Professional Documents
Culture Documents
(UGC-AUTONOMOUS)
Department of Computer Science & Technology
Course Name: Operating Systems Fundamentals for Security
Course Code: 20CSC107
UNIT 1
4. Consider the following five processes, with the length of the CPU burst time given in
milliseconds. Process Burst time P1 8, P2 6, P3 1, P4 9, P5 3 .Consider the First come First serve
(FCFS), Non Preemptive Shortest Job First (SJF) Illustrate the scheduling using Gantt chart.
Which algorithm will give the minimum average waiting time, throughput and turnaround time ?
Discuss.
5. Define operating system and list out the function and component of operating system.
6. Consider the following five processes, with the length of the CPU burst time given in
milliseconds. Process Burst time P1 10, P2 29, P3 3, P4 7, P5 12 .Consider the First come First
serve (FCFS), Round Robin(RR) (quantum=10ms) scheduling algorithms. Illustrate the
scheduling using Gantt chart. Which algorithm will give the minimum average waiting time?
Discuss.
9. Write short note (i)Process Management (ii) Memory Management (iii) Security and
Protection.
UNIT – II
1. What is the important feature of critical section? State the dining philosopher’s problem and
show how to allocate the several resources among several processes in a deadlock and starvation
free manner
UNIT III
4. Disk head is start at 53.. The queue of pending request is, 98,183, 37,122,14,124,65,67. -
FCFS , SSTF,SCAN,C-SCAN, LOOK
10. When page faults will occur? Describe the actions taken by operating system during page
fault in detail.
UNIT – IV
6. Write short on (i) STRIDE threat model (ii) Octave threat model.
7. Define threat. Explain the significance of creating threat model in system design.
8. Write short note on (i)Bell la padula Model (ii) Biba Integrity Model
10. Explain briefly about threats and different threat models in detail.
UNIT – V:
2. Write a short note on a) Various attacks on Mobile Systems b) security issues of Pervasive
Computing
4. Explain various security issues and attacks present in Pervasive Computing, wireless network
systems.
8. Discuss the security issues and attacks on different types of operating systems.
10. Define Fault tolerance. Explain different fault tolerant issues in detail.
1 MARK:
UNIT 1
1. Process creation
2. Process scheduling or dispatching
3. Blocking
4. Preemption
5. Termination
Switching the CPU to another process requires saving the state of the old process and loading the
saved state for the new process. This task is known as context switch.
The benefits of multithreaded programming can be broken down into four major categories:
• Responsiveness
• Resource sharing
• Economy
• Utilization of multiprocessor architectures
Application Program
System Program
Operating System
Computer Hardware
Device Queue: The list of processes waiting for particular I/O device is called a device queue.
Job Queue: As process enters the system they are put into job queue.
Ready Queue: The processes that are residing in the main memory and are ready and waiting to
execute are kept in the queue.
UNIT –II
A semaphore 'S' is a synchronization tool which is an integer value that, apart from initialization,
is accessed only through two standard atomic operations; wait and signal .Semaphores can be
used to deal with the n-process critical section problem. It can be also used to solve various
Synchronization problems.
Under the normal mode of operation, a process may utilize a resource in only the following
sequence:
Request: If the request cannot be granted immediately, then the requesting process must wait
until it can acquire the response.
Use: The process can operate on the resource.
Release: The process releases the resource
3. What are the requirements that a solution to the critical section problem must satisfy?
The three requirements are
• Mutual exclusion
• Progress
• Bounded waiting
4. What are the conditions under which a deadlock situation may arise?
A deadlock situation can arise if the following four conditions hold simultaneously in a system:
• Mutual exclusion
• Hold and wait
• No pre-emption
• Circular wait
5. What is a semaphore?
A semaphore 'S' is a synchronization tool which is an integer value that, apart from initialization,
is accessed only through two standard atomic operations; wait and signal .Semaphores can be
used to deal with the n-process critical section problem. It can be also used to solve various
Synchronization problems.
