Operating System

By
Fikadu M.
[email protected]
Chapter
Five
I/O Management

Lecture 5: I/O Management 3/22/2021

 Outline
3

🠶 Introduction to I/O
Management
🠶 Principles of I/O Hardware
🠶 Principles of I/O Software
🠶 Application I/O Interface
🠶 Performance

Lecture 5: I/O Management 3/22/2021

 4 5.1. Introduction
🠶 Management of I/O devices is a main task for the operating system.
 Handle message passing to and from the system
 Handle interrupts and errors
 Offer a simple interface
 Offer device independence (to some degree)

🠶 Viewpoints.
🠶 Users
🠶 Programmers
🠶 Technicians

Lecture 5: I/O Management 3/22/2021

 5 Cont’d
I/O Devices…
🠶 Categories of I/O Devices

1. Human Readable is suitable for communicating with the computer user.

Examples are printers, video display terminals, keyboard etc.

2. Machine Readable is suitable for communicating with

electronic Examples are disk and tape drives, sensors,
equipment. controllers.
3. Communication is suitable for communicating with
remote devices. Examples are digital line drivers and modems.

Lecture 5: I/O Management 3/22/2021

 6 Cont’d
🠶 Followings…
are the Differences between I/O Devices
1. Data rate : there may be differences of several orders of
magnitude between the data transfer rates.
2. Application: Different devices have different use in the system.
3. Complexity of Control: A disk is much more complex whereas
printer requires simple control interface.
4. Unit of transfer: Data may be transferred as a stream of bytes or
characters or in larger blocks.
5. Data representation: Different data encoding schemes are used
for different devices.
6. Error Conditions: The nature of errors differs widely from one device to
another.

Lecture 5: I/O Management 3/22/2021

 7 Cont’d
… can be approached in three ways:
🠶 The I/O function
🠶 Programmed I/O: continuous attention of the processor is required
🠶 Interrupt driven I/O: processor launches I/O and can
continue until
interrupted.
🠶 Direct memory access: the dma module governs the exchange of data
between the I/O unit and the main memory

🠶 OS is isolated from most of the complexity by an I/O module (controller)

Lecture 5: I/O Management 3/22/2021

 8 5.2. Principle of I/O
🠶 Computers Hardware
operate a great many kinds of devices.
🠶 General types include
🠶 storage devices (disks, tapes),

🠶 transmission devices (network cards, modems), and

🠶 human-interface devices (screen, keyboard, mouse).

🠶 A device communicates with a computer system by sending signals over a

cable or even through the air.
🠶 The device communicates with the machine via a connection point termed a
port (for example, a serial port). If one or more devices use a common set of
wires, the connection is called a bus.
🠶 When device A has a cable that plugs into device B, and device B has a cable
that plugs into device C, and device C plugs into a port on the computer, this
arrangement is called a daisy chain. It usually operates as a bus.

Lecture 5: I/O Management 3/22/2021

 9 5.2.1. I/O Device
🠶 I/O devices can be roughly divided into two categories: block devices and
character devices.
• Block Devices

 Store information in fixed sized blocks, each one with its own address.

 Size 128-1024 bytes.

 Blocks are the addressing units for reading and writing

 Example: disks, USB, cd-roms

 More problematic example: tapes

• Not randomly accessible

• Writing in the middle of a tape is not always possible

Lecture 5: I/O Management 3/22/2021

 1 Cont’d
0
• …
Character Devices
– Terminal, printer, network interface, mice(for pointing), and most other
devices that are not disk-like can be seen as character devices.
– A character device delivers or accepts a stream of characters, without regard
to any block structure.

– It is not addressable and does not have any seek operation.

