Week 5 - Final Project OS Theory Concept Map
There are three main functions of an operating system (OS); the management of the computer’s resources establishing a connection to the user interface, and executing and providing services for application software (Franklin & Pollette, 2000). These functions can be broken down into two main categories, the user functions and the system functions, with the OS being the connection between the two.
The OS controls every task the computer carries out and manages the resources for the user. These resources are the applications (user function), input/output (I/O) bandwidth management, user interface, file management system, boot system control, program execution, and error detection (Silberschatz et al., 2014). The I/O management system manages the devices that connect to the computer via ports such as keyboards, USB devices, or network connections. Starting or restarting the computer is apart of the OS’s booting system function, this is accomplished through two different types of boots, a cold or a warm boot. Error detection monitors the overall system for errors and malfunctions. In contrast, the file management system tracks where information is stored, the types of user access and the state of the files.
The system functions of the operating system include resource allocation, job allocation, protection and security. Resource allocation is where the OS keeps the proper resources available by deciding which resources will be used and for how long. Job accounting uses time and resources to track data resource usage for a single or group of users. The OS provides security and protection through passwords, firewalls, and other methods to prevent unauthorized users or data from accessing the computer.
The OS also controls the management of the primary or main memory. Main memory is a type of fast storage that directly accesses the CPU. For memory management the OS keeps truck of the amount of bytes are used by user programs. It also allocates memory to a process when the program requests it and deallocates it when it is no longer in use.
A process is considered an active entity or a program in execution (running) which then forms the bases of computation. Process state is then the specific state of the process such as new, running, waiting, or terminated. The Process Control Block (PCB) stores the information about each process that the OS runs or may run. The purpose of the PCB is to give an identity to each process so the OS can easily distingue them.
Single-threaded processes are the traditional way of processing; a single thread is processed at a time using one computer CPU. Running a thread from one process and then a thread to another process (swapping between the two) gives the impression of two processes running simultaneously.
As computers have advanced and the needs of the users change the need for computers to run multiple processes has also increased. The process of running multiple CPUs has brought about a new process called multi-threading. Multi-threading is the way for an OS to enable more than one user at a time without requiring multiple copies of a program to run on a computer. For most users multi-threading is used to handle multiple requests from that same user which makes multi-threading superior to single-threading (Goel, 2023).
The section of code that allows access to a shared variable is called a critical section. There is a time when multiple threads simultaneously access a critical section and the results of this can be one thread altering a variable while another thread is accessing that variable. This is called the critical-section problem and the solution is to only allow one program to access the critical-section at a time. This ensures any process can access the critical section if it is not being used and processes do not use the critical section for too long. A solution to this comes from Peterson’s solution which uses a flagging algorithm to provide mutual exclusion, bounded waiting, and progress of the process (Masood, 2023).
The objective of memory management in operating systems (OS) is to store instructions and process data. Memory is comprised of bytes, each with its own primary objective and location, the management of memory is to allow the OS to execute programs. When a program is in use it is in the main memory being executed as is its main function. Since the memory is always being used for program execution the memory management has the task of subdividing the memory among different processes. Other functions of memory management include the allocation and de-allocation of memory before and after process execution. Memory management also minimizes fragmentation issues and data integrity while the execution is in process.
Virtual or logical address space is an address generated by the CPU, whereas a physical address space is an address that is loaded into the memory address register of the memory. The logical address can be changed and defined by the size of the process being generated by the CPU. The physical address, aka the Real address, is computed by the memory management unit and always remains constant.
The translation between the virtual and physical addresses is known as memory mapping. To map virtual memory to physical memory there are three ways to map virtual addresses to physical addresses. The first technique is called paging and involves the virtual address space being divided into fixed-size pages and the physical address is divided into pages of the same size. Should a program use a virtual address, the OS then uses a page table to map that virtual address to the corresponding physical address (Patro, 2023). The next technique is where the virtual address space is divided into logical segments i.e., code segment, data segment, and stack segment this is called segmentation. Each segment is then assigned to a base address in the physical memory. The OS then maps the virtual address to the physical address using the base address of the corresponding segment to offset the virtual address. The third technique is called Virtual Address Extension (VAE) and allows the virtual address space to expand beyond the constraints of the physical address.
