Professional Documents
Culture Documents
You will be able to describe: • File Manager controls every file in system
• The security ramifications of access control • Efficiency of File Manager depends on:
techniques and how they compare – How system’s files are organized (sequential, direct,
• The role of data compression in file storage or indexed sequential)
– How they’re stored (contiguously, noncontiguously,
or indexed)
– How each file’s records are structured (fixed-length
or variable-length)
– How access to these files is controlled
1
The File Manager (continued) The File Manager (continued)
• User communicates with File Manager via specific • Each logical command is broken down into
commands that may be: sequence of low-level signals that
– Embedded in the user’s program – Trigger step-by-step actions performed by device
• OPEN, CLOSE, READ, WRITE, and MODIFY – Supervise progress of operation by testing status
– Submitted interactively by the user • Users don’t need to include in each program the
• CREATE, DELETE, RENAME, and COPY low-level instructions for every device to be used
• Commands are device independent • Users can manipulate their files by using a simple
– User doesn’t need to know its exact physical location set of commands (e.g., OPEN, CLOSE, READ,
on disk pack or storage medium to access a file WRITE, and MODIFY)
2
Typical Volume Configuration Typical Volume Configuration
(continued) (continued)
• Master file directory (MFD): Stored immediately • Disadvantages of a single directory per volume
after volume descriptor and lists: as supported by early operating systems:
– Names and characteristics of every file in volume – Long time to search for an individual file
• File names can refer to program files, data files, – Directory space would fill up before the disk storage
and/or system files space filled up
– Subdirectories, if supported by File Manager – Users couldn’t create subdirectories
– Remainder of the volume used for file storage – Users couldn’t safeguard their files from other users
– Each program in the directory needed a unique
name, even those directories serving many users
Subdirectories: Subdirectories:
• Semi-sophisticated File Managers create MFD • Today’s File Managers allow users to create
for each volume with entries for files and subdirectories (Folders)
subdirectories – Allows related files to be grouped together
• Subdirectory created when user opens account to • Implemented as an upside-down tree
access computer – Allows system to efficiently search individual
• Improvement from single directory scheme directories
• Still can’t group files in a logical order to improve • Path to the requested file may lead through several
accessibility and efficiency of system directories
3
File Naming Conventions File Organization
• Absolute filename (complete filename): Long • All files composed of records that are of two types:
name that includes all path info – Fixed-length records: Easiest to access directly
• Relative filename: Short name seen in directory • Ideal for data files
listings and selected by user when file is created • Record size critical
• Length of relative name and types of characters – Variable-length records: Difficult to access directly
allowed is OS dependent
• Don’t leave empty storage space and don’t truncate
• Extension: Identifies type of file or its contents any characters
– e.g., BAT, COB, EXE, TXT, DOC • Used in files accessed sequentially (e.g., text files,
• Components required for a file’s complete name program files) or files using index to access records
depend on the operating system • File descriptor stores record format
• Sequential record organization: Records are • Direct record organization: Uses direct access
stored and retrieved serially (one after the other) files; can be implemented only on direct access
– Easiest to implement storage devices
– File is searched from its beginning until the requested – Allows accessing of any record in any order without
record is found having to begin search from beginning of file
– Optimization features may be built into system to – Records are identified by their relative addresses
speed search process (addresses relative to beginning of file)
• Select a key field from the record
• These logical addresses computed when records are
– Complicates maintenance algorithms stored and again when records are retrieved
• Original order must be preserved every time records are
added or deleted – Use hashing algorithms
4
Physical File Organization (continued) Physical File Organization (continued)
5
Noncontiguous Storage (continued) Noncontiguous Storage (continued)
• File extents are linked in following ways: • Advantage of noncontiguous storage:
• Linking at storage level: – Eliminates external storage fragmentation and need
– Each extent points to next one in sequence for compaction
– Directory entry consists of filename, storage location However:
of first extent, location of last extent, and total – Does not support direct access because no easy
number of extents, not counting first way to determine exact location of specific record
• Linking at directory level:
– Each extent listed with its physical address, size,
and pointer to next extent
– A null pointer indicates that it's the last one
6
Access Methods Access Methods (continued)
7
Levels in a File Management System
Access Control Verification Module
(continued)
• Verification occurs at every level of the file • Each file management system has its own method
management system: to control file access
– Directory level: file system checks to see if the • Types:
requested file exists – Access control matrix
– Access control verification module determines – Access control lists
whether access is allowed
– Capability lists
– Logical file system checks to see if the requested
– Lockword control
byte address is within the file’s limits
– Device interface module checks to see whether the
storage device exists
• Contains the name of only those users who may • Lists every user and the files to which each has access
use file; those denied any access are grouped • Can control access to devices as well as to files
under “WORLD”
• List is shortened by putting users into categories:
– SYSTEM: personnel with unlimited access to all files
– OWNER: Absolute control over all files created in
own account
– GROUP: All users belonging to appropriate group
have access
– WORLD: All other users in system
Table 8.3: Capability Lists
8
Lockwords Data Compression
• Lockword: similar to a password but protects a • A technique used to save space in files
single file • Methods for data compression:
• Advantages: – Records with repeated characters: Repeated
– Requires smallest amount of storage for file characters are replaced with a code
protection • e.g., ADAMSbbbbbbbbbb => ADAMSb10
• Disadvantages: 300000000 => 3#8
– Can be guessed by hackers or passed on to – Repeated terms: Compressed by using symbols to
unauthorized users represent most commonly used words
• e.g., in a university’s student database common words
– Generally doesn’t control type of access to file
like student, course, grade, & department could each
• Anyone who knows lockword can read, write, execute, be represented with single character
or delete file
Case Study: File Management in Linux Case Study: File Management in Linux
(continued) (continued)
9
Summary Summary (continued)
• The File Manager controls every file in the system • Each level of file management system is
• Processes user commands (read, write, modify, implemented with structured and modular
create, delete, etc.) to interact with any other file programming techniques
• Manages access control procedures to maintain the • Verification occurs at every level of the file
integrity and security of the files under its control management system
• File Manager must accommodate a variety of file • Data compression saves space in files
organizations, physical storage allocation schemes,
record types, and access methods • Linux specifies five types of files used by the
system
• VFS maintains an interface between system calls
related to files and the file management code
ITP109 (Platform Technologies) ITP109 (Platform Technologies)
10