• Blocks and character devices are still a basic abstraction at the

O.S. level (file systems)

Lecture 5: I/O Management 3/22/2021

 1 Cont’d
1
🠶 A computer … system contains a multitude of I/O devices and their respective
controllers:
 network card
 graphics adapter
 disk controller
 DVD-ROM controller
 serial port
 USB
 sound card

Lecture 5: I/O Management 3/22/2021

 1 5.2.2. Device Controllers
2
🠶 Hardware Principles: controllers
🠶 An I/O unit typically consists of electronic and mechanical components separated
in modular design.
🠶 The electronic component is the “device controller” or “adapter”
🠶 Designed independently for many devices
🠶 The controller card usually has a connector on it, into which a cable leading to
the device itself can be plugged.
🠶 Standardised interfaces (ANSI, ISO, IEEE,…)
🠶 Bus <-> I/O channels

Lecture 5: I/O Management 3/22/2021

 1 Cont’d
3
🠶 … interface
Controller-device
🠶 Very low-level
🠶 Example: disk
🠶 Controller produces a block of bytes and performs error correction if necessary, copies
block into memory
🠶 Example: video card
🠶 Reads bytes from own memory and generates signals to steer the CRT
🠶 Programming the electron rays is clearly unfeasible for normal programmers
🠶 Controller must offer an abstract interface
🠶 Controller-CPU interface
🠶 Based on controller registers
🠶 These may be part of the normal address space of the computer (memory mapped I/O)
(68x0)

Lecture 5: I/O Management 3/22/2021

 1 5.2.3. Direct Memory Access (DMA)
4
🠶 A special control unit may be provided to allow transfer of a block of data directly
between an external device and the main memory, without continuous intervention
by the processor. This approach is called Direct Memory Access (DMA).

🠶 DMA is particularly useful on devices like disks,

🠶 where many bytes of information can be transferred in single I/O operations.

🠶 Interaction with a device controller is managed through a device driver.

🠶 Device drivers are part of the operating system, but not necessarily part of the OS
kernel. The operating system provides a simplified view of the device to user
applications (e.g., character devices vs. block devices in UNIX).

Lecture 5: I/O Management 3/22/2021

 1 Cont’d
5
…the operating system buffers data that are transferred between a device
🠶 In some cases,
and a user space program (disk cache, network buffer). This usually increases
performance, but not always.

Lecture 5: I/O Management 3/22/2021

 1 5.3. I/O Software
6
Principles
5.3.1. I/O Software Principles
🠶 A key concept in the design of I/O software is known as device independence. What
it means is that it should be possible to write programs that can access any I/O device
without having to specify the device in advance.
🠶 For example, a program that reads a file as input should be able to read a file on a hard
disk, a CD-ROM, a DVD, or a USB stick without having to modify the program for each
different device. Similarly, one should be able to type a command such as

sort <input >output

🠶 Another important issue for I/O software is error handling.

🠶 In general, errors should be handled as close to the hardware as possible.' If the controller
discovers a read error, it should try to correct the error itself if it can.

Lecture 5: I/O Management 3/22/2021

1 5.3.2. I/O Software
7
layers

Lecture 5: I/O Management 3/22/2021

 1 Interrupt handlers
8
🠶 While programmed I/O is occasionally useful, for most I/O, interrupts are an
unpleasant fact of life and cannot be avoided.
🠶 They should be hidden away, deep in the bowels of the operating system, so that as
little of the operating system as possible knows about them.

🠶 The best way to hide them is to have the driver starting an I/O operation block until
the I/O has completed and the interrupt occurs. The driver can block itself by doing a
down on a semaphore, a wait on a condition variable, a receive on a message, or
something similar, for example:
🠶 When the interrupt happens, the interrupt procedure does whatever it has to in order
to handle the interrupt.

Lecture 5: I/O Management 3/22/2021

 1 Device
9
🠶 driver
Earlier in this chapter we looked at what device controllers do.

🠶 Is the only part in the OS that knows the controllers, their register structure,
sectors, tracks, cylinders, heads, interleaving, motors, ...

🠶 Device driver translates abstract, device independent software requests in

device
dependent signals.

