OPERATING SYSTEM

MODULE V
Protection and security: policy and mechanism, authentication, authorization.
Mobile OS: Concepts, history, features, architecture, future scope. Case
studies: Android, UNIX kernel and Microsoft Windows NT (concepts only).
1.Define Policies and Mechanisms in OS.
Policies are ways to choose which activities to perform. Mechanisms are the
implementations that enforce policies, and often depend to some extent on the
hardware on which the operating system runs. For instance, processes may be granted
resources using the first come, first serve policy.

2.What Is Authentication?
Authentication is the act of validating that users are whom they claim to be. This is
the first step in any security process.
Giving someone permission to download a particular file on a server or providing
individual users with administrative access to an application are good examples of
authentication.

Complete an authentication process through:

• Passwords. Usernames and passwords are the most common authentication
factors. If a user enters the correct data, the system assumes the identity is valid
and grants access.
• One-time pins. Grant access for only one session or transaction.
• Authentication apps. Generate security codes via an outside party that grants
access.
• Biometrics. A user presents a fingerprint or eye scan to gain access to the
system.
In some instances, systems require the successful verification of more than one factor
before granting access. This multi-factor authentication (MFA) requirement is often
deployed to increase security beyond what passwords alone can provide.

3.What Is Authorization?
Authorization in a system security is the process of giving the user permission to
access a specific resource or function. This term is often used interchangeably with
access control or client privilege.
In secure environments, authorization must always follow authentication. Users
should first prove that their identities are genuine before an organization’s
administrators grant them access to the requested resources.
4.Differentiate Authentication and Authorization
• Authentication, in the form of a key. The lock on the door only grants access to someone
with the correct key in much the same way that a system only grants access to users who
have the correct credentials.
• Authorization, in the form of permissions. Once inside, the person has the authorization
to access the kitchen and open the cupboard that holds the pet food. The person may not
have permission to go into the bedroom for a quick nap.
Authentication Authorization
What does it do? Verifies credentials Grants or denies permissions
Through passwords, biometrics, one- Through settings maintained by
How does it work? time pins, or apps security teams
Is it visible to the
user? Yes No
It is changeable by
the user? Partially No
How does data
move? Through ID tokens Through access tokens

• Authentication. Let every staff member access your workplace systems if they provide
the right credentials in response to your chosen authentication requirements.
• Authorization. Grant permission to department-specific files, and reserve access to
confidential data, such as financial information, as needed. Ensure that employees have
access to the files they need to do their jobs.
•
5.Explain Threats to Protection and Security
Protection and security requires that computer resources such as CPU, softwares, memory etc. are
protected. This extends to the operating system as well as the data in the system. This can be done by
ensuring integrity, confidentiality and availability in the operating system. The system must be
protect against unauthorized access, viruses, worms etc.
A threat is a program that is malicious in nature and leads to harmful effects for the system.
Some of the common threats that occur in a system are −
Virus
Viruses are generally small snippets of code embedded in a system. They are very dangerous and
can corrupt files, destroy data, crash systems etc. They can also spread further by replicating
themselves as required.
Trojan Horse
A trojan horse can secretly access the login details of a system. Then a malicious user can use
these to enter the system as a harmless being and wreak havoc.
Trap Door
A trap door is a security breach that may be present in a system without the knowledge of the
users. It can be exploited to harm the data or files in a system by malicious people.
Worm
A worm can destroy a system by using its resources to extreme levels. It can generate multiple
copies which claim all the resources and don't allow any other processes to access them. A worm
can shut down a whole network in this way.
Denial of Service
These type of attacks do not allow the legitimate users to access a system. It overwhelms the
system with requests so it is overwhelmed and cannot work properly for other user.

