Professional Documents
Culture Documents
Ebook csc204
Ebook csc204
EBook CSC204
PRACTICAL APPROACH
OF
OPERATING SYSTEMS
SECOND EDITION
MAZLAN OSMAN
PAKA PRINTING
Practical Approach of Operating Systems
Second Edition
AL-FATEH PUBLICATIONS
8001, Taman Harmoni
Jalan SMK Intan Zaharah
23000 Dungun
Terengganu
PAKA PRINTING
Jalan Besar Paka
23100 Paka
Terengganu
Preface
MAZLAN OSMAN
Universiti Teknologi MARA
Terengganu, Malaysia
March 2019
TABLE OF CONTENTS
PREFACE
Chapter 1 1
Understanding of Operating System
Introduction
What is Operating System
Operating Systems and Computer System
History of Operating System
Operating System Strategies
Types of Operating Systems
Chapter 2 13
Functions and Components of Operating System
Understanding Operating System Components
Cooperation Issues
Characteristics of Modern Operating System
Application Program Interface
Operating Systems Design Issues
Chapter 3 25
Operating System Booting Concept
Booting Concept
Single OS Booting Process
Multiple OS Booting Process
Chapter 4 36
User Interfaces
Introduction
Command Line User Interface (CLI)
Graphical User Interface (GUI)
Natural Language Interface (NLI)
User Interface in Review
Chapter 5 47
File System
Introduction
File System Concept
File Access Method
Directory Structure
File System Mounting
File Sharing
File Protection
File Allocation Method
File Technology
Chapter 6 67
Device Driver
Device Management
Device Driver
Device Controller
Device Driver Interface
Chapter 7 79
Process Management
Terms and Concepts
Process Concept
Single Tasking Processing
Multitasking Processing
Single Tasking versus Multitasking
Context Switching
Scheduling
Chapter 8 99
Memory Management
Memory Hierarchy
Physical Memory
Virtual Memory
Chapter 9 123
Input Output Management
Introduction
Input Output System Organization
Input Output Communication Techniques
Input Output Buffering
Chapter 10 137
OS Protection and Security
Introduction
Security and Protection
User Authentication
Basic Resource Protection
References 153
UNDERSTANDING OF
OPERATING SYSTEM
Chapter 1
INTRODUCTION
To understand an operating system is to understand the
workings of an entire computer system, because the operating
system manages each and every piece of hardware and software.
This chapter briefly describes how simple operating systems work
and how, in general, they’ve evolved. The following chapters
explore each component in more depth and show how its function
relates to the other parts of the operating system. In other words,
you see how the pieces work harmoniously to keep the computer
system working smoothly.
Convenience
Operating system makes a computer more convenient to use.
Efficiency
Operating system allows the computer system resources to be
used in an efficient manner.
Ability to evolve
Operating system should constructed in such way as to permit
the effective development, testing and introduction of new system
functions without at the same time interfering with service.
Phase 1
During this phase, hardware is expensive and humans are cheap.
Users use computer at a console (single-user system) and using
mono-programming systems. Batch processing operating system
is implemented during this phase whereas jobs given to operating
system at one time and operating system process jobs one-after-
the-other. There is no human-computer interaction. Operating
system optimizes the resources utilization.
Phase 2
During this phase, hardware is cheap and human are expensive.
Users use a cheap terminals and share servers (multiuser
system) and using multiprogramming systems. Time-sharing
operating system is implemented during this phase.
Multiprogramming support interactive computing model and has
different scheduling and memory allocation strategy. In this
phase, security and protection had more consideration and
attention.
Phase 3
During this phase, hardware is very cheap and humans are very
expensive. Personal computing and distributed computing arise
in this phase. In personal computing, one system could be
handled by one user and in distributed processing a lot of system
could be handled by one user. Four types of operating system are
implemented during this phase. There are Real-Time OS,
Networks OS, Distributed OS and Embedded OS.