🠶 Example: read a block from disk

🠶 If driver is idle when request arrives
🠶Start immediately
🠶 Else
🠶Move request to queue
Lecture 5: I/O Management 3/22/2021
 20 Cont’d
• …
Execute request:

• Do a translation to the disk specifics

• Find position of the block

• Check whether disk is rotating

• Check arm position

• Pass tasks to device one by one

• Some controllers can accept a list of tasks, others need assistance of

the driver after each subtask

Lecture 5: I/O Management 3/22/2021

2 Cont’d
1
…

Lecture 5: I/O Management 3/22/2021

 2 Device independence
2
🠶 Large part of the I/O software is independent of the
device.

🠶 Functions of the device independent I/O software

🠶 Uniform interfacing for the device drivers
🠶 Naming of the devices
🠶 Allocating and releasing dedicating device
🠶 Protection and privacy for devices
🠶 Block size independent of the device
🠶 Buffering
🠶 Memory assignment on block devices
🠶 Assignment of dedicated devices
🠶 Error handling

Lecture 5: I/O Management 3/22/2021

End of Chapter
Five

Lecture 5: I/O Management 3/22/2021

 Operating System

By
Fikadu M.
[email protected]
Chapter
Six
Security and Protection

Lecture 6: Security and Protection 3/22/2021

 Outline
26

🠶 The Security
Problem
🠶 Authentication
🠶 Program Threats
🠶 System Threats
🠶 Securing Systems
🠶 Intrusion Detection
🠶 Encryption
🠶 Windows NT

Lecture 6: Security and Protection 3/22/2021

 2 6.1.
7
🠶 Security
Security must consider external environment of the system, and protect it
from:
🠶 unauthorized access.
🠶 malicious modification or destruction
🠶 accidental introduction of inconsistency.

🠶 Easier to protect against accidental than malicious misuse.

Lecture 6: Security and Protection 3/22/2021

 28 Cont’d
🠶 … possess valuable information they want to guard closely.
Many companies
🠶 This information can be:
🠶 technical (e.g., a new chip design or software),

🠶 commercial (e.g., studies of the competition or marketing plans),

🠶 financial (e.g., plans for a stock offering)

🠶 legal (e.g., documents about a potential merger or takeover),

🠶 among many other possibilities. Frequently this information is protected by having a

uniformed guard at the building entrance who checks to see that everyone entering the
building is wearing a proper badge.
🠶 In addition, many offices may be locked and some file cabinets may be locked as well to
ensure that only authorized people have access to the information.

Lecture 6: Security and Protection 3/22/2021

 29 Cont’d
🠶 … increasingly have valuable data on them, too.
Home computers
🠶 Many people keep their financial information, including tax returns and credit card
numbers, on their computer.

🠶 Love letters have gone digital.

🠶 And hard disks these days are full of important photos, videos, and movies.

🠶 As more and more of this information is stored in computer systems, the need to protect it
is becoming increasingly important.
🠶 Guarding this information against unauthorized usage is therefore a major concern of all
operating systems.

Lecture 6: Security and Protection 3/22/2021

30 Standard security
attack

Lecture 6: Security and Protection 3/22/2021

 3 6.1.1. Security
1
🠶 environment
Let us start our study of security by defining some terminology.
🠶 Some people use the terms "security" and "protection" interchangeably. Nevertheless,
it is frequently useful to make a distinction between the general problems involved
in:
🠶 making sure that files are not read or modified by unauthorized persons,
🠶 which include technical, administrative, legal, and political issues on the one hand, and the specific
operating system mechanisms used to provide security, on the other.

🠶 To avoid confusion, we will use the term security to refer to the overall problem, and
the term protection mechanisms to refer to the specific operating system mechanisms
used to safeguard information in the computer. The boundary between them is not
well defined, however.

Lecture 6: Security and Protection 3/22/2021

 3 Cont’d
2
🠶 Security has…
many facts.
🠶 Three of the more important ones are:
1. the nature of the threats,
2. the nature of intruders, and
3. Accidental data loss. We will now look at these in turn.