6. Define Deadlock
A process requests resources; if the resources are not available at that time, the process enters a
wait state. Waiting processes may never again change state, because the resources they have
requested are held by other waiting processes. This situation is called a deadlock.
Multi threading is a widespread programming and execution model that allows multiple threads
to exist within the context of one process. These threads share the process's resources, but are
able to execute independently.
Deadlocks can be described more precisely in terms of a directed graph called a system resource
allocation graph. This graph consists of a set of vertices V and a set of edges E. The set of
vertices V is partitioned into two different types of nodes; P the set consisting of all active
processes in the system and R the set consisting of all resource types in the system.
A deadlock situation can arise if the following 4 condition hold simultaneously in a system.
Mutual Exclusion
Hold and Wait
No preemption
Circular Wait
UNIT III
1. Define Swapping?
2. What is Compaction?
Compaction is a process in which the free space is collected in a large memory chunk to make
some space available for processes. In memory management, swapping Creatings multiple
fragments in the memory because of the processes moving in and out. Compaction refers to
combining all the empty spaces together and processes.
3. Define demand paging in memory management.
In virtual memory systems, demand paging is a type of swapping in which pages of data are not
copied from disk to RAM until they are needed.
4. Determine the most common schemes for defining the logical structure of a directory?
The most common schemes for defining the logical structure of a directory
Single-Level Directory
Two-level Directory
Tree-Structured Directories
Acyclic-Graph Directories
General Graph Directory
5. What are the common strategies to select a free hole from a set of available holes?
Page Fault A page fault occurs when a program attempts to access a block of memory that is not
stored in the physical memory, or RAM. The fault notifies the operating system that it must
locate the data in virtual memory, then transfer it from the storage device, such as an HDD or
SSD, to the system RAM.
For some page replacement algorithms, the page fault rate may increase as the number of
allocated frames increases
UNIT IV
This model provide no of different policies that can selected based on need.
3. Define OS security.
Operating system security (OS security) is the process of ensuring OS integrity, confidentiality
and availability. OS security refers to specified steps or measures used to protect the OS from
threats, viruses, worms, malware or remote hacker intrusions.
4. List out some the information flow models for both confidentiality and integrity.
A protection domain specifies the set of resources (objects) that a process can access
and the operations that the process may use to access such resources.
6. What are the different methods are used to create to threat model?
A reference monitor is the classical access enforcement mechanism It takes a request as input,
and returns a binary response indicating whether the request is authorized by the reference
monitor’s access control policy.
UNIT V
Fault tolerance is a process that enables an operating system to respond to a failure in hardware
or software. This fault-tolerance definition refers to the system’s ability to continue operating
despite failures or malfunctions.
1. Information gathering
• Become familiar with system’s functioning
2. Flaw hypothesis
• Draw on knowledge to hypothesize vulnerabilities
3. Flaw testing
• Test them out
4. Flaw generalization
• Generalize vulnerability to find others like it
5. (maybe) Flaw elimination
• Testers eliminate the flaw (usually not included)
3. What are the different OS issues related to internet?
Hacker
Malware
Computer virus
Trojan horse
Worm
Phishing
Spyware
An operating system in which there exists a level of confidence (based on rigorous analysis and
testing) that the security principals and mechanisms (e.g., separation, isolation, least privilege,
discretionary and non-discretionary access control, trusted path, authentication, and security
policy enforcement) are correctly implemented and operate as intended even in the presence of
adversarial activity.
Intruders are the attackers who attempt to breach the security of a network. They attack the
network in order to get unauthorized access. Intruders are of three types,
namely, masquerader, misfeasor and clandestine user.
The Virus attaches itself to executable files and transfers from one system to the other.
A Worm is a malicious program that replicates itself and can spread to different computers via
Network.
Merits:
Demerits:
Invalid proprietary apps to Apple or Microsoft
No user guide
Malware
Denial of Service
Emotet
Phishing
Passwords attacks
Phishing
SQL Injection