PROCESSING CONTROLS Chapter 13

advertisement
PROCESSING
CONTROLS
Chapter 13
Processor Controls
•
•
The most important resource to allocate
in a computer system.
Four types of controls to reduce
expected losses with central processors :
1.
2.
3.
4.
Error dtection and correction
Multiple execution states
Time controls
Component replication
Real Memory Controls
• To detect and correct errors that
occur in memory cells and to protect
areas of memory assigned to a
program from illegal access by
another program
Virtual Memory Controls
• The addressing mechanism should check
that the memory reference is within the
bounds of the block allocated to the
process.
• An access control mechanism should check
to see that the actions a process wants to
exercise on a block are within its allowed
set of privileges.
Operating System Integrity
•
A reliable operating system achieves five
goals :
1.
2.
3.
4.
5.
It protects itself from user processes
It protects users from one another
It protects users from themselves
It protects itself from itself
It brings operations to an orderly halt in the
event of environmental failure
4 types of threats to operating
system integrity :
• Privileged personnel abuse their powers.
• Would be penetrators deceive privileged
personnel into giving them special powers.
• Special devices are used to detect
electromagnetic radiation, emit electromagnetic
radiation, or wiretap communication lines.
• Would be penetrators interact with an operating
system to determine and exploit a flaw in the
system.
Criteria to design, implement and
evaluate operating system
integrity :
• Division D-those that fail to meet the
criteria of a higher division
• Division C-those that support
discretionary access control
• Division B-those that support mandatory
access control
• Division A-those that use formal methods
to support specification, design, modelling
and analysis of the system
Application Software Controls
•
3 level of checks :
1. Field checks
2. Record checks
3. File checks
Audit Trail Controls
• Accounting audit trail must allow
processing to be traced and
replicated.
• Operation audit trail is maintained in
the processing subsystem.
Existence Controls
• An important control in the
processing subsystem is a
checkpoint/restart facility.
Download