Lecture 6: Security and Protection 3/22/2021

 33 1.
🠶 From a Threat
security perspective, computer systems have four
general goals, with corresponding threats to them, as listed below.
🠶 The first, data confidentiality, is concerned with having secret data remain secret.
🠶 More specifically, if the owner of some data has decided that these data are only to be
made available to certain people and no others, the system should guarantee that release of
the data to unauthorized people never occurs.

🠶 As an absolute minimum, the owner should be able to specify who can see what, and the
system should enforce these specifications, which ideally should be per file.

Lecture 6: Security and Protection 3/22/2021

 34 Cont’d
… data integrity, means that unauthorized users should not be able to
🠶 The second goal,
modify any data without the owner's permission.
🠶 Data modification in this context includes not only changing the data, but also removing
data and adding false data. If a system cannot guarantee that data deposited in it remain
unchanged until the owner decides to change them, it is not worth much as an information
system.

🠶 The third goal, system availability, means that nobody can disturb the system to
make it unusable.
🠶 Such denial of service attacks is increasingly common.
🠶 For example, if a computer is an Internet server, sending a flood of requests to it may
cripple it by eating up all of its CPU time just examining and discarding incoming requests.
If it takes, say, 100 use to process an incoming request to read a Web page, then anyone
who manages to send 10,000 requests/sec can wipe it out. Reasonable models and
technology for dealing with attacks on confidentiality and integrity are available; foiling
these denial-of-services attacks is much harder.

Lecture 6: Security and Protection 3/22/2021

 35 Cont’d
…threat has arisen in recent years. Outsiders
🠶 Finally, a new can sometimes take
command of people's home computers (using viruses and other means) and turn them
into zombies, willing to do the outsider's bidding at a moment's notice.

🠶 Source of threats
🠶 Threats can come from a range of sources

🠶 human error

🠶 discontented employees

🠶 dishonest employees

🠶 outsider access

🠶 act of nature (fire, flood etc)

Lecture 6: Security and Protection 3/22/2021

 36 2. Intruders
🠶 Most people are pretty nice and obey the law, so why worry about security?
🠶 Because there are unfortunately a few people around who are not so nice and want to cause
trouble (possibly for their own commercial gain).
🠶 In the security literature, people who are nosing around places where they have no business
being are called intruders or sometimes adversaries.

🠶 Intruders act in two different ways.

🠶 Passive intruders just want to read files they are not authorized to read.

🠶 Active intruders are more malicious; they want to make unauthorized changes to data.

🠶 When designing a system to be secure against intruders, it is important to keep in mind the
kind of intruder one is trying to protect against.

Lecture 6: Security and Protection 3/22/2021

37 Cont’d… passive
attack

Lecture 6: Security and Protection 3/22/2021

38 Cont’d… active
attack

Lecture 6: Security and Protection 3/22/2021

 39 Cont’d
🠶 …between a conventional intruder and a virus is that the former refers
The difference
to a person who is personally trying to break into a system to cause damage whereas
the latter is a program written by such a person and then released into the world
hoping it will cause damage.
🠶 Intruders try to break into specific systems (e.g., one belonging to some bank or the
Pentagon) to steal or destroy particular data, whereas a virus writer usually wants to
cause damage in general and does not care to whom.

Lecture 6: Security and Protection 3/22/2021

 40 3. Accidental data loss
🠶 In addition to threats caused by malicious intruders, valuable data can be lost by
accident. Some of the common causes of accidental data loss are:

1. Acts of God: fires, floods, earthquakes, wars, riots, or rats

gnawing backup tapes.
2. Hardware or software errors: CPU malfunctions, unreadable disks or tapes,
telecommunication errors, program bugs.
3. Human errors: incorrect data entry, wrong tape or CD-ROM mounted. Wrong
program run, lost disk or tape, or some other mistake.