EXERCISES
1. The general role of an operating system is to:
A. Real-time
B. Interactive
C. Hybrid
D. Embedded
A. Batch System
B. Embedded System
C. Time-sharing System
D. Real Time System
A. First
B. Second
C. Third
D. Fourth
A. Real-time
B. Hybrid
C. Multiuser
D. Multitasking
A. close source
B. free
C. open source
D. proprietary software
A. desktop
B. kernel
C. user interface
D. code
A. Multithreading
B. Batch Operating System
C. Symmetric Processing
D. Microkernel Architecture
A. Zero Generation
B. First Generation
C. Second Generation
D. Third Generation
Processor Manager
• The Processor Manager decides how to allocate the central
processing unit (CPU). An important function of the
Processor manager is to keep track of the status of each
process. A process defines as a program in execution.
Memory Manager
• The Memory Manager is in charge of main memory, also
known as RAM (Random Access Memory).
Networking Manager
File Manager
• The File Manager keeps track of every file in the system
including data files, program files, compilers and
application programs. By using predetermined access
policies, it enforces restrictions on who has access to which
files.
COOPERATION ISSUES
Each manager not only performs its individual tasks. It must also
be able to work harmoniously with every other manager. For
example, let’s say someone types a command to execute a
program.
CHARACTERISTICS OF MODERN
OPERATING SYSTEM
Nowadays, there are four new characteristics in modern
operating system. These new characteristics are resulted from the
improvement and advancement of hardware’s technology
especially in CPU technology.
Multithreading Processing
Threads is known as light weight process and used in
implementing network servers. Multithreaded applications
programs contain several threads running at one time that have
same or different priorities. Examples: Web browsers and time-
sharing systems.
Object-Oriented Design
• Kernel
Resides in memory at all times, performs essential tasks,
and protected by hardware
• Kernel reorganization
Memory resident: only for few essential functions, such as
process scheduling and memory allocation
Modules: all other functions, such as device allocation, are
not allowed reside in main memory at all time.
Advantages
EXERCISES
1. Job Scheduler is a part of the _______
A. Processor Manager
B. Memory Manager
C. Networking Manager
D. File Manager
A. Network Manager
B. Memory Manager
C. Processor Manager
D. File Manager
A. I, II and IV
B. II and IV
C. I and IV
D. I, II and III
A. Update drivers
B. Check for viruses
C. Change peripheral I/O settings
D. Identify installed port
A. Network manager
B. Memory manager
C. Processor manager
D. File manager
A. Device manager
B. Network manager
C. User interface
D. File manager
A. System Call
B. Kernel
C. Command Interpreter
D. Parameter
Processor Manager
• The Processor Manager decides how to allocate the central
processing unit (CPU). An important function of the
Processor manager is to keep track of the status of each
process. A process defines as a program in execution.
Memory Manager
• The Memory Manager is in charge of main memory, also
known as RAM (Random Access Memory).
Networking Manager
File Manager
• The File Manager keeps track of every file in the system
including data files, program files, compilers and
application programs. By using predetermined access
policies, it enforces restrictions on who has access to which
files.
COOPERATION ISSUES
Each manager not only performs its individual tasks. It must also
be able to work harmoniously with every other manager. For
example, let’s say someone types a command to execute a
program.
CHARACTERISTICS OF MODERN
OPERATING SYSTEM
Nowadays, there are four new characteristics in modern
operating system. These new characteristics are resulted from the
improvement and advancement of hardware’s technology
especially in CPU technology.
Multithreading Processing
Threads is known as light weight process and used in
implementing network servers. Multithreaded applications
programs contain several threads running at one time that have
same or different priorities. Examples: Web browsers and time-
sharing systems.
Object-Oriented Design
• Kernel
Resides in memory at all times, performs essential tasks,
and protected by hardware
• Kernel reorganization
Memory resident: only for few essential functions, such as
process scheduling and memory allocation
Modules: all other functions, such as device allocation, are
not allowed reside in main memory at all time.
