer system is with other platforms. Most modern
computers come preinstalled with an operating system like Windows, Mac OS, and Linux. One
of the main responsibilities of an operating system is to make sure that software runs smoothly
on a computer system, so I could almost conclude that a Windows operating system is the
interface between the hardware and software of a Windows computing environment. The actual
design of a Windows operating system must include the integration of all the components that
play a role in the operating system. A list of these components, as well as, the vulnerabilities of a
Windows operating system consists of: security threats (which includes viruses, bots, attacks,
and worms), security techniques to prevent malware threats, file system and file management,
data protection techniques, scheduling, input and output devices, process and thread
management, deadlock prevention, and memory management. All of these integrated component
interactions encompass the design of a Windows operating system.
Security threats such as viruses, bots, attacks, and worms fall under one of two categories
when it comes to computer security threats. The first category is intruder, and the second
category is viruses (Stallings, 2009). The hacker is number one in the intruder category but I will
Unit 10 Final Project
3
not cover the hacker here; however, I think it is worth mentioning because a hacker ranks
number one in the intruder category. The virus category contains an array of sophisticated types
of threats to a computer system in which the threats objective is to exploit the vulnerabilities in a
computing system (Stallings, 2009). At the top of the virus category is malicious software which
consists of two subcategories: those that need a program, and those that do not or that are
independent. Worms and bots are considered independent because they do not need a host
program to exploit vulnerabilities in a computer system. Worms and viruses replicate themselves
with the intent to take over a computer system by attaching themselves to other programs, and by
controlling essential system resources (WiseGEEK, 2010). A bot is a type of malicious software
that secretly takes over another computer system with the intent to execute a denial of service
attack, to gain personal information called phishing, or to send spam to thousands of computers
(Bradley, 2010). Bots are hard to detect because they cannot be traced back to the original
computer that initiated the bot in the first place. So with so many virus and intrusion threats to a
computer system the question is: What can be done to combat these unwarranted threats?
There are several security techniques to prevent unwanted threats. Some of these security
techniques consist of: security suites, antivirus software, a firewall, and keeping Windows
updates current. Security Suites employ several security modules to protect against the most
common malware, unauthorized access, and spam (Parsons, 2010). A security suite usually
includes antivirus, firewall, and anti-spyware modules. Antivirus software is a software utility
that attempts to look for and terminate viruses, and tries to prevent a virus from getting into a
computer system from the beginning (Stallings, 2009). A firewall is software or hardware
designed to filter unwarranted packets from entering or leaving a computer system (Parsons,
2010). In general a firewall blocks unauthorized packets from coming in and intruding a
Unit 10 Final Project
4
computer system. Windows provides Windows updates which are very important because the
updates patch vulnerable places in a computer system, and updates make a credible contribution
to the security of a computer by protecting it against new and ongoing threats. Another good
security technique is to turn the computer off when it is not in use because when the computer is
turned off the ports are inactive, and when the ports are inactive no data transmission can take
place.
In order for a Windows operating system to be effective it must provide a file system and
a file management system to keep the files organized. By definition a file system is used by a
Windows operating system to keep track of the names and locations of files that reside on a
storage medium, such as a hard disk (Parsons, 2010). The file systems used by most Windows
operating systems are: File Allocation Table (FAT 32) or New Technology File System (NTFS).
NTFS is the right now more popular file system that has features that FAT 32 does not have.
Probably the biggest feature that NTFS has that FAT 32 does not is the volume size feature. With
NTFS the max volume size is 2^64 clusters, but with FAT 32 the max volume size is only 32 GB
for most Windows OS systems (NTFS vs…, 2010). Along with the file management system, the
Windows operating system also provides several special file management utilities that allow the
user the ability to manipulate and organize files using one of the file management utilities. The
file management utilities that a Windows operating system provides are: the Explore option on
the Start menu, Disk Cleanup, and Disk Defragmenter. The Explore utility from the Start menu
will aid in viewing all the directories, finding files, moving files from one place to another,
deleting files, copying files, analyzing properties, and renaming files (Parsons, 2010). Disk
Cleanup is a computer maintenance utility provided by Windows that is designed to free up disk
space on the hard drive. Its main function is to first search the hard drive to remove files that are
Unit 10 Final Project
5
no longer in use and to remove unnecessary files (Web definitions…, n.d.). Disk Defragmenter
utility corrects fragmentation. Fragmentation is when blocks of related data become noncontiguous, and this can cause file access to be slow. Furthermore, Disk Defragmenter
reorganizes the files to put them in order so that they are contiguous and the disk drive does not
have to search all over the place to retrieve the information. Once a file system is determined the
next topic to venture is file/data protection techniques.