🠶 Most of these can be dealt with by maintaining adequate backups, preferably far away
from the original data. While protecting data against accidental loss may seem
mundane compared to protecting against clever intruders, in practice, probably more
damage is caused by the former than the latter.

Lecture 6: Security and Protection 3/22/2021

 4 Authentication
1
🠶 User identity most often established through passwords, can be considered a special
case of either keys or capabilities.

🠶 Passwords must be kept secret.

🠶 Frequent change of passwords.

🠶 Use of “non-guessable” passwords.

🠶 Log all invalid access attempts.

🠶 Passwords may also either be encrypted or allowed to be used only once.

Lecture 6: Security and Protection 3/22/2021

 42 Authentication (cont’d…)
🠶 A major security problem for operating systems is the authentication problem. The
protection system depends on an ability to identify the programs and processes that
are executing.
🠶 Authentication is based on one or more of three items:
🠶 user possession (a key or card),

🠶 user knowledge (a user identifier and password), and

🠶 a user attribute (fingerprint) retina pattern, or signature).

🠶 Constraining set of potential senders of a message

🠶 Complementary and sometimes redundant to encryption.

🠶 Also can prove message unmodified.

Lecture 6: Security and Protection 3/22/2021

 43 Program threats
🠶 Trojan Horse
🠶 Code segment that misuses its environment.

🠶 Exploits mechanisms for allowing programs written by users to be executed by other users.

🠶 Trap Door
🠶 Specific user identifier or password that circumvents normal security procedures.

🠶 Could be included in a compiler.

🠶 Stack and Buffer Overflow

🠶 Exploits a bug in a program (overflow either the stack or memory buffers.)

Lecture 6: Security and Protection 3/22/2021

 44 System threats
🠶 Worms – use spawn mechanism; standalone program
🠶 Internet worm
🠶 Exploited UNIX networking features (remote access) and bugs in finger and sendmail
programs.

🠶 Grappling hook program uploaded main worm program.

🠶 Viruses – fragment of code embedded in a legitimate program.

🠶 Mainly effect microcomputer systems.
🠶 Downloading viral programs from public bulletin boards or exchanging floppy disks
containing an infection.

🠶 Safe computing.

🠶 Denial of Service
🠶 Overload the targeted computer preventing it from doing any sueful work.

Lecture 6: Security and Protection 3/22/2021

 45 Threat monitoring
🠶 Check for suspicious patterns of activity – i.e., several incorrect password
attempts may signal password guessing.

🠶 Audit log – records the time, user, and type of all accesses to an object;
useful for recovery from a violation and developing better security
measures.

🠶 Scan the system periodically for security holes; done when the computer is
relatively unused.

Lecture 6: Security and Protection 3/22/2021

 46 Threat monitoring (cont’d…)
🠶 Check for:
🠶 Short or easy-to-guess passwords

🠶 Unauthorized set-uid programs

🠶 Unauthorized programs in system directories

🠶 Unexpected long-running processes

🠶 Improper directory protections

🠶 Improper protections on system data files

🠶 Dangerous entries in the program search path (Trojan horse)

🠶 Changes to system programs: monitor checksum values

Lecture 6: Security and Protection 3/22/2021

 47 Firewall
🠶 A firewall is placed between trusted and untrusted hosts.

🠶 The firewall limits network access between these two security domains.

Lecture 6: Security and Protection 3/22/2021

 Network security domain separation
48 via firewall

Lecture 6: Security and Protection 3/22/2021

 49 Intrusion detection
🠶 Detect attempts to intrude into computer systems.

🠶 Detection methods:
🠶 Auditing and logging.
🠶 Tripwire (UNIX software that checks if certain files and directories have been altered – I.e.
password files)

🠶 System call monitoring

Lecture 6: Security and Protection 3/22/2021

 50 Encryption
🠶 Encrypt clear text into cipher text.
🠶 Properties of good encryption technique:
 Relatively simple for authorized users to incrypt and decrypt data.
 Encryption scheme depends not on the secrecy of the algorithm but on a parameter of the
algorithm called the encryption key.
 Extremely difficult for an intruder to determine the encryption key.

