Chapter 14 Windows Operating Systems Understanding Operating Systems, Fourth Edition Objectives You will be able to describe: • The importance of MS-DOS in early Windows releases • The design goals for Windows operating systems • The role of the Memory Manager, especially the Virtual Memory Manager • The use of the Device, Processor, and Network Managers in recent versions of Windows • The role of the NT file system in file management Understanding Operating Systems, Fourth Edition 2 Objectives (continued) You will be able to describe: • The challenges for Windows system security today • How the current Windows user interface functions Understanding Operating Systems, Fourth Edition 3 Windows Development Early Windows GUI Products ran “on top of” MS-DOS Table 14.1: Windows Development Understanding Operating Systems, Fourth Edition 4 Windows Development (continued) • Windows for Workgroups: – First Windows product to accommodate the needs of network users – Could easily share directories, disks, and printers among several interconnected machines – Allowed personal intercommunication through e-mail and chat programs – Intended for small or mid-sized groups of PCs for small businesses or small departments of larger organizations Understanding Operating Systems, Fourth Edition 5 Operating Systems for Single Users • Disadvantages of running Windows on top of MS-DOS: – – – – Little built-in security Couldn’t perform multitasking Had no interprocess communication capability Written to work closely with the microcomputer’s hardware • Making it difficult to move OS to other platforms • Microsoft developed and released a succession of Windows OSs (not mere GUIs) to appeal to home and office users Understanding Operating Systems, Fourth Edition 6 Operating Systems for Single Users (continued) Table 14.2: Evolution of key Microsoft Windows operating systems for home and professional use Understanding Operating Systems, Fourth Edition 7 Operating Systems for Networks • Development of Windows NT (more powerful networking products): – Windows NT never relied on MS-DOS for support – Primary market requirements include: • • • • Portability Multiprocessing capabilities Distributed computing support Compliance with government procurement requirements • Government security certification – The finished product was introduced in 1993 Understanding Operating Systems, Fourth Edition 8 Operating Systems for Networks (continued) Table 14.3: Evolution of key Microsoft Windows networking operating systems. All have evolved from Windows NT Understanding Operating Systems, Fourth Edition 9 Operating Systems for Networks (continued) • Microsoft offered Windows NT in several versions: – Windows NT Workstation for individuals needing a desktop operating system – Windows NT Server for small to medium-sized offices, Web servers, and off-site locations – Windows NT Server Enterprise Edition for larger and more complex networks Understanding Operating Systems, Fourth Edition 10 Operating Systems for Networks (continued) • In 1999, Windows NT name was changed to Windows 2000 and was available in four packages: – – – – Windows 2000 Professional Windows 2000 Server Windows 2000 Advanced Server Windows 2000 Datacenter Server • Designed for large data warehouses and other dataintensive business applications • Supported up to 64 GB of physical memory • Windows Server 2003 was also released with these same four packages plus a Web edition Understanding Operating Systems, Fourth Edition 11 Design Goals • To accommodate various needs of its users and to optimize resources, the Windows design team identified five design goals: – – – – – Extensibility Portability Reliability Compatibility Performance Understanding Operating Systems, Fourth Edition 12 Extensibility • Allows the system to be easily enhanced • To ensure the integrity of code, designers separated operating system functions into: – Privileged executive process (kernel mode) • Refers to a processor’s mode of operation in which all machine instructions are allowed • System memory is accessible – Nonprivileged processes “protected subsystems” (user mode): • Certain instructions are not allowed • System memory isn’t accessible Understanding Operating Systems, Fourth Edition 13 Extensibility (continued) • Windows designers also included four more features to ensure extensibility: – Modular structure so new components can be added to the executive process – Objects, a group of abstract data types manipulated by a special set of services • Allow system resources to be managed uniformly – Drivers for new file systems, devices, and networks that can be added to the system at any time – Remote procedure call • Allows an application to call remote services regardless of their location on the network Understanding Operating Systems, Fourth Edition 14 Portability • Ability to operate on different machines that are based on different processors or configurations with a minimum amount of recoding • To achieve this goal, Windows development followed certain guidelines: – Written in a standardized, high-level language available in all machines – System accommodated hardware to which it was expected to be ported – Minimized code that interacted directly with the hardware — to reduce incompatibility errors Understanding Operating Systems, Fourth Edition 15 Portability (continued) (continued) – Isolation of all hardware-dependent