secure operating systems n.
Skip this Video
Loading SlideShow in 5 Seconds..
Secure Operating Systems PowerPoint Presentation
Download Presentation
Secure Operating Systems

Loading in 2 Seconds...

play fullscreen
1 / 18

Secure Operating Systems - PowerPoint PPT Presentation

  • Uploaded on

Secure Operating Systems. Lesson 3: OS Structures. What Services Does an OS provide?. An environment for the execution of programs… which means what? Right: a set of APIs that allow a programmer to leverage services controlled by the OS. User-facing. The GUI Program Execution

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Secure Operating Systems' - forest

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
secure operating systems

Secure Operating Systems

Lesson 3: OS Structures

what services does an os provide
What Services Does an OS provide?
  • An environment for the execution of programs… which means what?
  • Right: a set of APIs that allow a programmer to leverage services controlled by the OS
user facing
  • The GUI
  • Program Execution
  • I/O Operations
  • File-system manipulation
  • Comms
  • Error Detection
under the hood
Under the Hood
  • Resource Allocation
  • Accounting
  • Protection and Security
the os interface
The OS Interface
  • Of course, the GUI
  • But also the command interpreter and shell
    • Compare and contrast Unix and Windows on this
  • The Interface to programs is the API
    • This requires a change in domain
    • The API isn’t (usually) the same as the underlying system call
  • Let’s walk through a simple fopen()
    • Why is this an OS function?
    • How does it relate to the OS? Why?
example createfilea w
Example: CreateFileA?W
  • HANDLE WINAPI CreateFile( _In_ LPCTSTR lpFileName, _In_ DWORD dwDesiredAccess, _In_ DWORD dwShareMode, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _In_ DWORD dwCreationDisposition, _In_ DWORD dwFlagsAndAttributes, _In_opt_ HANDLE hTemplateFile);
how the call works
How the Call Works
  • Three ways
    • Often, via the stack
    • Or via registers
    • Or via a pointer to a block of memory
the confused deputy
The Confused Deputy
  • We’ll look at this in much more detail later, but the OS can be thought of as being deputized by an application to do work for hire
  • This is a risky proposition
system programs utilities
System Programs/Utilities
  • May not need more privilege
  • Handle things like:
    • File management
    • Status information
    • File modification
    • Programming language support
    • Program loading and execution
    • Comms– Message passing and Shared Memory
os design goals
OS Design Goals
  • Perhaps where we fail most is when we set our design goals: poor goals lead to a bad design, and no wonder it doesn’t work
  • Performance – especially worst case – is often overlooked
  • We tend to “hand wave” over requirements in the OS
mechanisms and policies
Mechanisms and Policies
  • Mechanisms are how something gets done
  • Policies define what to do…
  • Easily to confuse; when we mix them, we end up with inflexible systems
os structure
OS Structure
  • Simple layers, like MSDOS
  • A large kernel is dangerous from a security perspective (why?)
  • Possible solution is the microkernel
    • Move everything you can from the lowest domain
    • The kernel focuses on message passing
    • Makes it easier to expand
    • But performance can be problematic
modular kernels
Modular Kernels
  • A standard form for kernel loadable modules
  • Runtime loading allows you to add when you need things…
  • Problem: if you load my code into your kernel… yes… ahem…
os debugging
OS Debugging
  • A tricky business (think about it!)
  • VMs can help
  • Core Dump: dump as much state as able at a critical error point
  • OS debugging has a number of challenges related to complexity, concurrence and attribution
    • Typically, we do some type of remote debugging
  • Read Chapter 2 of OSC
  • Read “Protection” by Butler Lampson
  • A word to the wise – don’t behind on the reading, because there’s a lot of it. I’ll set less assignments based on that, but the material will be on the final.
questions comments
Questions & Comments
  • What do you want to know?