The Power of it survival Guide for the cio



Download 1.93 Mb.
Page6/12
Date29.07.2017
Size1.93 Mb.
#24299
1   2   3   4   5   6   7   8   9   ...   12

Operating Systems




Purpose of an Operating System

An Operating System (OS) is the software that manages all the other programs in a computer system [23]. Operating Systems perform basic tasks, such as recognizing input from the keyboard, keeping track of files and directories, and controlling peripheral devices like disk drives and printers. For large systems, the Operating System has even greater responsibilities; it makes sure that different programs and clients running at the same time do not interfere with one another. The Operating System is also responsible for security, ensuring that unauthorized individuals do not access the system and the data it manages.


Operating Systems provide a software platform on top of which other programs, called application programs or applications, can run. The application programs are usually written for a particular Operating System. Your choice of Operating System, therefore, determines to a great extent the applications you can run.

Structure of an Operating System

An operating system can be seen as a layered structure:




  • CPU management;

  • Memory management;

  • Device drivers;

  • I/O management;

  • User interface.

The first layer of the OS handles the scheduling of the work done by the processor; this is done using system processes or threads. The Operating System organizes the execution of these processes or threads so that it looks as if several things are happening at the same time.


The memory management makes sure that each process gets enough memory without running into the memory space of other processes. It also makes sure that the different types of memory in the system are used properly. A processor can only access memory one location at a time, so the vast majority of memory is unused at any moment. Since disk space is cheap compared to internal memory, moving information from internal memory to hard disk can greatly expand available memory space at low cost. This technique is called virtual memory management. Moving data to and from disk is called swapping.

Special programs called drivers manage the path between the OS and virtually all hardware. Drivers do the translation between the hardware subsystems and the high-level programming languages. One reason that drivers are separate from the OS is that new functions can be added to the driver without requiring the operating system itself to be modified, recompiled, and redistributed. Furthermore, it allows development by the manufacturer of the subsystems rather than the vendor of the operating system. It is important to mention the process of Simultaneous Peripheral Operations On-Line (spooling), which consists of putting jobs in a buffer where data can be kept while the slower I/O device catches up.


Just as drivers provide a way for applications to make use of hardware subsystems without having to know every detail of the hardware's operation, Application Programming Interfaces (APIs) let application programmers use functions of the computer and OS without having to know all the details of the computer’s operation.
Finally, the user interface of the OS brings structure to the interaction between a user and the computer. A user normally interacts with the Operating System through a set of commands. For example, the DOS Operating System contains commands such as COPY and RENAME for copying files and changing the names of files, respectively. The commands are accepted and executed by a part of the Operating System called command processor or command line interpreter. Graphical user interfaces (GUIs) allow you to enter commands by pointing and clicking at objects that appear on the screen.

Characteristics of Operating Systems

Different characteristics of Operating Systems can be distinguished.


Multitasking and multiprocessing - The terms multitasking and multiprocessing are sometimes confused, even if multiprocessing usually implies that more than one CPU is involved. There are two types of multitasking: preemptive and cooperative. In preemptive multitasking, the Operating System distributes time slices to each program, in cooperative multitasking on the contrary each program can control the CPU for as long as it needs it.
The term multithreading refers to the ability of an operating system to execute different parts of a program, called threads, simultaneously. The program has to be designed in such a way that all the threads can run at the same time without interfering with one another.
When two or more simultaneous users are allowed, an Operating System is said to be multi-user. All mainframes and minicomputers are multi-user systems, but most personal computers and workstations are not.

Autonomic Computing

A new idea in the world of Operating Systems is called Autonomic Computing. The central theme is that computers should start to behave as a self-regulating biological system. Why? Because there are always more computers, that are always more complex and we will soon reach the point where we cannot manage it ourselves anymore. So, the computers have to learn to manage themselves (or one another).



Security

According to SEI security is:


The ability of a system to manage, protect, and distribute sensitive information.”

Authentication, authorisation, and accountability



Authentication is the process of determining whether a person or an entity such as another program is who it claims to be. During authentication, credentials presented by an individual or entity are validated and associated with that person or entity's identity.
Authorization is the process of giving a person or entity permission to do or have something. The system administrator defines for the system which users are allowed access to the system and with what privileges (such as access to which file directories, hours of access, amount of allocated storage space, and so forth).
Accountability refers to the ability of a system to keep track of whom or what gained access or made changes to the system.

The Orange Book

The Department of Defense Trusted Computer System Evaluation Criteria, (DOD-5200.28-STD) also known as the Orange Book, is the de facto standard for computer security today. The evaluation criteria can be used for the evaluation of existing systems and for the specification of security requirements during an acquisition process. In the Orange Book, computer systems are categorized in classes that are part of four divisions, depending on the criteria they satisfy.


Division D is reserved for those systems that have been evaluated but that fail to meet the requirements for a higher evaluation class. 
Classes in division C provide for discretionary (need-to-know) protection and, through the inclusion of audit capabilities, for accountability of subjects and the actions they start.
The preservation of the integrity of sensitivity labels is a major requirement in division B. Systems in this division must carry the sensitivity labels with major data structures in the system. The system developer must also provide the security policy model on which the system is based.
Division A is characterized by the use of formal security verification methods. Extensive documentation is required to demonstrate that the system meets the security requirements in all aspects of design, development, and implementation. 


Download 1.93 Mb.

Share with your friends:
1   2   3   4   5   6   7   8   9   ...   12




The database is protected by copyright ©ininet.org 2024
send message

    Main page