code into modules - that could be easily modified whenever the operating system was ported • Windows NT and successors have the following features: – Modular code – Much of Windows is written in C – Contains a hardware abstraction layer (HAL) • A dynamic-link library that provides isolation from hardware dependencies furnished by different vendors Understanding Operating Systems, Fourth Edition 16 Reliability • Refers to the robustness of a system and its ability to protect itself and its users from accidental or deliberate damage by user programs • Following features strengthen the system: – Structured exception handling – Modular design – NTFS File System (NT File System) which can recover from all types of errors – U.S. government-certifiable security architecture – Virtual memory strategy Understanding Operating Systems, Fourth Edition 17 Compatibility • Refers to an operating system’s ability to execute programs written for other operating systems or for earlier versions of the same system – Use of protected subsystems • Provides execution of applications that are different from its primary programming interface – Provides source-level compatibility with POSIX applications – Recent versions of Windows support already-existing file systems, e.g., MS-DOS FAT, CDFS, and NTFS – Built-in verification of important hardware and software Understanding Operating Systems, Fourth Edition 18 Performance • Several features that help Windows achieve good performance levels include: – Testing and optimization of system calls, page faults, and other crucial processes – Incorporation of local procedure call (LPC) — to guarantee fast communication among the protected subsystems – Speed of frequently used system services is maximized – Critical elements of Windows’ networking software are built into privileged portion of operating system Understanding Operating Systems, Fourth Edition 19 Memory Management • Every operating system uses its own view of physical memory and makes its application programs access memory in specified ways • When physical memory becomes full, the Virtual Memory Manager pages some of the memory contents to disk, freeing physical memory for other processes • Challenge for all Windows OSs: To run application programs written for Windows, MSDOS, or POSIX without programs crashing into each other’s memory Understanding Operating Systems, Fourth Edition 20 Memory Management (continued) Memory layout in recent versions of Windows: • Operating system resides in high virtual memory and the user’s code and data reside in low virtual memory • User process can’t read or write to system memory directly • All user-accessible memory can be paged to disk, as can the segment of system memory labeled paged pool • Segment of system memory labeled nonpaged pool is never paged to disk Understanding Operating Systems, Fourth Edition 21 Memory Management (continued) Figure 14.1: Layout of Windows memory Understanding Operating Systems, Fourth Edition 22 User-Mode Features • VM Manager allows user-mode subsystems to share memory efficiently • Provides services that a process can use to manage its virtual memory in the following ways: – – – – – – Allocate memory in two stages Read and/or write protection for virtual memory Lock virtual pages in physical memory Retrieve information about virtual pages Protect virtual pages Rewrite virtual pages to disk Understanding Operating Systems, Fourth Edition 23 Virtual Memory Implementation • Virtual Memory Manager relies on: – Address space management – Paging techniques • Address Space Management: – Upper half of the virtual address space is accessible only to kernel-mode processes – Code in the lower part of this section, kernel code and data, is never paged out of memory Understanding Operating Systems, Fourth Edition 24 Paging • Pager: Part of VM manager that transfers pages between page frames in memory and disk storage and is a complex combination of: – Software policies • Determine when to bring a page into memory and where to put it – Hardware mechanisms • Include the exact manner in which the VM Manager translates virtual addresses into physical addresses • Pager is not portable • Windows keeps this code small and well isolated Understanding Operating Systems, Fourth Edition 25 Paging (continued) • Paging policies dictate how and when paging is done and are composed of: – Fetch policy • Determines when the pager copies a page from disk to memory – Placement policy • Determines where the virtual page is loaded in memory – Replacement policy • Determines which virtual page must be removed from memory to make room for a new page Understanding Operating Systems, Fourth Edition 26 Processor Management • Windows is a preemptive-multitasking, multithreaded operating system • Process in Windows NT-derived OS requires at least one thread of execution. By default, a process contains one thread, which is composed of: – A unique identifier – Contents of a volatile set of registers indicating processor’s state – Two stacks used during the thread’s execution – Private storage area used by subsystems and dynamic-link libraries Understanding Operating Systems, Fourth Edition 27 Processor Management (continued) Threads: • Thread components are called the thread’s context • Actual data forming this context varies from one processor to another • Kernel schedules threads for execution on a processor • The thread is what actually executes the code • The overhead incurred by a thread is minimal Understanding Operating Systems, Fourth Edition 28 Processor Management (continued) Figure 14.2: Unitasking in Windows Understanding Operating Systems, Fourth Edition 29 Processor Management (continued) Multithreading: • For systems with multiple processors, a process can have as many threads as there are CPUs available • All threads belonging to one process share its global variables, heap, and environment strings • Versions of Windows since NT include some synchronization mechanisms to avoid problems with multiple threads Understanding Operating Systems, Fourth Edition 30 Processor Management (continued) Figure 14.3: Multitasking using multithreading Understanding Operating Systems, Fourth Edition 31 Device Management • The I/O system in Windows NT and its networking descendents was designed to provide following: – Multiple installable file systems including FAT, CDFS, and NTFS – Services to make device-driver development as easy as possible yet workable on multiprocessor systems – Ability for system administrators to add drivers to the system or remove them from the system dynamically – Fast I/O processing while allowing drivers to be written in high-level language – Mapped file I/O capabilities for image activation, file caching, and application use Understanding Operating Systems, Fourth Edition 32 Device Management (continued) • The I/O system is packet driven i.e., every I/O request is represented by an I/O request packet (IRP) – An IRP is a data structure that controls how the I/O operation is processed at each step • I/O Manager – Creates an IRP that represents each I/O operation – Passes the IRP to the appropriate driver – Disposes of the packet when the operation is complete Understanding Operating Systems, Fourth Edition 33 Device Management (continued) Table 14.4: Example showing how a device object is created from an instruction to read a file Understanding Operating Systems, Fourth Edition 34 Device Management (continued) • Tasks of I/O Manager: – – – – Supplies code, common to different drivers Manages buffers for I/O requests Provides time-out support for drivers Records which installable file systems are loaded into the operating system – Provides flexible I/O facilities • Allow subsystems such as POSIX to implement their respective I/O application programming interfaces – Allows device drivers and file systems to be loaded dynamically based on the needs of the user Understanding Operating Systems, Fourth Edition 35 Device Management (continued) • Windows provides a device-independent model for I/O services – This model takes advantage of a concept called a “multilayered device driver” • Each device driver is made up of a standard set of routines including the following: – Initialization routine, dispatch routine, start I/O routine, completion routine, unload routine, error logging routine Understanding Operating Systems, Fourth Edition 36 Device Management (continued) • I/O Manager must determine from the file object’s name which driver should be called to process the request of accessing a file. It uses: – Driver object: • Represents an individual driver in the system • I/O Manager creates it when a driver is loaded into the system • A driver object may have multiple device objects connected to it – Device object: • Represents a physical, logical, or virtual device on the system and describes its characteristics Understanding Operating Systems, Fourth Edition 37 Device Management (continued) Figure 14.4: The driver object from Table 14.4 is connected to several device objects. The last device object points back to the driver object Understanding Operating Systems, Fourth Edition 38 Device Management (continued) • The list of device objects represents the physical, logical, and virtual devices that are controlled by the driver • Advantages to representing devices and drivers with different objects: – Provides portability: Frees the I/O manager from having to know details about individual drivers • It just follows a pointer to locate a driver – Allows new drivers to be easily loaded – Easier to assign drivers to control additional or different devices if system configuration changes Understanding Operating Systems, Fourth Edition 39 Device Management (continued) Figure 14.5: Interaction of I/O Manager with a layered device driver to write data to a file on a hard disk Understanding Operating Systems, Fourth Edition 40 Device Management (continued) • The I/O Manager knows nothing about the file system • Overhead involved when the I/O Manager passes requests for information back and forth – Uses single-layer device driver approach for simple devices, e.g., serial and parallel printer ports – Uses multilayered approach for more complicated devices, e.g., hard drives • Almost all low-level I/O operations are asynchronous Understanding Operating Systems, Fourth Edition 41 File Management • Current versions of Windows are designed to be independent of the file system on which they operate • Windows supports multiple file systems for hard disks including: – MS-DOS’s FAT file system – 32-bit FAT file system – NTFS • NTFS extends the capabilities of the FAT and FAT32 file systems Understanding Operating Systems, Fourth Edition 42 File Management (continued) • NTFS extends the capabilities of the FAT and FAT32 file systems