UNIT - III

Multiprocessing
 Multiprocessing refers to a computer system's ability to supportmore than one process (program) at
the same time.
 Multiprocessing operating systems enable several programs to run concurrently.
 UNIX is one of the most widely used multiprocessing systems, but there are many others,
including OS/2 for high-end PCs.

 Multiprocessor operating system means different types of jobs/tasks are performing with
more than one Central Processing Units in one computer. In this case, all CPUs are in
communication, means that they can share different types of computer system peripherals like
memory, bus, some I/O devices. Hence, this type of computer systems is also known as Tightly
coupled systems or Symmetric Systems.
 To process huge data with high speed, we use this type of computer systems. Ex: Satellite
control systems, Weather forecasting systems.
 Multiprocessing systems are much more complicated than single-process systems because the
operating system must allocate resources to competing processes in a reasonable manner.
 multiprocessing refers to the hardware (i.e., the CPU units) rather than the software (i.e., running
processes).
Anyway, a system can be both multiprogrammed by having multiple programs running at the same
time and multiprocessing by having more than one physical processor.
Mainly there are 3 types of problems with multiprocessor system. Namely, Locking System, Shared
Data and False Sharing. Let us discuss these terms one by one.

Locking System:
Locks will help us to write the correct code of statements for multiprocessors. As per multiprocessor
concept, it should increase the total performance by executing different tasks concurrently on different
CPUs. That means to provide safe access to the shared resources among multiple processors. Locks
provide us serializable access.
Shared Data:
Cache coherence protocol allows multiprocessors to access the shared data as serializable manner.
Delays in serialization will impact on system performance. Cache coherence traffic and interconnection
network may also reduce the system performance. It can be eliminated by avoiding the sharing of data.

False Sharing:
This type of problem comes when unrelated data items used by different processors which are located
next to each other in memory and sharing a single cache line(memory is stored within the cache system in
units is known as a cache line). False sharing comes when threads on different processors try to modify
variables that reside on the same cache line. It is a popular performance issue on SMP(Symmetrical Multi-
Processing) systems.

Multiprogramming
In a multiprogramming system there are one or more programs loaded in main memory which are ready
to execute.
 Only one program at a time is able to get the CPU for executing its instructions (i.e., there is at
most one process running on the system) while all the others are waiting their turn.

 The main idea of multiprogramming is to maximize the use of CPU time. Indeed, suppose the
currently running process is performing an I/O task (which, by definition, does not need the CPU to
be accomplished). Then, the OS may interrupt that process and give the control to one of the other
in-main-memory programs that are ready to execute (i.e. process context switching).
 In this way, no CPU time is wasted by the system waiting for the I/O task to be completed, and a
running process keeps executing until either it voluntarily releases the CPU or when it blocks for an
I/O operation. Therefore, the ultimate goal of multiprogramming is to keep the CPU busy as long
as there are processes ready to execute.
Note that in order for such a system to function properly, the OS must be able to load multiple
programs into separate areas of the main memory and provide the required protection to avoid the
chance of one process being modified by another one.
 Other problems that need to be addressed when having multiple programs in memory
is fragmentation as programs enter or leave the main memory. Another issue that needs to be
handled as well is that large programs may not fit at once in memory which can be solved by
using pagination and virtual memory.

Question: What are the differences between multiprocessing and

multiprogramming?

Answer: Following are the differences between multiprocessing and

multiprogramming.
Sr. Multiprocessing Multiprogramming
No.

1 Multiprocessing refers to processing of Multiprogramming keeps several programs in

multiple processes at same time by main memory at the same time and execute them
multiple CPUs. concurrently utilizing single CPU.

2 It utilizes multiple CPUs. It utilizes single CPU.

3 It permits parallel processing. Context switching takes place.

4 Less time taken to process the jobs. More Time taken to process the jobs.

5 It facilitates much efficient utilization of Less efficient than multiprocessing.

devices of the computer system.