Advantages
EXERCISES
1. Job Scheduler is a part of the _______
A. Processor Manager
B. Memory Manager
C. Networking Manager
D. File Manager
A. Network Manager
B. Memory Manager
C. Processor Manager
D. File Manager
A. I, II and IV
B. II and IV
C. I and IV
D. I, II and III
A. Update drivers
B. Check for viruses
C. Change peripheral I/O settings
D. Identify installed port
A. Network manager
B. Memory manager
C. Processor manager
D. File manager
A. Device manager
B. Network manager
C. User interface
D. File manager
A. System Call
B. Kernel
C. Command Interpreter
D. Parameter
BOOTING CONCEPT
Chapter 3
BOOTING CONCEPT
BIOS read and load the Master Boot Record (MBR) program into
memory (RAM). Now, MBR takes control of the booting process.
After all of this, if it all works correctly, you will finally see the
prompt, which will most likely look like one of these: A:\> or
C:\>. The summary of DOS boot sequence can be described as
follows:
1. POST
2. MBR
3. IO.SYS
4. MSDOS.SYS
5. CONFIG.SYS
6. COMMAND.COM
7. AUTOEXEC.BAT
8. Command prompt
Pre-Boot Sequence
It begins when the power is turned on. The computer performs
self-check routines and locates a boot record.
Boot Sequence
Hardware configuration is detected and loaded.
• NTDETECT.COM
• BOOT.INI
• NTBOOTDD.SYS
• Load NTOSKRNL.EXE and HAL.DLL which is located in
%SystemRoot%System32.
• Read the registry, choose hardware profile and authorize
device driver.
Log On Sequence
• WINLOGON.EXE starts.
• LSASS.EXE starts and display Logon screen.
EXERCISES
1. The event when power to a computer is cycled or a
special reset signal to the processor is triggered is
called _______.
A. Cold Boot
B. Warm Boot
C. BIOS Boot
D. Start Boot
A. IO.SYS
B. CONFIG.SYS
C. COMMAND.COM
D. AUTOEXEC.BAT
A. starts the OS
B. enables communications with devices
C. manages random access memory
D. performs the power on self-test
A. compiler
B. bootstrap loader
C. compiler
D. system call
A. COMMAND.COM
B. NTDETECT.COM
C. BOOT.COM
D. WINLOGON.COM
A. BOOT.INI
B. LSASS.EXE
C. NTDETECT.COM
D. NTBOOTDD.SYS
A. IO.SYS
B. NTDETECT.COM
C. CONFIG.SYS
D. AUTOEXEC.BAT
A. Boostrap
B. MBR
C. GRUB
D. BIOS
USER INTERFACE
Chapter 4
INTRODUCTION
User interface is a program or set of programs that sits as a layer
above the operating system itself. User interface provide the way
a person or a user interacts with a computer or electronic device.
UNIX Architecture
The Shell
The Shell is a program that accepts commands as text input and
converts commands to appropriate operating system functions.
The shell is the user interface with the Unix system, the
middleman between user and the kernel. The shell displays a
"prompt," to notify user that it is ready to accept command. The
shell is a program that the Unix kernel runs for user. A program
is referred to as a process while the kernel is running it.
Icons
Icons are pictures that represent computer resources, such as
files, printers and programs. Users have to double-click an icon to
choose (activate) it, for instance, to launch a program. The
Windows operating system offers two unique tools, called the
Taskbar and Start button. These help you run and manage
programs.
Windows
Figure 4. 4 Window
Menus
• Can be unreliable
• Can “interpret” incorrectly (dialect)
UI Advantages Disadvantages
• More flexible and • More difficult to learn and
powerful use
• Faster for
CLI experienced users
• Can combine
commands
• Less memory used
• Easy to learn and • Harder to implement
use • More HW/SW
• Little training requirements
GUI
• Suitable to multi- • Requires lots of memory
tasking • SW is complex and
difficult to write
UNIX
UNIX is the oldest operating system used on PCs. UNIX was the
first multi-user, multiprocessor, multitasking operating system
available for use on PCs. Most versions of UNIX use a command-
line interface, but some versions offer a GUI.
Mac OS
The Macintosh OS supports the graphical nature of the
Macintosh computer. The Mac OS brought the first truly
graphical user interface to consumers. The Mac OS also brought
interface conformity to the desktop. All applications running
under the Mac OS, therefore, provided the same "look and feel" to
the user.