6.What are Protection and Security Methods

The different methods that may provide protect and security for different computer systems are −
Authentication
This deals with identifying each user in the system and making sure they are who they claim to
be. The operating system makes sure that all the users are authenticated before they access the
system. The different ways to make sure that the users are authentic are:
• Username/ Password
Each user has a distinct username and password combination and they need to enter it correctly
before they can access the system.
• User Key/ User Card
The users need to punch a card into the card slot or use they individual key on a keypad to access
the system.
• User Attribute Identification
Different user attribute identifications that can be used are fingerprint, eye retina etc. These are
unique for each user and are compared with the existing samples in the database. The user can
only access the system if there is a match.
One Time Password
These passwords provide a lot of security for authentication purposes. A onetime password can
be generated exclusively for a login every time a user wants to enter the system. It cannot be
used more than once. The various ways a onetime password can be implemented are −
• Random Numbers
The system can ask for numbers that correspond to alphabets that are pre arranged. This
combination can be changed each time a login is required.
• Secret Key
A hardware device can create a secret key related to the user id for login. This key can change
each time.

7.Give the name of any mobile OS

• Android (Google)
• iOS (Apple)
• Bada (Samsung)
 • Blackberry OS (Research in Motion)
• Windows OS (Microsoft)
• Symbian OS (Nokia)
• Tizen (Samsung)

8.What is theft of service

Theft of Service - Unauthorized use of resources and data, such as theft of CPU cycles,
installation of daemons running an unauthorized file server, or tapping into the target's telephone
or networking services.

9.compare and contrast linux and windows NT

Windows NT
A well-known example of the hybrid kernel is the Microsoft Windows NT kernel. This kernel
handles all the operating systems in the Windows NT family. It is called a hybrid kernel instead
of a monolithic kernel as the emulation subsystems run on the user mode rather than the kernel
mode, unlike in monolithic kernel.
The NT kernel cannot be called a microkernel as well. This is because almost all the system
components run on the same address space as the kernel, which is a feature of the monolithic
kernel.
A figure that illustrates the structure of the Microsoft Windows NT kernel is as follows −
There are mainly two layers in the Windows NT operating system architecture i.e user mode and
kernel mode. The user mode contains the Integral Subsystems and Environmental Subsystems
with various modules in each of them.
The executive part of the kernel mode contains the executive services and object manager. The
executive services include I/O manager, IPC manager, process manager etc.

Unix Architecture
he Unix operating system is a set of programs that act as a link between the computer and the
user.
The computer programs that allocate the system resources and coordinate all the details of the
computer's internals is called the operating system or the kernel.
Users communicate with the kernel through a program known as the shell. The shell is a
command line interpreter;
Here is a basic block diagram of a Unix system −
The main concept that unites all the versions of Unix is the following four basics −
• Kernel − The kernel is the heart of the operating system. It interacts with the hardware
and most of the tasks like memory management, task scheduling and file management.
• Shell − The shell is the utility that processes your requests. When you type in a
command at your terminal, the shell interprets the command and calls the program that
you want. The shell uses standard syntax for all commands. C Shell, Bourne Shell and
Korn Shell are the most famous shells which are available with most of the Unix
variants.
• Commands and Utilities − There are various commands and utilities which you can
make use of in your day to day activities. cp, mv, cat and grep, etc. are few examples of
commands and utilities. There are over 250 standard commands plus numerous others
provided through 3rd party software. All the commands come along with various options.
• Files and Directories − All the data of Unix is organized into files. All files are then
organized into directories. These directories are further organized into a tree-like
structure called the filesystem.
10.Explain the architecture and features of any 2 mobile OS
Android
Android operating system is a stack of software components which is roughly divided into five
sections and four main layers as shown below in the architecture diagram.

Linux kernel
At the bottom of the layers is Linux - Linux 3.6 with approximately 115 patches. This provides
a level of abstraction between the device hardware and it contains all the essential hardware
drivers like camera, keypad, display etc. Also, the kernel handles all the things that Linux is
really good at such as networking and a vast array of device drivers, which take the pain out of
interfacing to peripheral hardware.