A good data protection technique is important because as the name suggest this technique
protects the data that is input into a computer system by a user. Obviously the security
techniques to prevent malware threats make a contribution to data protection, but secondary
storage devices like external hard drives and RAID make credible contributions as well.
Secondary storage devices make a contribution by allowing the user the ability to store data as it
is created just in case a system crashes. RAID on the other hand is an acronym that stands for
redundant array of independent disks, and provides storage reliability through redundancy using
disks drives that are logical connected interdependent (Wikipedia, 2010). Another contribution
made to data protection is authentication. According to Stallings authentication consists of two
steps: the identification step and the verification step. Stallings goes on to say that the
identification step identifies the user to the security system, and the verification step presents or
generates authentication information that confirms the binding between the entity and the
identifier. What authentication provides is another line of defense that deters unauthorized access
of data which directly contributes to data protection. Another good data protection technique is
testing the security system of a computer, and testing a computers Internet vulnerability profile.
These tests can be performed using Gibson Research Corporation site Shields UP! Three of the
main test consists of: file sharing, common ports, and all service ports tests (Gibson
Unit 10 Final Project
6
Research…,2010). What this test provides is a measurement of how secure your ports and files
are on the Internet, and this is important because when data is hacked or wrongfully intercepted
it is most often via the internet. So by providing these test the Gibson Research Corporation
makes a meaningful donation to data protection because without a testing site computer users
would never know how vulnerable they are when using the Internet. Now that security threats,
security techniques to prevent malware threats, file system and file management, and data
protection techniques have been discussed I can move toward the more complex responsibilities
of a Windows operating system which consists of: scheduling, input and output devices, process
and thread management, deadlock prevention, and memory management.
Scheduling is a key responsibility of a Windows OS because scheduling manages the
various resources available to it (main memory space, I/O devices, processors), and scheduling
also schedules their use by various active processes (Stallings, 2009). Scheduling is complex
because it must consider these three factors: fairness, differential responsiveness, and efficiency.
Fairness is equal and fair access of resources for all competing processes. Differential
responsiveness deals with the OS’s ability to discriminate among different classes of jobs based
on service requirements. What this means is the OS should always consider the best way to
allocate resources based on the total set of requirements (Stallings, 2009). Efficiency deals with
the fact that the OS should consider maximum throughput, minimum response time, and in
sharing accommodate as many users as possible (Stallings, 2009). Scheduling does all this by the
use of a combination of scheduling types which consists of: short-term, medium-term, and longterm scheduling. Short-term scheduling deals with which process to choose next and mediumterm scheduling is associated with the swapping function that deals with what partial process to
swap out to make room for a new available for execution process. Long-term scheduling deals
Unit 10 Final Project
7
directly with the start of a new process and whether or not to add a new process to already
executing processes (Stallings, 2009). Furthermore, another responsibility of the OS associated
with scheduling involves the use of process priority. A process by definition is the activity of
executing a program, and a process is further defined as a dynamic activity whose properties
change as time progresses (Operating Systems, n.d.). The OS is responsible for managing these
processes and this is accomplished by using a scheduling policy/algorithm. Scheduling
policies/algorithms are used to allocate processor time among all the ready processes. Scheduling
can be preemptive which means that an already running process may be interrupted and moved
to a different state of the OS to make room for a new process, or scheduling can be nonpreemptive which means that a process continues to run until it ends or it blocks itself (Stallings,
2009). Three scheduling strategies consist of: First Come First Serve (FCFS), Shortest Process
next (SPN), and Round Robin (RR) scheduling. First come first serve (FCFS) is based on a
scheduling algorithm that is non-preemptive and is based on the first-in, first-out policy. As its
name suggest this strategy focuses on the next possible process and adds it to the queue for
processing, and then the policy proceeds to select the oldest process next for processing
(Operating Systems, n.d.). Shortest process next (SPN) is also non-preemptive and as its name
suggest it focuses on the process with the shortest expected execution time. In a nut shell when a
process is finished the next process selected will be the one with the shortest expected execution
time (Operating Systems, n.d.). Round robin (RR) is preemptive and involves time slicing for its
process selection strategy. How this works is a clock interrupt at certain time intervals is
performed, and when the interrupt occurs it interrupts the currently running process and replaces
it with a new process (Operating Systems, n.d.). The only drawback to preemption is that in
some processes it allocates unfair processor time to processes, and anytime a policy uses a
Unit 10 Final Project
8
preemptive approach then starvation can take place which can lead to a deadlock situation.