🠶 Data Encryption Standard substitutes characters and rearranges their order on

the basis of an encryption key provided to authorized users via a secure
mechanism. Scheme only as secure as the mechanism.

Lecture 6: Security and Protection 3/22/2021

 5 Encryption (cont’d…)
1
🠶 Public-key encryption based on each user having two keys:
 public key – published key used to encrypt data.

 private key – key known only to individual user used to decrypt data.

🠶 Must be an encryption scheme that can be made public without making it

easy to figure out the decryption scheme.
 Efficient algorithm for testing whether or not a number is prime.

 No efficient algorithm is know for finding the prime factors of a number.

Lecture 6: Security and Protection 3/22/2021

 52 Encryption example … Caesar
Cipher
🠶 earliest known substitution cipher
🠶 by Julius Caesar
🠶 first attested use in military affairs
🠶 replaces each letter by 3rd letter
on
🠶 example:
meet me after the toga
party
PHHW PH DIWHU WKH WRJD SDUWB

Lecture 6: Security and Protection 3/22/2021

 53 Encryption example … Caesar
Cipher
🠶 can define transformation as:
a b c d e f g h I j k l m n o p q r s t v w x y z
u
DE FG H I J K L MN O P Q RS TU VWX A BC
Y Z
🠶 mathematically give each letter a number
a b c d e f g h i j k l m n o p q r s t u v w x
y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25
🠶 then have Caesar cipher
as: c = E(p) = (p + k)
mod (26)
p = D(c) = (c – k) mod (26)

Lecture 6: Security and Protection 3/22/2021

 54 Encryption example
🠶 SSL
SSL – Secure Socket Layer

🠶 Cryptographic protocol that limits two computers to only exchange messages

with each other.

🠶 Used between web servers and browsers for secure communication (credit
card numbers)

🠶 The server is verified with a certificate.

🠶 Communication between each computers uses symmetric key cryptography.

Lecture 6: Security and Protection 3/22/2021

 55 Computer security classification
🠶 U.S. Department of Defense outlines four divisions of computer security: A,
B, C, and D.
🠶 D – Minimal security.
🠶 C – Provides discretionary protection through auditing. Divided into C1 and
C2. C1 identifies cooperating users with the same level of protection. C2
allows user-level access control.
🠶 B – All the properties of C, however each object may have unique sensitivity
labels. Divided into B1, B2, and B3.
🠶 A – Uses formal design and verification techniques to ensure security.

Lecture 6: Security and Protection 3/22/2021

 56 Window NT example
🠶 Configurable security allows policies ranging from D to C2.

🠶 Security is based on user accounts where each user has a security ID.

🠶 Uses a subject model to ensure access security. A subject tracks and manages
permissions for each program that a user runs.

🠶 Each object in Windows NT has a security attribute defined by a security

descriptor. For example, a file has a security descriptor that indicates the
access permissions for all users.

Lecture 6: Security and Protection 3/22/2021

 57 Protectio
🠶 n consists of a collection of objects, hardware or software
Operating system

🠶 Each object has a unique name and can be accessed through a well-defined
set of operations.

🠶 Protection problem - ensure that each object is accessed correctly and only
by those processes that are allowed to do so.

Lecture 6: Security and Protection 3/22/2021

 58 Protection (Reading Assignment)
🠶 Access Matrix
🠶 Use of Access Matrix

🠶 Implementation of Access Matrix

🠶 Access Matrix with Copy Rights

🠶 Access Matrix With Owner Rights

🠶 Revocation of Access Rights

🠶 Capability-Based Systems
🠶 Hydra

🠶 Cambridge CAP System

🠶 Language-Based Protection

Lecture 6: Security and Protection 3/22/2021

End of Chapter
Six

Lecture 6: Security and Protection 3/22/2021