by adding: – File system recovery – Ability to handle large storage media, on the order of approximately 17 billion gigabytes in size – Security features, including execute-only files – Unicode filenames – Support for the POSIX operating system environment – Features for future extensibility Understanding Operating Systems, Fourth Edition 43 File Management (continued) • Primary file handling concept in current versions of Windows is the virtual file • Programs perform I/O on virtual files, manipulating them by using file handles – An executive file object that represents all sources and destinations of I/O • Processes call native file object services such as those to read from or write to a file • I/O Manager directs these virtual file requests to real files, file directories, physical devices Understanding Operating Systems, Fourth Edition 44 File Management (continued) • File objects: – – – – Have hierarchical names, Protected by object-based security Support synchronization Handled by object services • When opening a file, a process supplies the file’s name and the type of access required Understanding Operating Systems, Fourth Edition 45 File Management (continued) File objects: • Help bridge the gap – Between the characteristics of physical devices and directory structures, file system structures, and data formats • Provide a memory-based representation of shareable physical resources • Are created with a new set of handle-specific attributes each time a process opens a handle Understanding Operating Systems, Fourth Edition 46 File Management (continued) Figure 14.6: Illustration of a file object, its attributes, and the services that operate on them Understanding Operating Systems, Fourth Edition 47 File Management (continued) Table 14.5: Description of the attributes shown in Figure 14.6 Understanding Operating Systems, Fourth Edition 48 File Management (continued) • Mapped file I/O is an important feature of the I/O system – Achieved through the cooperation of the I/O system and the VM Manager • Memory-mapped files exploit virtual memory capabilities • Cache manager uses mapped I/O to manage its memory-based cache • NTFS supports long filenames that can include spaces and special characters – Automatically shortens filenames when required Understanding Operating Systems, Fourth Edition 49 Network Management • Networking is an integral part of the Windows NTbased operating systems and provides services such as: – User accounts, resource security – Mechanisms used to implement communication between computers, such as with named pipes and mailslots • Named pipes provide a high-level interface for passing data between two processes regardless of their locations • Mailslots provide one-to-many and many-to-one communication mechanisms Understanding Operating Systems, Fourth Edition 50 MS-NET • Microsoft Networks(MS-NET) was released in 1984 and became the model for the NT Network Manager • Three MS-NET components: – Redirector – Server message block (SMB) protocol – Network server • MS-NET components were extensively refurbished and incorporated into Windows NT and later versions Understanding Operating Systems, Fourth Edition 51 MS-NET (continued) • Redirector: – Coded in the C programming language – Implemented as a loadable file system driver – Not dependent on the system’s hardware architecture – Function: To direct an I/O request from a user or application to the remote server that has the appropriate file or resource • A network can incorporate multiple redirectors Understanding Operating Systems, Fourth Edition 52 MS-NET (continued) SMB Protocol: • A high-level specification for formatting messages to be sent across the network • Correlates to the application layer (layer 7) and the presentation layer (layer 6) of the OSI model • An API called NetBIOS interface is used to pass I/O requests structured in the SMB format to a remote computer • Both SMB protocols and NetBIOS API were adopted in several networking products before appearing in Windows Understanding Operating Systems, Fourth Edition 53 MS-NET (continued) Windows Server operating systems: • Written in C for complete compatibility with existing MS-NET and LAN manager SMB protocols • Implemented as loadable file system drivers • Have no dependency on the hardware architecture on which the operating system is running Understanding Operating Systems, Fourth Edition 54 MS-NET (continued) Figure 14.7: Implementation of the seven layers of the OSI reference model in the Windows Network Manager Understanding Operating Systems, Fourth Edition 55 Directory Services • Active Directory: Database that stores all types of information so it can be a general-purpose directory service for a heterogeneous network – Built entirely around DNS and LDAP – Groups machines into administrative units called domains • Each domain gets a DNS domain name (e.g., pitt.edu) • Each domain must have at least one domain controller • A domain can have more than one domain controller – Active Directory clients use standard DNS and LDAP protocols to locate objects on the network Understanding Operating Systems, Fourth Edition 56 Directory Services (continued) Figure 14.8: Active Directory clients use standard DNS and LDAP protocols to locate objects on the network Understanding Operating Systems, Fourth Edition 57 Security Management • Windows network operating systems provide an object-based