File Protection in Operating System
- 1. FILE PROTECTION PRESENTED BY :- AKASH KUMAR CHAUBEY CLASS :- MCA (II) ROLL NO. :- MCA/25014/18
- 2. It is implemented to prevent interferences with the use of files both logical and physical address space. It can be of two types :- (I)Protection (II)Security Any file system may have two types of threats i.e. INTERNAL and EXTERNAL
- 3. Let there be multiple users (U)in the system using different resources (R)of system i.e. U1 U2 U3 U4 U5 R1 R2 If U3 wants to access R1 then this threats is internal and leads to protection If any external users want to access R1 or R2 then this threats leads to security. INTERNAL
- 4. PROTECTION :- It deals with threats information that are internal. It provides mechanism for controlling the access to program process user to a resource. SECURITY :- It deals with threats that are external. It includes firewall and encryption technique.
- 5. •• • • Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system. Protection ensures that the resources of the computer are used in a proper way. It ensure that each object accessed correctly and only by those processes that are allowed to do so. OS designer faces challenge of creating a protection scheme that cannot be by passed by any software that may be created in the future
- 6. • Safe sharing of common logical address space or common physical address space. • Fair and reliable resources usage. • Detect malfunction before they contaminate the system.
- 7. • Access control is concerned with determining the allowed activities of valid users, mediating every attempt by a user to access a resource in the system. Basic Terminology are : Object: An entity that contains or receives information. • access to the- Access to an object potentially implies information it contains. example. File, programs, printer, disk, etc. performAccess rights: The permisiion granted to a user to an operation example. read, write, execute etc
- 8. Access Conrol policy object source (e.g. users, processes) request guard resource (e.g. files, printers) Access request subject
- 9. • • • • • Domain = collection of objects and a set of access rights for each of the objects A process operates within a Protection Domain that specifies the resources that the process may access. Each domain defines a set of objects and the types of operations that may be invoked on each object. The ability to execute an operation on an object is an access right System will consists of such multiple domains each having certain predefined access right on different object
- 10. • During execution of the process it can change the domain this is called domain switching • • • A domain can be realized in a variety of ways: Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user. Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process.
- 11. Example of Unix: In the UNIX operating system, a domain is associated with the user. In Unix operating system user ID’s use for identify the domain.
- 12. Allocate space to the file so that disk space is utilized in a efficient manner. FACTOR TO CONSIDER FOR FILE ALLOCATION 1) Processing speed: If we are allocating file where sequential and random access is very slow then allocation is inefficient. 2) Ability to use multisector and multitract transfer 3) Disk space utilization: File should be stored or allocated such that maximum number of file can be stored in the disk. 4) Main memory requirement : It should be less.
- 13. 1.Each file occupies a set if contiguous addresses on disk. 2.Linear ordering. 3.Location of a file is defined by the disk address of the first block and its length. 4.Both sequential and direct /random access are supported. Disadvantages:- --Finding space for new file. --leads to external fragmentations.
- 14. First fit : Allocate at first space that is capable of storing file. Best fit : Allocate the smallest space that is big enough to store the file. Worst fit : Allocate the largest space.
- 15. 1. Solves all the problems of contiguous allocation . Each file is a linked list of disk blocks. 2. No External fragmentation. 3. Can be used only for sequential access of file.
- 16. 1.Solves the problem of linked allocation. 2. In this all the pointers are brought together into one location called index blocks. 3.Each file has its own index block.