Deadlocks and starvation are terms that I will discuss later under the topic of deadlock
prevention. Now that scheduling has been discussed I can proceed to talk about a related topic
called input and output devices (I/O devices).
A generic input/output device definition is: I/O modules move data between the
computer and its external environment. The external environment consists of a number of
devices including external hard drives, communications equipment, and terminals (Stallings,
2009). I/O devices work with registers, buffers, and with the processor to move data between the
computer and its external environment. Mainly I/O devices exchange data using the processor
which enables the processor to read or write data to an I/O module (Stallings, 2009). In order for
I/O modules and the processor to run effectively certain I/O communication techniques are used.
Three of these techniques are: Programmed I/O, Interrupt-Driven I/O, and Direct Memory
Access (DMA). In the technique using programmed I/O, the I/O module performs the necessary
action for the processor then sets the appropriate bits in the register but does not contact the
processor to inform the processor that the request is completed. So the processor checks
periodically on the I/O status to see if the request is finished (Stallings, 2009). With the
programmed I/O technique the processor consistently interrogates the I/O module to check its
status until the request is completed. This ultimately can cause degradation because the processor
is not busy doing processes, but the processor is busy interrogating the I/O module. With
interrupt-driven I/O the I/O module interrupts the processor to exchange data with the processor.
The only downside to this I/O technique is that it consumes a lot of processor time because every
word request must go through the processor (Stallings, 2009). The best I/O communication
technique is direct memory access (DMA). With direct memory access the processor delegates
Unit 10 Final Project
9
the I/O operation to a DMA module which affords the processor the liberty to perform other
functions. This is a major advancement from the systems of old when the processor had to be
involved with almost all the processes (Direct Memory Access, 2008). Closely related to I/O
modules and CPU usage is the management of processes and threads.
I think that in order to effectively dissect the theory of process and thread management it
would be beneficial to the reader if I defined a process and a thread. A process is defined as a
program in execution that is controlled and scheduled by the operating system. One of the first
things to know about a process is that independent of a computer platform and hardware
resources a process cannot exist. Processes are executed by program code, and a program in
execution uses a process control block to define its processing (Stallings, 2009). Furthermore, a
process control block allows a process to be interrupted and restored to finish the process.
Processes can run at the same time and share the same resources, but the sharing of resources can
lead to an undesirable state that will be more thoroughly mentioned later. Threads are similar to
processes in that they both execute a unit of work, but instead of using a control block like a
process; threads use a program counter and a stack pointer. Furthermore, a thread executes one
bit at a time and is interruptible so that the processor can turn to another thread (Stallings, 2009).
Also, a thread uses a user stack and a kernel stack in its executable state. Two main
characteristics make-up processes and threads: Resource ownership and Scheduling/execution. In
essence a thread resides on top of a process with the ownership equating to the process, and the
scheduling/execution equating to the thread (Stallings, 2009). Another major difference between
processes and threads is processes are more heavily dependent on system resources than threads
(Difference Between…, n.d). Now the actual management of processes and threads is very
complex and extends beyond the scope of what I can produce in this paper; however, what I will
Unit 10 Final Project
10
convey here is that a Windows operating system uses the components mentioned above to
manage processes and threads. The important thing to remember about process and thread
management is that the process claims ownership of resources: main memory, I/O channels, I/O
devices, and files, and in that same remembrance threads claim scheduling/execution. It is the
responsibility of the operating system to make sure that there is a balance between the
ownership/process and scheduling/execution/threads, so that the process and thread interaction is
managed for the greater good of the overall process. Closely related to process and thread
management is deadlock prevention.