Windows 3.x
Windows 3.0, 3.1, and 3.11 are called the Windows 3.x family.
Windows 3.x brought a GUI and multitasking capabilities to PCs
running DOS. Windows 3.x is an operating environment because
it ran on top of DOS, which was the actual OS.
OS 2/Wrap
OS/2 Warp was the first true GUI-based operating system for
Intel-based PCs. OS/2 is a multitasking OS that provides support
for networking and multiple users. It was the first PC OS to
feature built-in speech recognition capabilities.
Linux
Linux is a recently developed version of UNIX, which is available
for free or at a very low cost from various sources. Linux is a very
powerful 32-bit OS that supports multitasking, multiple users,
networking, and virtually any application. Linux can run on
nearly any type of computer. Because of its power and openness,
Linux is attracting many users, including students, teachers,
Internet service providers, and others.
Windows 2000
Windows 2000 features the same interface and features of
Windows 98, with the file system, networking, power, and
stability of Windows NT. Several versions of Windows 2000 are
available, each targeting a specific user or computing
environment, from home PCs to large enterprise networks.
EXERCISES
1. Why the CLI uses less resource compared to GUI?
A. It is easier to use
B. It is easier to memorize
C. Have windows
D. No need to install a graphical layer
A. Multitasking
B. Speed
C. Control
D. Resources
A. string command
B. speech
C. image
D. animation
A. create directory
B. copy a file
C. delete directory
D. rename directory
A. icon to be loaded
B. script to be used
C. prompt interface
D. command to be wrote
A. compiler
B. prompt
C. icon
D. mouse
FILE SYSTEM
Chapter 5
INTRODUCTION
The file management functions or called as the file system
incorporates routines that allow the user or programmer to
create, delete, modify and manipulate files logically by name.
There are two distinct parts of a file system, the mechanism for
storing files and the directory structure into which they are
organized. The file system helps keep track of the data and
programs stored on disk and other secondary storage devices. The
location of every file stored on a disk can be found by searching
the disk’s directory. The file system manages the directory. A file
system is a clearly-defined method that the computer's operating
system uses to store, record and retrieve files.
Files are mapped by the OS onto physical devices. All files have a
name by which they can be accessed by the user. In most modern
file systems the name consists of three parts, its unique name, a
period and an extension. File systems resides permanently on
secondary storage.
File Structure
File Attributes
File Operation
Creating a file
For creating a file, address space in the file system is required.
After creating, entry of the file is made in the directory. The
directory entry records the name of the file and the location in the
file system.
Writing to a file
Deleting a file
System will search the directory of which file to be deleted. If
directory entry is found, it releases all file space. That free space
can be reused by another file.
Truncating a file
User may want to erase contents of file but keep its attributes.
Rather than forcing the user to delete a file and then recreate it,
truncating functions allows all attributes to remain unchanged
except for file length.
File Types
Sequential Access
Direct Access
Direct access allows random access to any file block. This method
is based on a disk model of a file. It allows programs to reads and
writes records rapidly in no particular order. These methods
generally involve the construction of an index for the file.
DIRECTORY STRUCTURE
Search
Directory structure is searched for finding particular file in the
directory. File has symbolic names and similar names may
indicate a relationship between files.
Create a file
When a new file is created, an entry must be added to the
directory.
Delete a file
When a file is deleted, an entry must be removed from the
directory.
Rename a file
List directory
All or portion of the directory may be requested. Request is
made by a user and result in a listing of all files owned by
that user plus some of the attributes of each file.
Two-Level Directory
In two-level directory, each user has his owns directory. It is
called User File Directory (UFD).Each user file directory has a
similar structure. Different users may have files with the same
name, as long as all the files named within each UFD are unique.
OS cannot accidently delete another user file that has the same
name because OS must confines the search to the local UFD.
FILE SHARING
FILE PROTECTION
Access Control
• Contiguous Allocation
• Linked Allocation
• Indexed Allocation
Contiguous Allocation
Advantages
Simple – only starting location (block number) and length
(number of blocks) are required.