6 Usually more expensive. Such systems are less expensive.

FAULT TOLERANCE

Fault tolerance refers to the ability of a system (computer, network, cloud cluster, etc.) to continue
operating without interruption when one or more of its components fail.

Fault-tolerant systems use backup components that automatically take the place of failed components,
ensuring no loss of service.
Two main reasons for the occurrence of a fault.
1. Node Failure : Hardware OR Software Failure
2. Malicious Error : Caused by unauthorized access
3.
Need of fault tolerance:
Fault Tolerance is needed in order to provide 3 main feature in operating systems.

1. Reliability: focuses on a continuous service without any interruptions.

2. Availability: concerned with read readyness of the system.
3. Security: prevents any unauthorized access.
Examples: patient monitoring systems, flight control systems, banking services etc.

Phases in the fault tolerance:

implementation of a fault tolerance technique depends on the design, configuration and application of a
operating system.
1. Fault Detection : constantly monitoring the performance and comparing it with expected outcome.
fault is reported if there is a deviation from expected outcome.
 2. Fault Diagnosis : done to understand the nature of the fault and possible root cause.
3. Evidence Generation : report generated based on the outcome of the fault diagnosis.
4. Assessment : understanding the extent of the damage caused by the faulty component.
5. Recovery : making the system fault free and restoring it to a consistent state: forward and backward
recovery.

Design for Fault Tolerance

1. Power Failure - Have the computer or network device running on a UPS. In the event of a
power outage, make sure the UPS can notify an administrator and properly turn off the
computer after a few minutes if the power is not restored.
2. Power Surge - If no UPS is connected to the computer or the UPS does not
provide surge protection, connected devices are not protected. We recommend a surge protector
to help protect in the event of a power surge.
3. Data loss - Run backups daily or at least monthly on the computer if important information is
stored on it. Create a mirror of the data on an alternate location.
4. Device or Computer failure - Have a second device, computer, or computer components
available in the event of failure to prevent a long down time.
5. Unauthorized access - If connected to a network, set up a firewall.
6. Frequently check for updates - Make sure the operating system and any running programs
have the latest updates.
7. Lock device or password protect computer - When not in use lock the computer and store the
computer or network device in a secure area.
8. Overload - Setup an alternate computer or network device that can be used as an alternative
access point or can share the load either through a load balancing or round robin setup.
9. Virus - Make sure the computer has updated virus definitions.

RAID( Redundant Array of Independent/ Inexpensive Disks)

RAID (redundant array of independent disks; originally redundant array of inexpensive disks) is a
way of storing the same data in different places on multiple hard disks to protect data in the case of
a drive failure.

In this case 'array' means a bunch of disks working together for two main reasons

— to keep your data safe,

--- provide you with faster data access.

RAID works by placing data on multiple disks and allowing input/output (I/O) operations to overlap in a
balanced way, improving performance. Because the use of multiple disks increases the Mean Time
Between Failures (MTBF), storing data redundantly also increases fault tolerance.
RAID levels
 RAID 0 – striping
 RAID 1 – mirroring
 RAID 5 – striping with parity
 RAID 6 – striping with double parity
 RAID 10 – combining mirroring and striping

RAID 0:

This configuration has striping, but no redundancy of data. It offers the best performance, but no
fault tolerance.

Advantages

 RAID 0 offers great performance, both in read and write operations. There is no overhead caused
by parity controls.
 All storage capacity is used, there is no overhead.
 The technology is easy to implement.

Disadvantages

 RAID 0 is not fault-tolerant. If one drive fails, all data in the RAID 0 array are lost. It should not be
used for mission-critical systems.
RAID level 1 – Mirroring
Data are stored twice by writing them to both the data drive (or set of data drives) and a mirror drive (or set
of drives). If a drive fails, the controller uses either the data drive or the mirror drive for data recovery and
continues operation. You need at least 2 drives for a RAID 1 array.