I mentioned earlier that processes share resources, and this is mainly done because there
are only so many resources to go around. In the event that a set of processes holds a resource that
other processes need, or two or more competing actions are waiting for the other to finish, then a
deadlock can occur (Wikipedia, 2010). Now in order for a deadlock to occur 4 conditions have to
be present: Mutual Exclusion, Hold and Wait, No Preemption, and Circular Wait (Wikipedia,
2010). Mutual Exclusion states that a resource cannot be used by more than one process at a
time. Hold and Wait states that a process may hold allocated resources while waiting for an
assignment of other resources. No Preemption states that no resource can be forcibly moved
from a process that is holding it. Circular Waits states that a process holds a resource that is
needed by the next process. With these possible outcomes a measure of defense had to be created
to deter deadlocks. Three preventive measures have been created to decrease the percentages of
deadlocks occurring: Deadlock Prevention, Deadlock Avoidance, and Deadlock Detection
(Stallings, 2009). Deadlock prevention is the most restrictive of the three approaches. It attempts
removes the mutual exclusion condition so that no process can acquisition more than one
resource at a time, and it also attempts to have all the processes request all its resources at one
Unit 10 Final Project
11
time. Deadlock avoidance attempts to make the request of resources known in advance, but does
not attempt to hinder any of the first three conditions. Thus, deadlock avoidance requires a fore
knowledge of the requested resources (Stallings, 2009). Deadlock avoidance is a little more
complex than deadlock prevention because it involves safe and unsafe states based on a matrix
mathematical computation. Deadlock detection attempts to constrain resources by setting limits
on a processes ability to retain resources. This approach is more strenuous than the other two
because it checks frequently for any traces of a possible deadlock. It also uses detection
algorithms to check for any signs of a deadlock. The last topic to discuss and that closely related
to deadlock prevention is memory management.
Two types of memory exist in a computer system: main memory and secondary
memory/virtual memory. Main memory is memory that is internal to the computer system, is
program addressable, and can be loaded into registers for subsequent execution or processing.
Virtual memory by definition is the storage space that may be regarded as addressable main
storage by the user of a computer system in which virtual addresses are mapped into real
addresses (Stallings, 2009). Main memory claims the initial workload of storage; however,
virtual memory is a secondary storage area that makes a contribution to the work load of the
main memory. For example, when a process needs to be stored in the main memory and main
memory has no more space available for additional bits then the virtual memory (secondary
memory) storage area can be used to hold the data until space becomes available in main
memory. The older systems did not use virtual memory because the processors on which the
system ran did not support paging and segmenting. Paging is a process that is used with virtual
memory which uses a page table that contains information that identifies it in virtual or main
Unit 10 Final Project
12
memory. When all the page table entry information is loaded into main memory most often from
virtual memory, then a page table for a process is created (Stallings, 2009).
Now that virtual memory, paging, and page table entries have been lightly defined there
is a need to mention a special cache storage location known as translation lookaside buffer
(TLB). This cache is used by virtual memory to store page table entries that are in route to main
memory, and that have been most recently used (Stallings, 2009). The translation lookaside
buffer helps with the addressing scheme used by virtual memory and main memory to utilize
space available for processes. A process can be defined as a program in execution which is
controlled and scheduled by the operating system (Stallings, 2009). Processes can be broken
down into smaller chunks called pages, and memory can be divided into smaller chunks called
frames (Stallings, 2009). So a process is to paging, like memory is to frames. Thus by the
associative property we ultimately have paging and frames that make-up the foundation of the
work load of main memory and virtual memory. All of these interactions encompass the
essentials of memory management and the most important thing to remember here is that virtual
memory shares the workload of main memory to effectively manage memory.