The purpose or objective of the file management system is to manage the files of a system. This system is responsible for not only managing but also creating, modifying, and deleting files created by users. Many files are kept in folders which the file management system also manages. Without this system, all files would just be placed in one large body of data without any structure and would lower the reliability and performance of the system. The file system also controls the I/O transfers between the memory and disk in units called blocks.
Single-level directory: The simplest of the directory structures is the single-level directory structure and simple due its implementation and small size. Every file in this type of structure is associated and resides in the same directory; this is basically called the root directory. Users cannot create subdirectories under the root directory. Any files created by the users are present in the root directory. The disadvantage to this is that a user cannot use the same file name that has already been used by another user in the system.
Two-level directory: The two-level directory structure allows users to create their own directory directly inside the root directory. Once the user creates one directory inside the root directory they cannot create a subdirectory inside that user created directory. The user can make another directory in the root directory just no subdirectories. This structure permits the user to keep their files separate from other users and allows for them to use the same name for the files but under different user directories.
Acyclic-Graph directory: The acyclic-graph structure allows a directory or file to have many parent directories. This is the best type of directory for file sharing as another directory can be pointed by the other user directories who have access to that share file using links.
There are many different types of input/output devices on the market for different uses. The core of an I/O device is to transfer information from the internal storage system and the I/O interface. An external device such as a microphone or monitor is the hardware layer and these devices are what the user interacts with. The software layer is where the device sends data to or receives data from the memory to be processed by the CPU. Should the I/O be interrupted the CPU will still try and process the I/O programming or instructions but will cause a slowdown of the device.
All computers need to be protected from malicious and accidental attempts to access protected systems or networks. The OS fulfills its function of protection by ensuring that only authorized users and programs with the correct access and privileges are allowed to be in the OS. There are two main ideas that work in protecting an OS and those are that of least privilege and the need to know.
The purpose of domain-based protection is to define a set of objects that are accessed by a set of subjects. Objects are resources such as files, memory, or I/O devices, whereas subjects are the entities that access those resources such as users, groups, or processors. The reason this type of security is so important is that domain-based attacks may target employees, and sensitive data, or try to gain access to the system.
The purpose of language-based protection or security is to ensure the presence of certain properties in the source code corresponding to the safety policy of the software. This type of security restricts programs to only those written in the approved languages and prevents the execution of malicious code.
Access matrixes are a type of model for a computer system’s protection state. The access matrix is used to specify the permissions of each process running in the domain for each object. An access matrix gives files and users different rights such as Read, Write, Execute, and Print. Some users or domains can have all, some, or only one of these permissive rights. The image below gives an example of how an access matrix can look (GeeksforGeeks, 2022).
The protection of programs, systems, and networks is one of the main functions of an Operating System (OS). There are many types of security violations that can occur and as technology advances it gets harder for the OS to protect against the many types of security violations. The most common security violations out there are the unauthorized use of resources, denial of service or the overloading of a server so authorized users can use the server, unauthorized manipulation of data, unauthorized deletion of data, and the breaching of availability.
Operating Systems protect programs from threats such as Trojan horses, logic bombs, and viruses to name a few. Threats like these can affect not only programs but systems and networks as well. Securities such as anti-virus programs are used to protect the OS and other programs. For the protection of systems, there are practices such as one-time passwords and user authentication that will give the system administrator more power in choosing who can access the system. To protect the network, network administrators can use network passwords and physical security to help secure the network devices. Biometrics and multi-factor authentication is used to protect the physical network devices which control the network (Silberschatz et al., 2014).
Comments
Post a Comment