<< Chapter < Page Chapter >> Page >

A sampling of protection mechanisms

The idea of protection domains originated with Multics and is a key one for understanding computer security. Imagine a matrixof all protection domains on one axis and all system resources (files) on another. The contents of each cell in the matrix are the operations permitted bya process (or thread) in that domain on that process.

Domain File 1 File 2 Domain 1 Domain 2
1 RW RWX - Enter
2 R - - -

Notice that once domains are defined, the ability to change domains becomes another part of the domain system. Processes in givendomains are allowed to enter other domains. A process's initial domain is a function of the user who starts the process and the process itself.

While the pure domain model makes protection easy to understand, it is almost never implemented. Holding the domains as a matrixdoesn't scale.

Some domains and rings

UNIX divides processes into 2 parts, a user part and a kernel part. When running as a user the process has limited abilities, andto access hardware, it has to tap into the kernel. The kernel can access all OS and hardware, and decides what it will do on a user's behalf based oncredentials stored in the PCB.

This is a simplification of the MULTICS system of protection rings. Rather than 2 levels, MULTICS had a 64 ring system where eachring was more privileged than the ones surrounding it, and checked similar credentials before using its increased powers.

Security improvements, encryption

Security improvements

Solutions: nothing works perfectly, but here are some possibilities:

  • Logging: record all important actions and uses of privilege in an indelible file. Can be used to catch imposters during their initial attemptsand failures. E.g. record all attempts to specify an incorrect password, all super-user logins. Even better is to get humans involved at key steps (this isone of the solutions for EFT).
  • Principle of minimum privilege ("need-to-know" principle): each piece of the system has access to the minimum amount of information, for theminimum possible amount of time. E.g. file system cannot touch memory map, memory manager cannot touch disk allocation tables. This reduces the chances ofaccidental or intentional damage. Note that capabilities are an implementation of this idea. It is very hard to provide fool-proof information containment:e.g. a trojan horse could write characters to a tty, or take page faults, in Morse code, as a signal to another process.
  • Correctness proofs. These are very hard to do. Even so, this only proves that the system works according to spec. It does not mean that thespec. is necessarily right, and it does not deal with Trojan Horses.

Encryption

Key technology: encryption. Store and transmit information in an encoded form that does not make any sense.

The basic mechanism:

  • Start with text to be protected. Initial readable text is called clear text.
  • Encrypt the clear text so that it does not make any sense at all. The nonsense text is called cipher text. The encryption is controlled by asecret password or number; this is called the encryption key.

Questions & Answers

where we get a research paper on Nano chemistry....?
Maira Reply
what are the products of Nano chemistry?
Maira Reply
There are lots of products of nano chemistry... Like nano coatings.....carbon fiber.. And lots of others..
learn
Even nanotechnology is pretty much all about chemistry... Its the chemistry on quantum or atomic level
learn
Google
da
no nanotechnology is also a part of physics and maths it requires angle formulas and some pressure regarding concepts
Bhagvanji
Preparation and Applications of Nanomaterial for Drug Delivery
Hafiz Reply
revolt
da
Application of nanotechnology in medicine
what is variations in raman spectra for nanomaterials
Jyoti Reply
I only see partial conversation and what's the question here!
Crow Reply
what about nanotechnology for water purification
RAW Reply
please someone correct me if I'm wrong but I think one can use nanoparticles, specially silver nanoparticles for water treatment.
Damian
yes that's correct
Professor
I think
Professor
Nasa has use it in the 60's, copper as water purification in the moon travel.
Alexandre
nanocopper obvius
Alexandre
what is the stm
Brian Reply
is there industrial application of fullrenes. What is the method to prepare fullrene on large scale.?
Rafiq
industrial application...? mmm I think on the medical side as drug carrier, but you should go deeper on your research, I may be wrong
Damian
How we are making nano material?
LITNING Reply
what is a peer
LITNING Reply
What is meant by 'nano scale'?
LITNING Reply
What is STMs full form?
LITNING
scanning tunneling microscope
Sahil
how nano science is used for hydrophobicity
Santosh
Do u think that Graphene and Fullrene fiber can be used to make Air Plane body structure the lightest and strongest. Rafiq
Rafiq
what is differents between GO and RGO?
Mahi
what is simplest way to understand the applications of nano robots used to detect the cancer affected cell of human body.? How this robot is carried to required site of body cell.? what will be the carrier material and how can be detected that correct delivery of drug is done Rafiq
Rafiq
if virus is killing to make ARTIFICIAL DNA OF GRAPHENE FOR KILLED THE VIRUS .THIS IS OUR ASSUMPTION
Anam
analytical skills graphene is prepared to kill any type viruses .
Anam
Any one who tell me about Preparation and application of Nanomaterial for drug Delivery
Hafiz
what is Nano technology ?
Bob Reply
write examples of Nano molecule?
Bob
The nanotechnology is as new science, to scale nanometric
brayan
nanotechnology is the study, desing, synthesis, manipulation and application of materials and functional systems through control of matter at nanoscale
Damian
Is there any normative that regulates the use of silver nanoparticles?
Damian Reply
what king of growth are you checking .?
Renato
What fields keep nano created devices from performing or assimulating ? Magnetic fields ? Are do they assimilate ?
Stoney Reply
why we need to study biomolecules, molecular biology in nanotechnology?
Adin Reply
?
Kyle
yes I'm doing my masters in nanotechnology, we are being studying all these domains as well..
Adin
why?
Adin
what school?
Kyle
biomolecules are e building blocks of every organics and inorganic materials.
Joe
Got questions? Join the online conversation and get instant answers!
Jobilize.com Reply

Get the best Algebra and trigonometry course in your pocket!





Source:  OpenStax, Operating systems. OpenStax CNX. Aug 13, 2009 Download for free at http://cnx.org/content/col10785/1.2
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Operating systems' conversation and receive update notifications?

Ask