Advantages

 RAID 1 offers excellent read speed and a write-speed that is comparable to that of a single drive.
 In case a drive fails, data do not have to be rebuild, they just have to be copied to the replacement
drive.
 RAID 1 is a very simple technology.

Disadvantages

 The main disadvantage is that the effective storage capacity is only half of the total drive capacity
because all data get written twice.

RAID 2: This configuration uses striping across disks, with some disks storing error checking and
correcting (ECC) information. It has no advantage over RAID 3 and is no longer used

RAID 3: This technique uses striping and dedicates one drive to storing parity information. The embedded
ECC information is used to detect errors. Data recovery is accomplished by calculating the exclusive OR
(XOR) of the information recorded on the other drives.
RAID 4 and RAID 5 : stripes with parity
RAID 4 and RAID 5 volumes are similar to stripe (RAID 0) volumes in that they spread the file data across
all the disks used for a volume. However, RAID 4 and RAID 5 volumes generate and store parity
information for data saved to them. This parity information can be used to recreate the data on a disk which
has failed.

Parity information is created for each block of file data and written to the volume's disks (see below for
the way RAID 4 and RAID 5 do this differently). Parity information for a block of data is calculated by
summing all the data on each disk for that block.

RAID level 6 – Striping with double parity

RAID 6 is like RAID 5, but the parity data are written to two drives. That means it requires at least
4 drives and can withstand 2 drives dying simultaneously.

Advantages

 Like with RAID 5, read data transactions are very fast.

 If two drives fail, you still have access to all data, even while the failed drives are being replaced.
So RAID 6 is more secure than RAID 5.
Disadvantages

 Write data transactions are slower than RAID 5 due to the additional parity data that have to be
calculated. In one report I read the write performance was 20% lower.
 This is complex technology. Rebuilding an array in which one drive failed can take a long time.

RAID 10 (RAID 1+0): Combining RAID 1 and RAID 0, this level is often referred to as RAID 10, which
offers higher performance than RAID 1, but at a much higher cost. In RAID 1+0, the data is mirrored and
the mirrors are striped.

Advantages

 If something goes wrong with one of the disks in a RAID 10 configuration, the rebuild time is very
fast since all that is needed is copying all the data from the surviving mirror to a new drive. This
can take as little as 30 minutes for drives of 1 TB.

Disadvantages

 Half of the storage capacity goes to mirroring, so compared to large RAID 5 or RAID 6 arrays, this
is an expensive way to have redundancy.
 Security
Security refers to providing a protection system to computer system resources such as CPU,
memory, disk, software programs and most importantly data/information stored in the computer
system.
If a computer program is run by an unauthorized user, then he/she may cause severe damage to
computer or data stored in it.
So a computer system must be protected against unauthorized access, malicious access to system
memory, viruses, worms etc.
Security management monitoring some of the following areas:

 Authentication
 One Time passwords
 Program Threats
 System Threats
 Computer Security Classifications
Authentication
Authentication refers to identifying each user of the system and associating the executing programs with
those users. It is the responsibility of the Operating System to create a protection system which ensures
that a user who is running a particular program is authentic. Operating Systems generally
identifies/authenticates users using following three ways −

 Username / Password − User need to enter a registered username and password with Operating
system to login into the system.

 User card/key − User need to punch card in card slot, or enter key generated by key generator in
option provided by operating system to login into the system.

 User attribute - fingerprint/ eye retina pattern/ signature − User need to pass his/her attribute
via designated input device used by operating system to login into the system.

One Time passwords

One-time passwords provide additional security along with normal authentication. In One-Time Password
system, a unique password is required every time user tries to login into the system. Once a one-time
password is used, then it cannot be used again. One-time password are implemented in various ways.

 Random numbers − Users are provided cards having numbers printed along with corresponding
alphabets. System asks for numbers corresponding to few alphabets randomly chosen.