Random access
Disadvantages
Wasteful of space (dynamic storage-allocation problem)
Files cannot grow
Linked Allocation
Indexed Allocation
FILE TECHNOLOGY
EXERCISES
1. What is the function of executable file?
A. formatted
B. mounted
C. backed up
D. initialized
A. Contiguous Allocation
B. Linked Allocation
C. Indexed Allocation
D. Linked List
A. avi
B. exe
C. dll
D. rar
A. Single-level
B. Two-level
C. Tree-structured
D. Acyclic graph
A. Indexed allocation
B. Linked allocation
C. Contiguous allocation
D. Random allocation
A. collection of files
B. metadata
C. partitions
D. user identifications
A. Windows XP
B. Windows Vista
C. Windows 10
D. Windows 7
A. FAT16
B. FAT32
C. FAT64
D. NTFS
DEVICE DRIVER
Chapter 6
DEVICE MANAGEMENT
An application process uses a device by issuing commands and
exchanging data with the device management. Device
management is the part of the OS that manages hardware
devices through device manager.
DEVICE DRIVER
If the device uses interrupts, the device driver will suspend after
starting the device, knowing that the corresponding interrupt
handler will take up the interaction with the device when it
raises an interrupt signaling that the I/O operation has
completed.
• Sequential access.
• Accessed via streams of bytes.
• No buffering.
• Examples: Keyboard, printers and soundcard.
• Random access.
• Need Buffering.
• Everything that can hold a file system.
• Examples: Floppy, hard disk and CD-ROM.
DEVICE CONTROLLER
Device controller is a hardware component that adapts a generic
device so that it can operate with a particular computer.
Command Register
The device controller contains a command register to which the
device driver can write device commands to start an operation on
the device.
Status Register
The device controller have a status register that the device
driver can read device status to determine if the I/O operation
completed successfully, or if the most recent device operation
resulted in an error, the status register will report the nature of
the error.
Data Register
The device controller also typically contains one or more data
registers where data that is to be written to the device is store
before starting the write operation, or where the result of a read
operation is retrieved when the device finishes the read
operation.
Driver-Kernel Interface
EXERCISES
1. Device driver gives an instruction to devices to perform
the operation. Which of the following registers will be
used?
A. Data register
B. Command register
C. Status register
D. DMA register
A. Device driver
B. Device controller
C. Interrupt handler
D. Device manager
A. Device driver
B. Device manager
C. Device controller
D. DMA controller
A. Data register
B. Command register
C. Status register
D. DMA register
A. Update drivers
B. Check for viruses
C. Change peripheral I/O settings
D. Identify installed port
PROCESS
MANAGEMENT
Chapter 7
INTRODUCTION
Process management done by process manager and efficiently
managing the CPU’s time.
Program
Process
I/O Bound
• Spends more time doing I/O than computations
• Ready Queue (memory) always empty
CPU Bound
• Spends more time doing computations than I/O
• I/O Queue always empty
Thread
PROCESS CONCEPT
Process State
• Process identification
• Process state
(NEW, READY, RUNNING, WAITING, TERMINATED)
• Process status
(process status word, register contents, main memory
info, resources, process priority)
• Accounting
(CPU time, total amount of time, I/O operations,
number input records read, etc.)
Sequential Processing
Batch Processing
MULTITASKING PROCESSING
Multiprogramming
Time-sharing
Cooperative Multitasking
Preemptive Multitasking
Windows3.1 X cooperative
Windows95/98/Me X cooperative
WindowsNT/2000 X pre-emptive
WindowsXP X pre-emptive
MAC/OS X X pre-emptive
VMS X pre-emptive
CONTEXT SWITCHING
When the scheduler switches the CPU from executing one process
to executing another, the context switcher saves the content of all
processor registers for the process that being removed from the
CPU. The context of a process is represented in the PCB. This
process is called context switching.
SCHEDULING
As processes enter the system, they are put into a job queue. Job
queue consists of all processes in the systems. Ready queue
consists of all processes residing in main memory ready and
waiting to execute. Device queue consists of processes waiting for
an I/O device. Each device has its own device queue.
