CHAPTER 14
Protection
 
14.1 Goals of Protection
14.2 Principles of Protection
14.3 Domain of Protection
14.4 Access Matrix
14.5 Implementation of Access Matrix
14.6 Access Control
14.7 Revocation of Access Rights
14.8 Capability-Based Systems
14.9 Language-Based Protection
14.10 Summary
Practice Exercises
Exercises
Wiley Plus
Bibliographical Notes
 
The processes in an operating system must be protected from one another’s activities. To provide such protection, we can use various mechanisms to ensure that only processes that have gained proper authorization from the operating system can operate on the files, memory segments, CPU, and other resources of a system.
Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources defined by a computer system. This mechanism must provide a means for specifying the controls to be imposed, together with a means of enforcement. We distinguish between protection and security, which is a measure of confidence that the integrity of a system and its data will be preserved. In this chapter, we focus on protection. Security assurance is a much broader topic, and we address it in Chapter 15.
CHAPTER OBJECTIVES
• To discuss the goals and principles of protection in a modern computer system.
• To explain how protection domains, combined with an access matrix, are used to specify the resources a process may access.
• To examine capability- and language-based protection systems.

14.1 Goals of Protection ...

Get Operating System Concepts, 8th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial