<< Chapter < Page Chapter >> Page >

Access Lists: with each file, indicate which users are allowed to perform which operations.

  • In the most general form, each file has a list of pairs.
  • It would be tedious to have a separate listing for every user, so they are usually grouped into classes. For example, in Unix there are threeclasses: self, group, anybody else (nine bits per file).
  • Access lists are simple, and are used in almost all file systems.

Capabilities: with each user, indicate which files may be accessed, and in what ways.

  • Store a list of pairs with each user. This is called a capability list.
  • Typically, capability systems use a different naming arrangement, where the capabilities are the only names of objects. You cannoteven name objects not referred to in your capability list.
  • In access-list systems, the default is usually for everyone to be able to access a file. In capability-based systems, the default is for no-oneto be able to access a file unless they have been given a capability. There isno way of even naming an object without a capability.
  • Capabilities are usually used in systems that need to be very secure. However, capabilities can make it difficult to share information: nobodycan get access to your stuff unless you explicitly give it to them.

Are the following things access-based or capability-based protection schemes?

  • Protection Keys
  • Page tables

Access enforcement

Some part of the system must be responsible for enforcing access controls and protecting the authorization and identificationinformation.

  • Obviously, this portion of the system must run unprotected. Thus it should be as small and simple as possible. Example: the portion of the systemthat sets up memory mapping tables.
  • The portion of the system that provides and enforces protection is called the security kernel. Most systems, like Unix, do not have a securitykernel. As a consequence, the systems are not very secure.
  • What is needed is a hierarchy of levels of protection, with each level getting the minimum privilege necessary to do its job. However, this islikely to be slow (crossing levels takes time).

File system security

The problem addressed by the security system is how are information and resources protected from people. Issues include the contentsof data files which are a privacy issue, and the use of resources, which is an accounting issue. Security must pervade the system, or the system is insecure,but the file system is a particularly good place to discuss security because its protection mechanisms are visible, and the things it protects are very concrete(for a computer system).

We're talking about some interesting stuff when we talk about security. For certain people who like puzzles, finding loopholes insecurity systems and understanding them to the point of breaking them is a challenge. I understand the lure of this. Remember, however, that everyone usingthese machines is a student like yourself who deserves the same respect that you do. Breaking into another person's files is like breaking into their home, andshould not be taken lightly either by those breaking in, or those who catch them. Uninvited intrusions should be dealt with harshly (for example, it's afelony to break into a machine that stores medical records). If you really want to play around with UNIX(R) security, get yourself a linux box and play to yourheart's content; don't break into someone's account here and start deleting files.

Questions & Answers

What fields keep nano created devices from performing or assimulating ? Magnetic fields ? Are do they assimilate ?
Stoney Reply
why we need to study biomolecules, molecular biology in nanotechnology?
Adin Reply
yes I'm doing my masters in nanotechnology, we are being studying all these domains as well..
what school?
biomolecules are e building blocks of every organics and inorganic materials.
anyone know any internet site where one can find nanotechnology papers?
Damian Reply
sciencedirect big data base
Introduction about quantum dots in nanotechnology
Praveena Reply
what does nano mean?
Anassong Reply
nano basically means 10^(-9). nanometer is a unit to measure length.
do you think it's worthwhile in the long term to study the effects and possibilities of nanotechnology on viral treatment?
Damian Reply
absolutely yes
how to know photocatalytic properties of tio2 nanoparticles...what to do now
Akash Reply
it is a goid question and i want to know the answer as well
characteristics of micro business
for teaching engĺish at school how nano technology help us
Do somebody tell me a best nano engineering book for beginners?
s. Reply
there is no specific books for beginners but there is book called principle of nanotechnology
what is fullerene does it is used to make bukky balls
Devang Reply
are you nano engineer ?
fullerene is a bucky ball aka Carbon 60 molecule. It was name by the architect Fuller. He design the geodesic dome. it resembles a soccer ball.
what is the actual application of fullerenes nowadays?
That is a great question Damian. best way to answer that question is to Google it. there are hundreds of applications for buck minister fullerenes, from medical to aerospace. you can also find plenty of research papers that will give you great detail on the potential applications of fullerenes.
what is the Synthesis, properties,and applications of carbon nano chemistry
Abhijith Reply
Mostly, they use nano carbon for electronics and for materials to be strengthened.
is Bucky paper clear?
carbon nanotubes has various application in fuel cells membrane, current research on cancer drug,and in electronics MEMS and NEMS etc
so some one know about replacing silicon atom with phosphorous in semiconductors device?
s. Reply
Yeah, it is a pain to say the least. You basically have to heat the substarte up to around 1000 degrees celcius then pass phosphene gas over top of it, which is explosive and toxic by the way, under very low pressure.
Do you know which machine is used to that process?
how to fabricate graphene ink ?
for screen printed electrodes ?
What is lattice structure?
s. Reply
of graphene you mean?
or in general
in general
Graphene has a hexagonal structure
On having this app for quite a bit time, Haven't realised there's a chat room in it.
what is biological synthesis of nanoparticles
Sanket Reply
what's the easiest and fastest way to the synthesize AgNP?
Damian Reply
how did you get the value of 2000N.What calculations are needed to arrive at it
Smarajit Reply
Privacy Information Security Software Version 1.1a
Berger describes sociologists as concerned with
Mueller Reply
Got questions? Join the online conversation and get instant answers!
Jobilize.com Reply

Get the best Algebra and trigonometry course in your pocket!

Source:  OpenStax, Operating systems. OpenStax CNX. Aug 13, 2009 Download for free at http://cnx.org/content/col10785/1.2
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Operating systems' conversation and receive update notifications?