Protection - Operating Systems - Lecture Slides, Slides of Operating Systems

In these slides of the operating systems the main points are:Protection, Goals of Protection, Principles of Protection, Domain of Protection, Access Matrix, Implementation of Access Matrix, Access Control, Revocation of Access Rights, Capability-Based Systems, Language-Based Protection

Typology: Slides

2012/2013

Uploaded on 04/30/2013

aradhana
aradhana ๐Ÿ‡ฎ๐Ÿ‡ณ

4.6

(8)

119 documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Chapter 14: Protection
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download Protection - Operating Systems - Lecture Slides and more Slides Operating Systems in PDF only on Docsity!

Chapter 14: Protection

Chapter 14: Protection

  • Goals of Protection
  • Principles of Protection
  • Domain of Protection
  • Access Matrix
  • Implementation of Access Matrix
  • Access Control
  • Revocation of Access Rights
  • Capability-Based Systems
  • Language-Based Protection

Goals of Protection

  • Operating system consists of a collection of objects, hardware or software
  • Each object has a unique name and can be accessed through a well-defined set of operations.
  • Protection problem - ensure that each object is accessed correctly and only by those processes that are allowed to do so.

Principles of Protection

  • Guiding principle โ€“ principle of least privilege
    • Programs, users and systems should be given just enough privileges to perform their tasks

Domain Implementation (UNIX)

  • System consists of 2 domains:
    • User
    • Supervisor
  • UNIX
    • Domain = user-id
    • Domain switch accomplished via file system.
      • Each file has associated with it a domain bit (setuid bit).
      • When file is executed and setuid = on, then user-id is set to owner of the file being executed. When execution completes user-id is reset.

Domain Implementation (MULTICS)

  • Let Di and Dj be any two domain rings.
  • If j < I โ‡’ Di โІ Dj

Access Matrix

Use of Access Matrix

  • If a process in Domain Di tries to do โ€œopโ€ on object O (^) j , then โ€œopโ€ must be in the access matrix.
  • Can be expanded to dynamic protection.
    • Operations to add, delete access rights.
    • Special access rights:
      • owner of O (^) i
      • copy op from O (^) i to O (^) j
      • control โ€“ Di can modify D (^) j access rights
      • transfer โ€“ switch from domain D (^) i to Dj

Protection models

  • Access control lists
  • Capability based models
  • Role based models

Access control list

  • List of permissions attached to an object (what user can do what to the object) - Can be seen as one slice of the access matrix - Stored with the object
  • Object can be:
    • File system objects (files, directories)
    • Devices (in Unix, they are files!)
    • Processes
  • From a practical point of view, it frequently does not list all the users, but refer to them as groups Docsity.com

Role-based Access Control (RBAC)

  • Large organizations: it is difficult to specify the rights of every user / every object on a fine- grain level
  • Users are not assigned permissions directly:
    • They can be assigned one or more roles.
    • Permissions are attached to active roles.
  • The permissions are usually assigned at higher level than in ACLs - ACL: can read, can write - RBAC: can create a new account, etc. Docsity.com

Language-Based Protection

  • What we have seen up to now is protection happening at the OS level
  • Protection at the programming language level:
    • Objects of protection are finer grain: down to the level of objects and method calls in an object oriented language
    • What can you access?
  • How is the protection enforced:
    • By the execution environment: you must trust that the VM does the right thing. Docsity.com

Stack Inspection

  • End of Chapter