file protection.59 to 60
TRANSCRIPT
http://raj-os.blogspot.in/ 1
Recap
In the last class, you have learnt:
• Issues regarding deletion of files in a cyclic –
graph structure
• Advantages & disadvantage of a cyclic – graph
structure
• Understand the structure of general graph
directories & problems
• HOME PREVIOUS TOPIC NEXT• PREVIOUS QUESTION PAPERS FOR
OS• CPP TUTORIALS
2http://raj-os.blogspot.in/
http://raj-os.blogspot.in/ 3
Objectives
On completion of this period, you would be able to
• Understand the concept of file protection
• Know types of access
• Understand Access Lists and Groups
http://raj-os.blogspot.in/ 4
PROTECTION
http://raj-os.blogspot.in/ 5
A computer file needs protection which is of two types
1. ReliabilityProtection from physical damageFile systems can be damaged by Hardware problems(errors in r/w)Power surges or failuresHead crashesDirt and temperatureBugs in file system software
2. SecurityProtection from improper access
http://raj-os.blogspot.in/ 6
1. Reliability
• Provided by duplicate copies of files
• Take backup's at regular intervals
(daily/weekly/monthly)
A computer file needs protection which is of two types
http://raj-os.blogspot.in/ 7
2. Security
• Protecting files from unauthorized access
• More important in a multi user system
• Provided by controlling access to files
A computer file needs protection which is of two types
http://raj-os.blogspot.in/ 8
Need for protecting files
• Need for protection is due to the ability to
access files
• Two ways to tackle the problem
1. Prohibit access providing complete protection
2. Provide free access without protection
• Both approaches are too extreme for general
use
http://raj-os.blogspot.in/ 9
Controlled Access
• Desirable
• Provided by limiting the types of file access that
can be made
http://raj-os.blogspot.in/ 10
Types of Access
• Read : Read from the file
• Write : Write or rewrite the file
• Execute : Load file into memory and execute
• Append : Write new information at end of file
• Delete : Delete the file and free its space
• List : List the name and attributes of the file
http://raj-os.blogspot.in/ 11
Protection Mechanisms
• Different mechanisms proposed
• Select mechanism depending on the application
Ex : A small computer used only by a few
members of a research group may not need the
same protection as a large corporate computer
used for research, finance and personnel
operations
http://raj-os.blogspot.in/ 12
Access Lists and Groups
• A common approach to protection is provide
access based on user identity
• Associate with each file and directory an access list
• Access list specifies user name and types of
access allowed for each user
• Access to user is provided as per the access list
http://raj-os.blogspot.in/ 13
Problem with access lists
• Length of the list
• If every user need to be given read access to a file,
we must list all users with read access
a) constructing such a list is tedious
b) The directory entry needs to be of
variable size, resulting in complicated
space management
http://raj-os.blogspot.in/ 14
Classification of users
To condense the length of access list many systems recognize three classifications of users in connection with each file
• Owner : The user who created the file
• Group : A set of users sharing the file and need similar access
• Universe : All other users in the system constitute the universe
http://raj-os.blogspot.in/ 15
Representing different users in UNIX
• Unix defines three fields of three bits each rwx, where
r controls read access
w controls write access
x controls execution
• A separate field is kept for the file owner, group users and other users
• 9 bits per file are needed
http://raj-os.blogspot.in/ 16
A sample directory listing in Unix
http://raj-os.blogspot.in/ 17
Consider the first field in the above listing -rwxrw-r--
• The first field describes the file’s protection
• A d as the first character indicates that the file is a
directory ; a – indicates an ordinary file
• 2nd,3rd & 4th bits owner’s access permissions
• 5th,6th & 7th bits group users’ permissions
• 8th,9th & 10th bits others’ permissions
http://raj-os.blogspot.in/ 18
Other Protection Approaches
• Associate a password with each file
• Access to the file is controlled by the password
• Effective scheme in limiting access to a file if
passwords chosen randomly
passwords changed often
http://raj-os.blogspot.in/ 19
Disadvantages of password protection
• If each file has a separate password, the no. of passwords a user needs to remember becomes large
• If all files have same password, then once it is discovered all files are accessible
• To deal with this problem, some systems allow a user to associate a password with a subdirectory rather than with a single file
http://raj-os.blogspot.in/ 20
Summary
In this class, you have learnt:
• File protection
• Need for controlled access to files
• Types of access
• Access Lists
• User classification
• Password protection
http://raj-os.blogspot.in/ 21
Frequently Asked Questions
1. Explain the concept of file protection
2. List the types of access to files
3. Explain access lists and groups
4. Explain disadvantages of password
protection
http://raj-os.blogspot.in/ 22
Any questions ?
http://raj-os.blogspot.in/ 23
Quiz
http://raj-os.blogspot.in/ 24
1. File systems can be damaged by
a) Hardware problems
b) Power failures
c) Dirt
d) All of the above
http://raj-os.blogspot.in/ 25
2. Which of following is desirable with regard to access to files?
a) Free access without protection
b) No access at all
c) Controlled access
d) None of the above
http://raj-os.blogspot.in/ 26
3. Which is true about password protection ?
a) Passwords should be chosen randomly
b) Passwords must never be changed
c) Password should be changed often
d) Both a & c
http://raj-os.blogspot.in/ 27
State whether the following are true or false
http://raj-os.blogspot.in/ 28
State true or false
Reliability of files can be provided by duplicate copies
True
http://raj-os.blogspot.in/ 29
State true or false
The problem with access lists is their length
True
http://raj-os.blogspot.in/ 30
State true or false
Owner is the user who created the file
True
http://raj-os.blogspot.in/ 31
State true or false
Unauthorized access to files is desirable
False
Other subject materials
• Web designing• Micro processors• C++ tutorials• java
home
32http://raj-os.blogspot.in/