General Purpose Operating Systems

 Multi user
 Multi tasking

 Access control
◦ Controlling shared access
◦ Interface to allow that access
 Memory
 Files on auxiliary storage
 I/O devices
 Programs and sub procedures
 Networks
 Data

◦ Supported by hardware
 Keeping one user's objects separate from
other users
◦ physical separation: Different processes use
different physical objects-separate printers for
different levels of security
◦ temporal separation: processes having different
security requirements are executed at different
times
◦ logical separation: users operate under the illusion
that no other processes exist
◦ cryptographic separation: processes cover their
data and computations
 Do not protect
 Isolate
◦ Different processes are unaware of each other
◦ Deferent address space
◦ Files
 Share all or share nothing
◦ Declare public or private by user
 Share with access limitation
◦ Particular user’s access to a particular object
 Share by capabilities
◦ Degree of sharing depend on the owner
 Limit use of an object
◦ Deferent users have deferent rights for deferent objects
 Fence
◦ single-user operating systems
◦ Prevent System memory
◦ predefined memory address

 Drawback
◦ Space always reserved
 Operating system can be protected
 Impossible to change the starting address
 Application began at address 0
 Relocate all address reflect in actual memory
 Fence register
 Base register (Variable fence)
◦ starting address
 Bounds register
◦ upper address limit

 context switch
◦ OS perform
◦ Change in execution
◦ Change register contents
 base and bounds

 User's address space

 User is perfectly protected
 Secure user’s code & data
 Ability to split a program into two pieces
 Code
 Read-only data
 Modifiable data

 limit for practical computer design

 Drawbacks
◦ Shared subprogram from a common library
 Word memory has extra bits
 Identify the access rights
 Set by privileged instructions
◦ (operating system)
 Dividing a program into separate pieces
 Fixed size segments
 Code or data within a segment is addressed
as the pair <name, offset>
 OS maintain a table of
◦ Segment names
◦ Segment addresses
 Advantages
◦ Any segment at any location
◦ Move any segment to any location
◦ Segment can be removed
◦ Address reference passes through the OS
 Perform security check

 Security benefits
◦ Each address reference is checked for protection.
◦ Different classes of data items can be assigned different
levels of protection.
◦ Users can share access to a segment, with different access
rights.
◦ A user cannot generate an address or access to an
unpermitted segment
 Dynamic data structures
 Program can generate a reference to a invalid
offset beyond the end of the segment
 No solution
◦ Compilation or even a program is loaded
 Solution
◦ Translation table maintain segment length
◦ Check every generated address
◦ Efficiency issues
 Program -Equal-sized pieces – Pages
 Memory -Equal-sized units -page frames.
◦ Page size = 512 - 4096 bytes
 OS maintain a table of
◦ Page numbers
◦ Page addresses
 Address
◦ <page, offset>
 Segments : logical units
 Fixed-size pages
 Additional hardware
 Goals in protecting objects
◦ Check every access
◦ Enforce least privilege
◦ Verify acceptable usage

◦ Objects
◦ Subjects
◦ Unique owner - possesses "control" access rights
 User wise
 Maintained by OS
 Rights
◦ Read
◦ Write
◦ Execute
◦ Owner
 Disadvantages
◦ Deferent directory for each user
◦ Large data structures
◦ Entry for unwanted objects
◦ Time consuming operations
◦ Two entries under the same name for different files
 A:F (or B:F)
 Rename by third user
 One list for each object
 One directory for each subject
 <subject, object, rights>
 keep track of the access rights of subjects to
objects during execution
 Ticket giving permissions
 Access to an object
 Un-forgeable
◦ Don’t give the ticket directly to the user
◦ OS holds
 Encrypted
◦ key available only to the access control mechanism
 Local name space
 Collection of objects to which process has
access
 Collection of capabilities
 Calling sub procedure
 Deferent domain
 Passing rights
◦ R,RW
 OS create New capabilities
 Procedure that controls access to objects
 Accesses to an object be made through a
trusted interface
 Users or general operating system routines
cant access
 No simple, fast access
 Deferent users
◦ Administrators
◦ Users or guests
 Associate privileges
◦ Users
◦ Groups

 Control access rights by job

 All-None Protection
◦ Trust combined with ignorance
◦ All files are public
◦ Protected system files by system administrator

◦ Drawbacks
 Lack of trust
 Too coarse- not possible to configure selected users
 Rise of sharing
 Complexity
 File listings
 Group Protection
◦ User groups
◦ Common requirements
 Common project
 Department
 class

◦ Drawbacks
 Group affiliation - single user in two groups.
 Multiple personalities- redundant , inconvenient
 Limited sharing
 Individual Permissions

◦ Persistent permissions
 Number of access lists
 Revocation is not easy
◦ Temporary Acquired Permission
 Temporarily acquires access permission
 Only for execution of the program
 Something the user knows
◦ Passwords, PIN numbers
 Something the user has
◦ Driver's license
 Something the user is –biometrics
◦ Fingerprint
◦ Voice pattern
◦ Retina and iris
 Problems
◦ Loss
 forgotten password
◦ Use
 Password for each access
 Time consuming
◦ Disclosure
 Unauthorized individual
◦ Revocation.
 Change password
 Multifactor authentication
◦ Department
◦ Branch
◦ Workstation
◦ Time period
 Try all possible passwords
◦ Exhaustive or brute force attack
 Try frequently used passwords
◦ Qwe,asd
 Try passwords likely for the user
◦ Meaningful to user
 Search for the system list of passwords
 Ask the users
 Good passwords
 Choose long passwords
 Avoid meaningful words
 Unlikely password
 Change the password regularly
 Don't write it down
 Don't tell anyone else
◦ UNKNOWN USER ENTER USER NAME:

adams is not the name

 Brute force attack
 User trust the system
 Programmer capture the entry parameters
 User should interrupt any running process
◦ Break key
◦ Ctrl+Alt+Del