 Secret key − User are provided a hardware device which can create a secret id mapped with user
id. System asks for such secret id which is to be generated every time prior to login.
  Network password − Some commercial applications send one-time passwords to user on
registered mobile/ email which is required to be entered prior to login.

Program Threats
Operating system's processes and kernel do the designated task as instructed. If a user program made these
process do malicious tasks, then it is known as Program Threats. One of the common example of
program threat is a program installed in a computer which can store and send user credentials via network
to some hacker. Following is the list of some well-known program threats.

 Trojan Horse − Such program traps user login credentials and stores them to send to malicious
user who can later on login to computer and can access system resources.

 Trap Door − If a program which is designed to work as required, have a security hole in its code
and perform illegal action without knowledge of user then it is called to have a trap door.

 Logic Bomb − Logic bomb is a situation when a program misbehaves only when certain conditions
met otherwise it works as a genuine program. It is harder to detect.

 Virus − Virus as name suggest can replicate themselves on computer system. They are highly
dangerous and can modify/delete user files, crash systems. A virus is generatlly a small code
embedded in a program. As user accesses the program, the virus starts getting embedded in other
files/ programs and can make system unusable for user

System Threats
System threats refers to misuse of system services and network connections to put user in trouble. System
threats can be used to launch program threats on a complete network called as program attack. System
threats creates such an environment that operating system resources/ user files are misused. Following is
the list of some well-known system threats.

 Worm − Worm is a process which can choked down a system performance by using system
resources to extreme levels. A Worm process generates its multiple copies where each copy uses
system resources, prevents all other processes to get required resources. Worms processes can
even shut down an entire network.

 Port Scanning − Port scanning is a mechanism or means by which a hacker can detects system
vulnerabilities to make an attack on the system.

 Denial of Service − Denial of service attacks normally prevents user to make legitimate use of the
system. For example, a user may not be able to use internet if denial of service attacks browser's
content settings.
FIRE WALL
A firewall is a system designed to prevent unauthorized access to or from a private network. You can
implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent
unauthorized internetusers from accessing private networks connected to the internet, especially intranets.
All messages entering or leaving the intranet (the local network to which you are connected) must pass
through the firewall, which examines each message and blocks those that do not meet the specified security
criteria
Firewall is a network security device, either hardware or software based, which monitors all incoming and
outgoing traffic and based on defined set of security rules it accept, reject or drop that specific traffic.
Accept : allow the traffic
Reject : block the traffic but reply with an “unreachable error”
Drop : block the traffic with no reply

A firewall can serve the following functions:

1- Limit Internet access to e-mail only, so that no other types of information can pass between the
intranet and the Internet
2- Control who can telnet into your intranet (a method of logging in remotely)
3- Limit what other kinds of traffic can pass between your intranet and the Internet .

Types of firewalls

1. Packet filtering: The system examines each packet entering or leaving the network and accepts or
rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but
it is difficult to configure.

2. Circuit-level gateway implementation: This process applies security mechanisms when a TCP
connection is established. Once the connection has been made, packets can flow between the hosts
without further checking.

3. Acting as a proxy server: A proxy server is a type of gateway that hides the true network address
of the computer(s) connecting through it. A proxy server connects to the internet, makes the
requests for pages, connections to servers, etc., and receives the data on behalf of the computer(s)
 behind it. The firewall capabilities lie in the fact that a proxy can be configured to allow only
certain types of traffic to pass (e.g.,HTTP files, or web pages).

4. Web application firewall: A web application firewall is a hardware appliance, server plug-in, or
some other software filter that applies a set of rules to a HTTP conversation. Such rules are
generally customized to the application so that many attacks can be identified and blocked.

SERVER ROLES
A network or network infrastructure is the grouping of hardware devices and software components needed
to connect devices within an organization and to connect the organization to other organizations and the
Internet.

The network infrastructure’s physical hardware and logical components are needed to provide a number of
features for the network, including connectivity, routing and switching capabilities, network security, and
access control.