• Determines which jobs will get CPU, when, and for how
long.
• Decides when processing should be interrupted.
• Determines queues job should be moved to during
execution.
• Recognizes when job has been concluded and should be
terminated.
• NEW to READY
• READY to RUNNING
• RUNNING to WAITING
• WAITING to READY
• RUNNING to TERMINATED
EXERCISES
A. Context Switch
B. Packet Switch
C. Process Switch
D. Processor Switch
A. Cooperative Multitasking
B. Preemptive Multitasking
C. Time-sharing
D. Multi-threading
A. Ready queue
B. Dynamic queue
C. Job queue
D. I/O queue
A. segment
B. process
C. thread
D. array
MEMORY
MANAGEMENT
Chapter 8
INTRODUCTION
Memory is a central operation of modern computer. Memory
refers to the physical devices used to store programs (sequences
of instructions) or data (e.g. program state information) on a
temporary or permanent basis. It consists of a large array of
words or bytes each with its own address. Program must be
brought (from disk) into memory and placed within a process for
it to be run. Main memory and registers are the only storage that
CPU can access directly. CPU fetches instruction from memory
based on the value of the program counter.
MEMORY HIERARCHY
A memory hierarchy in computer storage distinguishes each level
in the 'hierarchy' by capacities, costs, and access times.
Physical Organization
Physically, computer memory is organized into two levels:
Logical Organization
Memory Management
PHYSICAL MEMORY
Contiguous Allocation
Example 8.1
• First-Fit
• Best-Fit
• Next-Fit
The Next-Fit algorithm will allocate the first from the last
placement. The memory manager scans memory from the
location of the last allocation and chooses the next
available block that is large enough. This algorithm more
often allocate a block of memory at the end of memory
where the largest block is found. Compaction is required to
obtain a large block at the end of memory.
• Worst Fit
Example 8.2
Example 8.3
Answer 8.3
First-Fit
Best-Fit
Worst-Fit
Non-Contiguous Allocation
Paging
The frame size is equal to the page size. To run a program of size
n pages, operating system need to find n free frames and load
program. Paging method requires page table to translate logical
to physical addresses. Page table contains base address of each
page in physical memory. Base address is combined with the
page offset to define the physical memory address that is sent to
the memory unit.
Address Translation
Example 8.1
Example 8.2
Example 8.3
Address Calculation
Example 8.4
Page No Frame No
0 1
1 4
2 3
3 7
Calculate:
Answer 8.4
Segmentation
Example 8.5
a) (0,430)
b) (1,10)
c) (2,500)
d) (3,400)
e) (4,112)
Answer 8.5
VIRTUAL MEMORY
• Demand paging
• Demand segmentation
Page Fault
Thrashing
Principle of Locality
EXERCISES
A. Frames
B. Holes
C. Blocks
D. Segments
A. Virtual memory
B. Paging
C. Segmentation
D. Dynamic partitioning
A. First fit
B. Best fit
C. Worst fit
D. Next fit
A. paging, segmentation
B. pages, frames
C. segments, pages
D. frames, pages
A. swapping
B. debugger
C. thrashing
D. overlays
A. real memory
B. virtual memory
C. main memory
D. all of the above
A. virtual memory
B. paging
C. segmentation
D. dynamic execution
A. First Fit
B. Best Fit
C. Worst Fit
D. Next Fit
A. Best Fit
B. First Fit
C. Paging
D. Segmentation
INPUT OUTPUT
MANAGEMENT
Chapter 9
INTRODUCTION
Humans interact with machines by providing information
through I/O devices such as screen displays, printers, keyboards,
mouse, etc. Management of all these devices can affect the
throughput of a system. For this reason, input output
management also becomes one of the primary responsibilities of
an operating system. I/O manager manages the system’s device
drivers or works with the Virtual Memory manager to provide
memory mapped file I/O and manages the file system buffers.
DMA disconnects the CPU to feed data directly from I/O module
to memory (or from memory to I/O module). When finished,
control is handed back again to the CPU. DMA transfers are
common for disk drives, sound cards and graphics cards.
