Chapter_14

Chapter_14 - Chapter 14: Protection s Goals of Protection s...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
14.1 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 14: Protection Chapter 14: Protection Goals of Protection Principles of Protection Domain of Protection Access Matrix Implementation of Access Matrix Capability-Based Systems Language-Based Protection
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
14.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Objectives Objectives Discuss the goals and principles of protection in a modern computer system Explain how protection domains combined with an access matrix are used to specify the resources a process may access Examine capability and language-based protection systems
Background image of page 2
14.3 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Goals of Protection Goals of Protection Operating system controls access to a collection of objects, hardware or software Each object has a unique name and can be accessed through a well-defined set of operations. The focus of this chapter is to describe the protection mechanisms the OS must provide so that the application programmers can use them in designing software that protects the resources created by an application subsystem Protection problem : ensure that each object is accessed correctly and only by those processes that are allowed to do so. Policies for accessing a resource can change over time
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
14.4 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Principles of Protection Principles of Protection Guiding principle – principle of least privilege Programs, users and systems should be given just enough privileges to perform their tasks For example, users should be given accounts with just the privileges the user needs
Background image of page 4
14.5 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Domain of Protection Domain of Protection Objects: mean both hardware (CPU, printers, memory, disks, …) and software objects (files, programs, semaphores, etc) Each object has a unique name and can only be accessed though well defined operations, the operations depending on the object For example, CPU can only be executed on, memory segments
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This document was uploaded on 12/14/2010.

Page1 / 17

Chapter_14 - Chapter 14: Protection s Goals of Protection s...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online