Libraries
On top of Linux kernel there is a set of libraries including open-source Web browser engine
WebKit, well known library libc, SQLite database which is a useful repository for storage and
sharing of application data, libraries to play and record audio and video, SSL libraries
responsible for Internet security etc.
Android Libraries
This category encompasses those Java-based libraries that are specific to Android development.
Examples of libraries in this category include the application framework libraries in addition to
those that facilitate user interface building, graphics drawing and database access. A summary
of some key core Android libraries available to the Android developer is as follows −
• android.app − Provides access to the application model and is the cornerstone of all
Android applications.
• android.content − Facilitates content access, publishing and messaging between
applications and application components.
• android.database − Used to access data published by content providers and includes
SQLite database management classes.
• android.opengl − A Java interface to the OpenGL ES 3D graphics rendering API.
• android.os − Provides applications with access to standard operating system services
including messages, system services and inter-process communication.
• android.text − Used to render and manipulate text on a device display.
• android.view − The fundamental building blocks of application user interfaces.
• android.widget − A rich collection of pre-built user interface components such as
buttons, labels, list views, layout managers, radio buttons etc.
• android.webkit − A set of classes intended to allow web-browsing capabilities to be
built into applications.
Having covered the Java-based core libraries in the Android runtime, it is now time to turn our
attention to the C/C++ based libraries contained in this layer of the Android software stack.

Android Runtime
This is the third section of the architecture and available on the second layer from the bottom.
This section provides a key component called Dalvik Virtual Machine which is a kind of Java
Virtual Machine specially designed and optimized for Android.
The Dalvik VM makes use of Linux core features like memory management and multi-
threading, which is intrinsic in the Java language. The Dalvik VM enables every Android
application to run in its own process, with its own instance of the Dalvik virtual machine.
The Android runtime also provides a set of core libraries which enable Android application
developers to write Android applications using standard Java programming language.

Application Framework
The Application Framework layer provides many higher-level services to applications in the
form of Java classes. Application developers are allowed to make use of these services in their
applications.
The Android framework includes the following key services −
• Activity Manager − Controls all aspects of the application lifecycle and activity stack.
• Content Providers − Allows applications to publish and share data with other
applications.
• Resource Manager − Provides access to non-code embedded resources such as strings,
color settings and user interface layouts.
• Notifications Manager − Allows applications to display alerts and notifications to the
user.
• View System − An extensible set of views used to create application user interfaces.

Applications
You will find all the Android application at the top layer. You will write your application to be
installed on this layer only. Examples of such applications are Contacts Books, Browser, Games
etc.
iOS
The iOS is the operating system created by Apple Inc. for mobile devices. The iOS is used in
many of the mobile devices for apple such as iPhone, iPod, iPad etc. The iOS is used a lot and
only lags behind Android in terms of popularity.
The iOS architecture is layered. It contains an intermediate layer between the applications and
the hardware so they do not communicate directly. The lower layers in iOS provide the basic
services and the higher layers provide the user interface and sophisticated graphics.
The layered architecture of iOS is given as follows −
Layers in iOS Architecture
The different layers as shown in the above diagram are given as follows −
Core OS
All the iOS technologies are built on the low-level features provided by the Core OS layer. These
technologies include Core Bluetooth Framework, External Accessory Framework, Accelerate
Framework, Security Services Framework, Local Authorization Framework etc.
Core Services
There are many frameworks available in the cure services layer. Details about some of these are
given as follows −
Cloud kit Framework
The data can be moved between the app the iCloud using the Cloud kit Framework.
Core Foundation Framework
This provides the data management and service features for the iOS apps.
Core Data Framework
The data model of the model view controller app is handled using the Core Data Framework.
Address Book Framework
The address book framework provides access to the contacts database of the user.
Core Motion Framework
All the motion based data on the device is accessed using core motion framework.
Health kit Framework
The health related information of the user can be handled by this new framework.
Core Location Framework
This framework provides the location and heading information to the various apps.

Media
The media layer enables all the graphics, audio and video technology of the system. The
different frameworks are:
UIKit Graphics
This provides support for designing images and animating the view content.
Core Graphics Framework
This provides support for 2-D vector and image based rendering and is the native drawing engine
for iOS apps.
Core Animation
The Core Animation technology optimizes the animation experience of the apps.
Media Player Framework
This framework provides support for playing playlists and enables the user to use their iTunes
library.
AV Kit
This provides various easy to use interfaces for video presentation.

