Resource Management Chapter 19 9/20/2018 Crowley OS Chap. 19.

Slides:



Advertisements
Similar presentations
CSC 360- Instructor: K. Wu Overview of Operating Systems.
Advertisements

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.
Chapter 8 Operating System Support
Figure 1.1 Interaction between applications and the operating system.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Ajmer Singh PGT(IP) Software Concepts. Ajmer Singh PGT(IP) Operating System It is a program which acts as an interface between a user and hardware.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Chapter 1. Introduction What is an Operating System? Mainframe Systems
Operating Systems 1 K. Salah Module 6.0: Security and Protection  Types of misuse: –1. Accidental –2. Intentional –Protection is to prevent either accidental.
Operating system Security By Murtaza K. Madraswala.
Protection in General- Purpose OS Week-3. Our Main Concern In what way do operating systems protect one user’s process from inadvertent or malicious interaction.
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
Security Chapter 9 Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
Lecture Topics: 10/29 Architectural support for operating systems –timers –kernel mode –system calls –protected instructions.
Chap1: Is there a Security Problem in Computing?.
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Physical security By Ola Abd el-latif Abbass Hassan.
Lecture 14 Page 1 CS 111 Summer 2013 Security in Operating Systems: Basics CS 111 Operating Systems Peter Reiher.
CSCE 201 Identification and Authentication Fall 2015.
Overview of Database Security Introduction Security Problems Security Controls Designing Database Security.
SECURITY Prepared By: Dr. Vipul Vekariya.. 2 S ECURITY Secure system will control, through use of specific futures, access to information that only properly.
Chapters 3 and 5 Possible questions
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Protecting Interprocess Communications
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Operating Systems Lecture 2.
Protecting Interprocess Communications
Applied Operating System Concepts
Chapter Objectives In this chapter, you will learn:
Lecture 1: Operating System Services
Chapter 14: Protection Modified by Dr. Neerja Mhaskar for CS 3SH3.
Chapter 14: System Protection
Challenge/Response Authentication
Protecting Interprocess Communications
William Stallings Computer Organization and Architecture
Operating system Security
The Security Problem Security must consider external environment of the system, and protect it from: unauthorized access. malicious modification or destruction.
Introduction to Operating Systems
Design IV Chapter 18 11/14/2018 Crowley OS Chap. 18.
Computer-System Architecture
Operating Systems.
Operating Systems Lecture 2.
Unit 1: Introduction to Operating System
Functions of an operating system
Architectural Support for OS
Chapter 2: Operating-System Structures
Security.
Introduction to Operating Systems
Operating Systems : Overview
Outline Announcements Protection and security.
Operating Systems : Overview
Operating System Concepts
PLANNING A SECURE BASELINE INSTALLATION
Architectural Support for OS
Operating System Concepts
Chapter-1 Computer is an advanced electronic device that takes raw data as an input from the user and processes it under the control of a set of instructions.
Mohammad Alauthman Computer Security Mohammad Alauthman
Chapter Goals Discuss the CIA triad
Chapter 2: Operating-System Structures
Protecting Interprocess Communications
COEN 351 Authentication.
Preventing Privilege Escalation
Operating Systems Concepts
Presentation transcript:

Resource Management Chapter 19 9/20/2018 Crowley OS Chap. 19

Key concepts in chapter 19 Resource management and scheduling Queuing models Real-time operating systems Protection of resources threats authorization authentication access control lists and capabilities crypography 9/20/2018 Crowley OS Chap. 19

Physical and virtual OS resources 9/20/2018 Crowley OS Chap. 19

OS resource management 9/20/2018 Crowley OS Chap. 19

Schedulers in an OS 9/20/2018 Crowley OS Chap. 19

A queuing system model 9/20/2018 Crowley OS Chap. 19

Three probability distributions 9/20/2018 Crowley OS Chap. 19

Waiting time versus load 9/20/2018 Crowley OS Chap. 19

Deterministic scheduling in real-time OSs 9/20/2018 Crowley OS Chap. 19

Protection of resources Processes act for users which have the authority to perform operations on resources We need to protect both hardware and software resources Authorization: each user is authorized to perform certain actions (possibly none) on each resource Authentication: verifying that a process is acting for the user it says it is acting for 9/20/2018 Crowley OS Chap. 19

Threats to protect against Unauthorized disclosure of information Unauthorized modification of information Denial of service Unauthorized use of services 9/20/2018 Crowley OS Chap. 19

User authentication Three types of authentication: Something a user knows e.g. a password, a combination, answers to personal questions Something a user has e.g. a badge, a smart card, a key Something a user is e.g. fingerprint, signature, voice print, hand geometry, retinal blood vessel pattern 9/20/2018 Crowley OS Chap. 19

Hardware protection mechanisms Processor modes and privileged instructions only valid in system mode Memory protection Devices, and in particular disks, are protected with processor modes and/or memory protection 9/20/2018 Crowley OS Chap. 19

Representation of protection data A protection database indicating what operations are allowed for each <user,object> pair. Access control lists: kept with the object each record has a user (or user group) and the allowed operations Capabilities: kept with the user process indicating which object it can access and what operation it can perform on that object 9/20/2018 Crowley OS Chap. 19

Protection domains A protection domain is a set of capabilities to perform certain actions on certain objects A process can move from protection domain to protection domain so, at any point, it has exactly the capabilities it needs for the current job (the principle of least privilege) This is more flexible than associating capabilities directly with a process 9/20/2018 Crowley OS Chap. 19

Software protection mechanisms Hardware resources are protected by hardware protection mechanisms Logical resources are only accessed through system calls All system calls must be authorized by a protection monitor The protection monitor accesses the protection database to make decisions 9/20/2018 Crowley OS Chap. 19

Protection monitors for file access 9/20/2018 Crowley OS Chap. 19

Protection monitors in an OS 9/20/2018 Crowley OS Chap. 19

Protection attacks Browsing for information Wiretapping Trial and error password attacks Password guessing Searching trash Trap doors in programs Trojan horse programs Covert channels 9/20/2018 Crowley OS Chap. 19

The confinement problem How do we prevent a program from leaking information to others? It is not as simple as preventing IPC and I/O A covert channel is a hidden means of communication information e.g. sending bits by manipulating the CPU load 9/20/2018 Crowley OS Chap. 19

Cryptography Cryptography means “secret writing” it is a way to prevent other people from seeing information you are sending on a public channel Modern cryptography can also be used for authentication in fact this is the most important use of cryptography in operating systems Public key cryptography allows encrypted communication and authentication without prior agreement between the parties 9/20/2018 Crowley OS Chap. 19

Authentication of public keys 9/20/2018 Crowley OS Chap. 19

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.