The document discusses protection in operating systems. It explains that resources require protection from illegitimate access to ensure only allowed processes can access objects. The principle of least privilege is discussed, where programs are given just enough privileges to perform tasks. Threats can come from malicious or buggy code. Protection is provided through type-safe languages, hardware support using a kernel, supervisor mode, address spaces, and traps invoked through system calls.
1. PROTECTION IN OPERATING SYSTEMS
DISTRIBUTED COMPUTING - SEMINAR
1
Sidharth D | sidharth363@gmail.com
2. What Protection is About?
●
Resources require protection from illegitimate
access.
●
That is, ensure that each object is accessed
correctly and only by those processes that are
allowed to do so.
2
Sidharth D | sidharth363@gmail.com
3. Principle of Protection
PRINCIPLE OF LEAST
PRIVILEGE
Programs, users and systems should be given just
enough privileges to perform their tasks
3
Sidharth D | sidharth363@gmail.com
5. How to tackle illegitimate access?
Type – Safe Language
Hardware Support
5
Sidharth D | sidharth363@gmail.com
6. What is a Type – Safe Language?
●
Module A can access Module B only by using
method calls provided by programmer of B.
●
No pointers can be made up.
●
A module cannot change another module's
variables arbitrarily.
6
Sidharth D | sidharth363@gmail.com
8. Protection by Hardware Support
Modules can be protected from one another at the
level of individual invocations.
Made possible by :
KERNEL
8
Sidharth D | sidharth363@gmail.com
9. Kernel
●
Runs always
●
Has complete access privileges for the physical
resources.
●
Makes sure that other codes run legitimately.
9
Sidharth D | sidharth363@gmail.com
11. Use of Address Spaces
●
Address space – collection of ranges of virtual memory
locations assigned to each process.
●
Kernel sets up address spaces.
●
Each address space has defined access rights
example: read-only, read-write etc.
●
A process cannot access memory outside its address space.
11
Sidharth D | sidharth363@gmail.com
12. User Process
●
Also called user–level process.
●
Executes in user mode.
●
Has user-level address space.
implication
Restricted Memory Access Rights
12
Sidharth D | sidharth363@gmail.com
13. Use of Address Spaces (contd.)
Process
Application code
Kernel code
User-level
address space
Kernel's address
space
13
Sidharth D | sidharth363@gmail.com
14. Use of Address Spaces (contd.)
User-level
address space
TRAP
Kernel's address
space
14
Sidharth D | sidharth363@gmail.com
15. TRAP
●
Invocation mechanism for resources managed by the kernel.
●
System call trap implemented by machine-level TRAP instruction.
Processor
TRAP
Supervisor mode
15
Sidharth D | sidharth363@gmail.com
16. TRAP (contd.)
●
On TRAP, hardware forces processor to execute a
kernel – supplied handler function.
●
Result : no process gains illicit control of the
hardware.
16
Sidharth D | sidharth363@gmail.com
17. Price for Protection
User-level
address space
Simple procedure or
method call
Many processor
cycles
Kernel's address
space
TRAP
17
Sidharth D | sidharth363@gmail.com
18. Winding Up...
●
Resources require protection from illegitimate access.
●
Principle of least privilege.
●
Sources – malicious code, buggy code.
●
Type-safe languages.
●
Hardware support (kernel).
●
Supervisor mode, privileged mode.
●
User address space, kernel's address space.
●
Price for protection.
Sidharth D | sidharth363@gmail.com
18
19. Reference
[1] G. Coulouris, et. al., “Operating system support,” in
Distributed Systems Concepts and Design, 4 th ed. Noida,
India: Dorling Kindersley(India) Pvt. Ltd., 2009, ch. 6,
sec. 3, pp. 210-211
19
Sidharth D | sidharth363@gmail.com