A lot of information has been covered but it was necessary to try to grasp the concept of
all the interactions that take place in a Windows operating system, as well as, grasping the
concept of the vulnerabilities of a Windows operating system. The list covered consisted of:
security threats (which includes viruses, bots, attacks, and worms), security techniques to prevent
malware threats, file system and file management, data protection techniques, scheduling, input
and output devices, process and thread management, deadlock prevention, and memory
management. All of these integrated component interactions encompass the design of a Windows
operating system. Security threats were introduced because they are a reality in the computer
Unit 10 Final Project
13
world, and malware prevention was covered to inform the reader of what is available to avoid
these attacks. I forge on to mention that NTFS has more features than FAT 32 for a file system
and file management. Furthermore, data protection is important because no matter what type of
file system is used the files/data must be protected. Scheduling was mention because it is
important that all the processes get adequate processing time for processes to run smoothly. I/O
modules are significant because they interact directly with the processor to complete task, and as
we learned MDA is the most effect technique because it frees the processor to do other jobs
while multiple processes are processing. I proceeded on to mention process and thread
management making sure to mention that the process side claims ownership while the thread side
claims scheduling. In complete conclusion deadlock prevention and memory management work
hand in hand because if the memory management uses virtual memory to manage the workload
of main memory, then for the most part the chances of a deadlock occurring will be reduced.
Unit 10 Final Project
14
References
Bradley, T. (2010). What Is a Bot? or Zombie? Retrieved October 4, 2010, from
http://netsecurity.about.com/od/frequentlyaskedquestions/qt/pr_bot.htm.
Difference Between Thread and Process. (2010). Retrieved August 23, 2010, from
http://www.differencebetween.net/miscellaneous/difference-between-thread-an-process/
Direct Memory Access (DMA). (2008). Retrieved October 4, 2010, from
http://www.bukisa.com/articles/705_direct-memory-access-dma.
Gibson Research Corporation. (2010). Retrieved September 21, 2010, from
https://www.grc.com/x/ne.dll?bh0bkyd2.
NTFS vs FAT. (2010). Retrieved September 14, 2010, from
http://www.ntfs.com/ntfs_vs_fat.htm.
Operating Systems. (n.d.). Processes. Retrieved October 4, 2010, from
http://courses.cs.vt.edu/~csonline/OS/Lessons/Processes/index.html.
Parsons, Oja. (2010). Computer Concepts 2010. Boston: Cengage Learning.
Stallings, W. (2009). Operating Systems Internals and Design Principles. New Jersey: Pearson
Prentice Hall.
Web definitions for Disk Cleanup. (n.d.). Retrieved September 14, 2010, from
http://www.google.com/search?sourceid=navclient&aq=0&oq=what+is+disk+&ie=UTF8&rlz=1T4ACGW_en___US369&q=what+is+disk+cleanup.
Wikipedia. (2010). Deadlock. Retrieved August 23, 2010, from
http://en.wikipedia.org/wiki/Deadlock.
Wikipedia. (2010). RAID. Retrieved October 4, 2010, from http://en.wikipedia.org/wiki/RAID.
WiseGEEK. (2010). What is Malware? Retrieved October 4, 2010, from
http://www.wisegeek.com/what-is-malware.htm.
Related documents
Course number and name CSC 345 – Operating Systems Credits
Course number and name CSC 345 – Operating Systems Credits
No Slide Title
No Slide Title
I. Course code and Title OPERATING SYSTEM CONCEPTS II
I. Course code and Title OPERATING SYSTEM CONCEPTS II
JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY
JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY
Document
Document
CSC 386 Operating Systems Concepts
CSC 386 Operating Systems Concepts
08 Operating System Support
08 Operating System Support
Chapter 2 – Operating System Overview
Chapter 2 – Operating System Overview
Chapter09-OSedition7Final
Chapter09-OSedition7Final
CMP2204 Operating System Technologies
CMP2204 Operating System Technologies
Operating System Overview
Operating System Overview
Multi-processor and Real
Multi-processor and Real
W. Stallings, Operating Systems Internal and Design Principles
W. Stallings, Operating Systems Internal and Design Principles