Types of Buffer
• Single Buffer
• Double Buffer
• Circular Buffer
Single Buffer
Double Buffer
Circular Buffer
In circular buffer more than two buffers are used. Each individual
buffer is one unit in a circular buffer. Circular buffer normally
used when I/O operation must keep up with process.
Block-Oriented devices
Stream-Oriented devices
• Line-at-a-time
• Byte-at-a-time
EXERCISES
1. During I/O or event completion, a process will be change
_______.
A. spooling
B. caching
C. device reservation
D. buffering
A. Programmed I/O
B. Interrupt Driven I/O
C. Direct Access Memory
D. Not all of the above
A. terminal
B. disk
C. printer
D. mouse
A. Programmed I/O
B. Interrupt Service Routine
C. Interrupt-Driven I/O
D. Direct Memory Access
OPERATING SYSTEM
PROTECTION &
SECURITY
Chapter 10
INTRODUCTION
Multiprogramming involves the sharing of many resources,
including processor, memory, I/O devices, programs, and data.
Protection of such resources runs along the following spectrum:
Confidentiality
Confidentiality or privacy is the requirement that information
maintained by a computer system be accessible only by
authorized parties.
Integrity
Integrity is the requirement that a computer system’s resources
can be modified only by authorized parties.
Availability
Availability is the requirement that a computer system be
accessible at required times by authorized parties.
Authenticity
Authenticity is the requirement that a computer system can
verify the identity of a user.
USER AUTHENTICATION
What is Authentication?
Password Encryption
The encryption method can avoid password guessing, for
example, in UNIX operating system, encrypted data will be kept
in /etc/shadow file.
Single Sign-on
Single sign-on (SSO) is a property of access control of multiple
related, but independent software systems. With this method, a
user logs in once and gains access to all systems without being
prompted to log in again at each of them.
• Disconnected token
• Connected token
• Contactless token
Disconnected Token
Connected Token
Contactless Token
Access Control
Objects
Objects are the resources in the system that need access control
(that is, must be accessed in a protected fashion). For example,
hardware devices, data files, etc.
Subjects
Subjects are active entities in the system that access objects. For
example, user processes.
Rights
Privileged User
Superuser
In conventional UNIX systems, the root user, also referred to as
superuser, is all-powerful. Programs that run as root, or setuid
programs, are all-powerful. The root user has the ability to read
and write to any file, run all programs, and send kill signals to
any process. Effectively, anyone who can become superuser can
modify a site's firewall, read confidential records, and shut down
the entire network.
• Buffer Overflow
• Data Execution
• Kernel Patch
Use Canaries
DEP helps prevent certain exploits that store code via a buffer
overflow, for example. DEP runs in two modes: hardware-
enforced DEP for CPUs that can mark memory pages as non-
executable and software-enforced DEP with a limited prevention
for CPUs that do not have hardware support.
EXERCISES
1. One of the goals of protection in the operating system is to
ensure each program component active in a system uses
system _________ only in ways consistent with stated
policies.
A. resources
B. standards
C. users
D. processor
A. Authorization
B. Authentication
C. Confidentiality
D. Privacy
A. Password
B. PIN
C. User ID
D. Token
A. Canaries
B. Data Execution Protection
C. Kernel patch Protection
D. Buffer Overflow Protection
A. objects
B. subjects
C. rights
D. user’s role
A. Authorization
B. Authentication
C. Security
D. Protection
A. Login ID
B. Token
C. Biometrics
D. Username
A. Disconnected token
B. Connected token
C. Contactless token
D. Logical token
REFERENCES
PRACTICAL APPROACH OF
OPERATING SYSTEMS
Second Edition
Operating systems are an essential part of any computer
system. A course on operating systems is an essential
part of any computer-science education. This book is
presented as a text for an introductory course in operating
systems at the junior or senior undergraduate level or at
the first-year graduate level. It provides a clear description
of the fundamental concepts that underlie operating
systems.
AL-FATEH PUBLICATIONS