Cocoa Touch
The cocoa touch layer provides the following frameworks −
EventKit Framework
This shows the standard system interfaces using view controllers for viewing and changing
calendar related events.
GameKit Framework
This provides support for users to share their game related data online using Game center.
MapKit Framework
This provides a scrollable map which can be included into the app user interface.

11.explain various mechanism available for implementing security in operating system

Boot Security: A number of security-critical services get started up at boot time. It is necessary to
understand this sequence in order to identify the relevant security issues.
1) Loader loads the Kernel Loader loads the kernel and init process starts. The PID of init
process is 0.
2) Kernel modules get loaded and devices are initialized Some kernel modules are loaded
immediately; others are loaded explicitly by boot scripts.
3) Boot scripts are stored at /etc/init.d
4) Run Levels
0 halt
1 single user
2 Full Multi-User mode (default)
3-5 Same as 2
6 Reboot
Authentication
This deals with identifying each user in the system and making sure they are who they claim to
be. The operating system makes sure that all the users are authenticated before they access the
system. The different ways to make sure that the users are authentic are:
• Username/ Password
Each user has a distinct username and password combination and they need to enter it correctly
before they can access the system.
• User Key/ User Card
The users need to punch a card into the card slot or use they individual key on a keypad to access
the system.
• User Attribute Identification
Different user attribute identifications that can be used are fingerprint, eye retina etc. These are
unique for each user and are compared with the existing samples in the database. The user can
only access the system if there is a match.
One Time Password
These passwords provide a lot of security for authentication purposes. A one-time password can
be generated exclusively for a login every time a user wants to enter the system. It cannot be
used more than once. The various ways a one-time password can be implemented are −
• Random Numbers
The system can ask for numbers that correspond to alphabets that are pre arranged. This
combination can be changed each time a login is required.
• Secret Key
A hardware device can create a secret key related to the user id for login. This key can change
each time.

12.Explain kernel architecture of UNIX operating system

Unix Architecture
he Unix operating system is a set of programs that act as a link between the computer and the
user.
The computer programs that allocate the system resources and coordinate all the details of the
computer's internals is called the operating system or the kernel.
Users communicate with the kernel through a program known as the shell. The shell is a
command line interpreter;
Here is a basic block diagram of a Unix system −
The main concept that unites all the versions of Unix is the following four basics −
• Kernel − The kernel is the heart of the operating system. It interacts with the hardware
and most of the tasks like memory management, task scheduling and file management.
• Shell − The shell is the utility that processes your requests. When you type in a
command at your terminal, the shell interprets the command and calls the program that
you want. The shell uses standard syntax for all commands. C Shell, Bourne Shell and
Korn Shell are the most famous shells which are available with most of the Unix
variants.
• Commands and Utilities − There are various commands and utilities which you can
make use of in your day to day activities. cp, mv, cat and grep, etc. are few examples of
commands and utilities. There are over 250 standard commands plus numerous others
provided through 3rd party software. All the commands come along with various options.
• Files and Directories − All the data of Unix is organized into files. All files are then
organized into directories. These directories are further organized into a tree-like
structure called the filesystem.

13.Explain the features of mobile OS

• Compatibility With Different Hardware
• Ease of use
• Apps
• Sensors
• Stable Performance on Various Devices
• Absence of Bugs
 • Flexibility and Adaptability
• Possibilities for Personalization
• Support of Cutting-Edge Technologies
• Handy Software Installed From the Get-Go
• Convenient Environment for Developers
• Abundance of Applications and Games
• User Support and Updates

14.What are the goals of system protection

• Obviously to prevent malicious misuse of the system by users or programs.

• To ensure that each shared resource is used only in accordance with
system policies, which may be set either by system designers or by system
administrators.
• To ensure that errant programs cause the minimal amount of damage possible.