The network or network infrastructure has to exist before a number of servers needed to support
applications that users need can be deployed into a networking environment.

servers can be configured to perform a number of roles. The applications that the server is running specify
the particular server’s role.

A few common server roles are listed below:

Domain controller: used to manage domains and domain objects; provides user authentication through
Active Directory.

File server: provides access to files stored on the server.

Print server: provides network printing functionality.

DHCP server: allocates IP addresses and provides configuration information to clients. Dynamic Host
Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign
an IP address to a computer from adefined range of numbers (that is, a scope) configured for a given
network.

DNS server: resolves IP addresses to domain names.

Mail server: provides incoming (POP3) and outgoing (SMTP) e-mail services.

Application server: makes distributed applications and Web applications available to clients.

Terminal server: allows clients to access applications running on the server.

Remote access/VPN server: provides remote access to machines through dial-up connections and virtual
private networks (VPNs).

Streaming media server: provides Windows Media Services so that clients can access streaming audio
and video.
Active Directory

Active Directory stores information about network resources and makes these resources accessible to users,
computers and applications by uniquely identifying them on the network.

It provides mechanisms for naming, describing, locating, accessing, managing and securing network
resources.

Active Directory also allows for the central management of the Windows Server 2003 network, and for the
delegation of administrative control over Active Directory objects, such as user data, printers, servers,
databases, groups, computers and security principals and security policies that are stored in the directory.

Active Directory provides the following network services:

 Lightweight Directory Access Protocol (LDAP) – An open standard used to access other directory
services
 Hierarchical and internal storage of organizational data in a centralized location for faster access
and better network administration
 Data availability in multiple servers with concurrent updates to provide better scalability.

WORK GROUP
Computers on a network can be part of a workgroup or a domain. Computers on home networks are usually
part of a workgroup, and computers on workplace networks are usually part of a domain.
In a workgroup:
 All computers are peers; no computer has control over another computer.
 Each computer has a set of user accounts. To log on to any computer in the workgroup, you must have
an account on that computer.
 There are typically no more than twenty computers.
 A workgroup is not protected by a password.
 All computers must be on the same local network or subnet.
every user must have an account on each of the workgroup’s computers that they require access to. These
settings and access are managed by each computer’s user.

DOMAIN
Computers on a network can be part of a workgroup or a domain.

A domain, on the other hand, is a client/server network in which the security and resource management is
centralized. This means that a singular administration has control over the domain and allows which users
have access to which files.
In a domain:
 One or more computers are servers. Network administrators use servers to control the security and
permissions for all computers on the domain. This makes it easy to make changes because the changes
 are automatically made to all computers. Domain users must provide a password or other credentials
each time they access the domain.
 If you have a user account on the domain, you can log on to any computer on the domain without
needing an account on that computer.
 You probably can make only limited changes to a computer's settings because network administrators
often want to ensure consistency among computers.
 There can be thousands of computers in a domain.
 The computers can be on different local networks.

Difference Between Workgroup And Domain

Workgroup Domain

Network type Peer-to-peer Windows computer network Client/server network

User can log on at any

User needs to have separate log in id and
Log in workstation via their account
password at each workstation
and access domain resources

There can be up to 2000

Workstations Computers are limited to maximum 10
computers

One administrator to administer

Each user controls the resources and
Administrator the domain and its users and
security locally on their PC's
resources.

The computers can be on

All computers must be on the same local
Location different local networks, i.e.
network or subnet.
anywhere in the world.

One can make only limited

Each user controls the settings on their
Computer's settings
own computer. No central settings.
changes to a computer's settings
because network administrators
often want to ensure consistency
among computers.

Each computer must be changed manually Changes made to one are

Changes or once changed must be transferred to automatically made to all
each computer. computers

User needs to have separate log in id and

Domain users must provide a
Security password at each workstation, but once
password or other credentials
logged in can access the computer.
each time they access the
domain.