Networking
Another aspect of an operating system has to do with the
networking capabilities contained in each. The network links separate
computers together from different locations.
Most current operating systems are capable of using the TCP/IP
networking protocols. That means that one system can appear on a
network of the other and share resources such as files, printers, and
scanners using either wired or wireless connections.
networking capabilities contained in each. The network links separate
computers together from different locations.
Most current operating systems are capable of using the TCP/IP
networking protocols. That means that one system can appear on a
network of the other and share resources such as files, printers, and
scanners using either wired or wireless connections.
Security
Security is important in any computer system. The operating
system provides a level of security that can protect your computer and
the data on it. System security is based on two principles:
That the operating system provides access to many resources
either directly or indirectly. That could mean files on a local
disk, privileged system calls, person information about user, and
the services offered by the programs running on the system.
That the operating system is capable of distinguishing between
those who are allowed to access the resource and those who are
forbidden to do so. While some systems may simply distinguish
between “privileged” and “non-privileged”, most commonly have
a form of register identity such as a user name.
Requesters of information are further divided into two
categories:
Internal security in an already running program. On some
systems, once a program is running, it has no limitations, but
commonly, the program has an identity which it keeps. That
identity is used to check all of its requests for resources.
External security as in a new request from outside the computer.
This could be in the form of a new request from outside the
system such as a login at a connected console or some kind of
network connection. To establish identity, there may be a
process of authentication.
Often a username must be entered and every username should
have a password. Other methods of authentication such as
magnetic cards or biometric data may be used instead. In some
cases, especially connections from the network, resources may
be accessed with no authentication at all.
In addition to the allow/disallow model of security, a system with
a high level of security will also offer auditing options. These would
allow tracking of requests for access to resources as in “who has been
reading this file?”
Operating system security has long been a concern of
programmers because of highly sensitive data held on some
computers. This is both of a commercial and a military nature.
The US Government Department of Defense created their own
criteria of standards that sets basic requirement for assessing the
effectiveness of OS security. This became of vital importance to
operating system makers because this system was used to classify and
select system being considered for the processing, storage ad retrieval
of sensitive or classified information.
system provides a level of security that can protect your computer and
the data on it. System security is based on two principles:
That the operating system provides access to many resources
either directly or indirectly. That could mean files on a local
disk, privileged system calls, person information about user, and
the services offered by the programs running on the system.
That the operating system is capable of distinguishing between
those who are allowed to access the resource and those who are
forbidden to do so. While some systems may simply distinguish
between “privileged” and “non-privileged”, most commonly have
a form of register identity such as a user name.
Requesters of information are further divided into two
categories:
Internal security in an already running program. On some
systems, once a program is running, it has no limitations, but
commonly, the program has an identity which it keeps. That
identity is used to check all of its requests for resources.
External security as in a new request from outside the computer.
This could be in the form of a new request from outside the
system such as a login at a connected console or some kind of
network connection. To establish identity, there may be a
process of authentication.
Often a username must be entered and every username should
have a password. Other methods of authentication such as
magnetic cards or biometric data may be used instead. In some
cases, especially connections from the network, resources may
be accessed with no authentication at all.
In addition to the allow/disallow model of security, a system with
a high level of security will also offer auditing options. These would
allow tracking of requests for access to resources as in “who has been
reading this file?”
Operating system security has long been a concern of
programmers because of highly sensitive data held on some
computers. This is both of a commercial and a military nature.
The US Government Department of Defense created their own
criteria of standards that sets basic requirement for assessing the
effectiveness of OS security. This became of vital importance to
operating system makers because this system was used to classify and
select system being considered for the processing, storage ad retrieval
of sensitive or classified information.
Internal Security
Internal security can be thought of as a way to protect the
computer’s resources from the programs concurrently running on the
system. Most operating systems set programs running natively on the
computer’s processor. That brings on the problem of how to stop
these programs from doing the same task and having the same
privileges as the operating system which is just a program too.
Processors used for general purpose operating systems are
automatically blocked from using certain hardware instructions such as
those to read or write from external devices like disks. Instead, they
have to ask the privileged program, or operating system kernel) to
read to write. The operating system, therefore, gets the chance to
check the program’s identity and allow or refused the request.
An alternative strategy available in systems that don’t meet pre-
set requirements is the operating will not run user programs as native
code. Instead, they either emulate a processor or provide a host for a
“p-Code” based system such as Java.
Internal security is especially important with multi-user systems
as it allows each user of the system to have private files that the other
users cannot tamper with or read. Internal security is also vital if
auditing is to be of any use since a program can potentially bypass the
operating system without bypass auditing.
computer’s resources from the programs concurrently running on the
system. Most operating systems set programs running natively on the
computer’s processor. That brings on the problem of how to stop
these programs from doing the same task and having the same
privileges as the operating system which is just a program too.
Processors used for general purpose operating systems are
automatically blocked from using certain hardware instructions such as
those to read or write from external devices like disks. Instead, they
have to ask the privileged program, or operating system kernel) to
read to write. The operating system, therefore, gets the chance to
check the program’s identity and allow or refused the request.
An alternative strategy available in systems that don’t meet pre-
set requirements is the operating will not run user programs as native
code. Instead, they either emulate a processor or provide a host for a
“p-Code” based system such as Java.
Internal security is especially important with multi-user systems
as it allows each user of the system to have private files that the other
users cannot tamper with or read. Internal security is also vital if
auditing is to be of any use since a program can potentially bypass the
operating system without bypass auditing.
Read more
No comments:
Post a Comment