Operating System Features

1
Operating System Features
2
Operating System Features

• Memory protection
• Temporary file issues
• Dead space issues
• Sandboxing
• Object Request Brokers

3
Separation

• Physical processes use different physical
  objects
• Temporal processes use same objects at
  different times
• Logical processes use objects in constrained
  space
• Cryptographic processes use only intelligible
  objects

4
Levels of Protection

• None
• Isolation
• Share all/Share none
• Share via access limitation
• Share by capabilities
• Limited use

5
Granularity

• Volume (physical storage structure)
• Data collection (file, database, memory)
• Data element (entry, memory structure)
• Field (value within data element)
• Word (addressable memory unit)
• Byte (character)
• Bit (1/0)
• Detail vs. Efficiency

6
Mechanisms

• Fence Register
• Relocation
• Base/Bounds Register
• Tagged Architecture
• Segmentation
• Paging
• Paged Segmentation
• Capability

7
Fence Register

• Address bounding protected and open memory
• Protected, typically operating system
• Open, typically user
• No protection within bounds

0
Operating System
Fence
8192
User Program Space
8193
Max
8
Relocation

• Need to shift programs in memory
• Programs written using memory 0 and above
• Operating system translates to actual location
• Retranslate to shift program in memory

0
Operating System
8192
Program A (old)
16384
Program A (new)
24576
9
Base/Bounds Register

• Starting address for program base register
• Max allocated address bounds register
• Changed at context switch

0
Operating System
Base
8192
16384
Program A
16384
Bound
20480
Program B
24576
10
Tagged Architecture

• Each word of memory has identified access rights
• Rights tested on each access
• Typically few distinctions
• Data
• Pointer
• Control

11
Segmentation

• Program pieces
• Instructions
• Data
• Constants
• Access ltseg, offsetgt
• Store separately
• Base
• bound
• Protect differently
• Allow sharing
• External fragmentation

Operating System
A Table
rw
x
Program B Data
r
Program Instructions
B Table
Program A Data
rw
wx
Program Constants
r
12
Paging
Page table

• Equal-size blocks
• Access ltpg, offsetgt
• Offset gt size goes to next page
• Difficult to protect
• Less fragmentation
• Difficult to share

lt2,53gt
13
Paged Segmentation

• Segment references translate to page references
• ltseg, offsetgt
• ltltpage of seggt, ltpage offsetgtgt
• Segmentation for sharing/protection
• Paging for ease of handling

14
Capabilities

• Unforgeable token
• Identity of object requested
• Rights to object
• Signature of broker
• Control of rights transfer
• Control of rights propagation
• Done at structure level

15
Temporary File Issues

• Temporary file duration for life of process
  only
• Intended private and non-invasive
• Threats
• Disclosure
• Modification
• Misdirection
• Protection via atomic transactions

16
Dead Space Issues

• What are default values?
• Random
• Zero
• Whatever was there before
• What are cleared values?
• Random
• Zero
• Pattern
• No clearing

17
Sandboxing

• Restricted environment for untrusted code
• Web code
• Email code
• Issues of completeness, operations available
• Alternative trust vendor signature(ActiveX)
• Alternative carry proof (lab systems)
• Alternative cryptography (Microsoft)

18
Object Request Brokers

• Object code and data bundle, limited access
  methods
• Broker mediate communication between objects
• CORBA industry standard
• Still a lot of discussion about protection