security model – A security object can represent any resource in the system: a file, device, process, program, or user – Allows administrators to give precise security access to specific objects in the system while allowing them to monitor and record how objects are used • Biggest concern in Windows OS: Need for aggressive patch management – To combat many viruses and worms that target these systems Understanding Operating Systems, Fourth Edition 58 Security Basics • U.S. Department of Defense has identified and categorized OS features into seven levels of security • To comply with the Class C2 level of security, Windows 2000 and above include the following features: – – – – A secure logon facility Discretionary access control Auditing ability Memory protection Understanding Operating Systems, Fourth Edition 59 Security Basics (continued) • Windows strives to prevent access by unauthorized users by supporting a multilayered security system – Password management is the first layer of security – In NTFS, users encounter a second layer of security that deals directly with file access security – Windows makes distinctions between owners and groups – Users can decide what type of operations a person is allowed to perform on a file – Gives the user auditing capabilities that automatically keep track of who uses files and how Understanding Operating Systems, Fourth Edition 60 Security Terminology • Built-in security for recent Windows network OS is a necessary element for managers of Web servers and networks – Requires an authentication mechanism that allows a client to prove its identity to a server – Client needs to supply authorization information • Server uses it to determine which specific access rights have been given to client – Needs to provide data integrity using a variety of methods • Windows provide this with Kerberos security Understanding Operating Systems, Fourth Edition 61 Security Terminology (continued) Kerberos Security: • Provides authentication, data integrity, data privacy, and mutual authentication • Each domain has its own Kerberos server • Microsoft has implemented the standard Kerberos protocol • Microsoft has separated the users of distributed security services from their providers – Allows support for many options without creating unusable complexity Understanding Operating Systems, Fourth Edition 62 Security Terminology (continued) Figure 14.9: Requests from an application flow through a series of security providers, as do the responses from the network back to application Understanding Operating Systems, Fourth Edition 63 User Interface • Desktop contains the icons for the tools and applications one can use to get work done – Users can use mouse, light pen, or stylus to move around the desktop • To start an application, users double-click an application icon or select it from the Start menu • To quit an application, they can select Exit from the File menu or click the “x” in the top-right corner of the window Understanding Operating Systems, Fourth Edition 64 User Interface (continued) • Start Menu divides functions into logical groups and from here users access common functions including the following: – All Programs – My Documents, My Pictures, My Music, My Computer – Control Panel, Help and Support – Search, Run, Log Off, Turn Off Computer Understanding Operating Systems, Fourth Edition 65 User Interface (continued) Figure 14.10: A typical Windows Start Menu Understanding Operating Systems, Fourth Edition 66 User Interface (continued) • The Windows Task Manager: – Opened by pressing and holding the Ctrl, Alt, and Delete keys – Allows user to view running applications and processes, and set the priorities of each – Allows user to view information about performance, networking, and other users logged into system • Windows Explorer: Contains directory and file display tools and a file-finding tool – Features a series of pull-down menus: File, Edit, View, Favorites, Tools, Help, etc. Understanding Operating Systems, Fourth Edition 67 User Interface (continued) • My Network Places: helps users identify and access network resources such as folders, printers, and connections to other nodes • Command interface that resembles MS-DOS is available from most Windows desktops • Keyboard shortcuts: e.g., Ctrl+C for copy • Built-in input methods and fonts for many languages. – e.g., Administrator can select one or several languages during installation • Windows also offers an on-screen keyboard Understanding Operating Systems, Fourth Edition 68 Summary • Current Windows operating systems incorporate ease-of-use with the technical power to operate a network across several existing platforms • Windows systems are designed to evolve modularly and consistently over time • Portability feature eases the difficulty of migrating OS to new hardware platforms • Security controls in Windows have helped OS gain inroads with organizations requiring consistent protection for their data and applications Understanding Operating Systems, Fourth Edition 69 Summary (continued) • Windows’ authentication models support new user interfaces from bank teller machines to fingerprint or retinal scanners • Allow the implementation of different security architectures, further extending the reach of Windows into the market • Require aggressive patch management to combat viruses and worms Understanding Operating Systems, Fourth Edition 70