Presentation is loading. Please wait.

Presentation is loading. Please wait.

1999 Chapter 8-Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1999 Chapter 8-Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based."— Presentation transcript:

1 1999 Chapter 8-Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based Systems Language-Based Protection

2 1999 Protection Operating system consists of a collection of object|s, hardware or software Each object has a unique name and can be accessed through a well- defined set of operations. Protection problem - ensure that each object is accessed correctly and only by those processes that are allowed to do so. Access-right = Rights-set is a subset of all valid operations that can be performed on the object. Domain = set of access-rights System consists of 2 domains: User, Supervisor UNIX –Domain = user-id –Domain switch accomplished via file system.

3 1999 Multics Rings Let D i and D j be any two domain rings. If j < I  D i  D j

4 1999 Access Matrix Figure 1

5 1999 Use of Access Matrix If a process in Domain D i tries to do “op” on object O j, then “op” must be in the access matrix. Can be expanded to dynamic protection. –Operations to add, delete access rights. –Special access rights:  owner of O i  copy op from O i to O j  control – D i can modify D j s access rights  transfer – switch from domain D i to D j Access matrix design separates mechanism from policy. –Mechanism  Operating system provides Access-matrix + rules. –Policy  User dictates policy.  Who can access what object and in what mode.

6 1999 Access Matrix of Figure 1 With Domains as Objects Figure 2

7 1999 Access Matrix with Copy Rights

8 1999 Access Matrix With Owner Rights

9 1999 Modified Access Matrix of Figure 2

10 1999 Language-Based Protection Specification of protection in a programming language allows the high- level description of policies for the allocation and use of resources. Language implementation can provide software for protection enforcement when automatic hardware-supported checking is unavailable. Interpret protection specifications to generate calls on whatever protection system is provided by the hardware and the operating system.

Download ppt "1999 Chapter 8-Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation of Access Rights Capability-Based."

Similar presentations

Protection Goals of Protection Domain of Protection Access Matrix

Protection Goals of Protection Domain of Protection Access Matrix
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed.

Protection. Goals of Protection Operating system consists of a collection of objects, hardware or software Each object has a unique name and can be accessed.
Bilkent University Department of Computer Engineering

Bilkent University Department of Computer Engineering
Reasons for Protection n Prevent users from accessing information they shouldn’t have access to. n Ensure that each program component uses system resources.

Reasons for Protection n Prevent users from accessing information they shouldn’t have access to. n Ensure that each program component uses system resources.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.

1 Protection and Security Protection = mechanisms used to control access to valued resources: e.g., programs & data stored on computer system. Usually.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
Chapter 14: Protection.

Chapter 14: Protection.
Chapter 14: Protection.

Chapter 14: Protection.
Chapter 14: Protection.

Chapter 14: Protection.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 14: Protection.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 14: Protection.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Protection.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Protection.
Page 19/4/2015 CSE 30341: Operating Systems Principles Raid storage  Raid – 0: Striping  Good I/O performance if spread across disks (equivalent to n.

Page 19/4/2015 CSE 30341: Operating Systems Principles Raid storage  Raid – 0: Striping  Good I/O performance if spread across disks (equivalent to n.
Operating Systems Protection & Security.

Operating Systems Protection & Security.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Protection.

Protection.
Protection & Security Introduction to Operating Systems: Module 16.

Protection & Security Introduction to Operating Systems: Module 16.
14.1 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 14: Protection Goals of Protection Principles of Protection Domain of Protection.

14.1 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 14: Protection Goals of Protection Principles of Protection Domain of Protection.

Similar presentations

Ads by Google