File protection.59 to 60

http://raj-os.blogspot.in/ 1

Recap

In the last class, you have learnt:

• Issues regarding deletion of files in a cyclic –

graph structure

• Advantages & disadvantage of a cyclic – graph

structure

• Understand the structure of general graph

directories & problems

• HOME PREVIOUS TOPIC NEXT• PREVIOUS QUESTION PAPERS FOR

OS• CPP TUTORIALS

2http://raj-os.blogspot.in/


Objectives

On completion of this period, you would be able to

• Understand the concept of file protection

• Know types of access

• Understand Access Lists and Groups


PROTECTION


A computer file needs protection which is of two types

1. ReliabilityProtection from physical damageFile systems can be damaged by Hardware problems(errors in r/w)Power surges or failuresHead crashesDirt and temperatureBugs in file system software

2. SecurityProtection from improper access


1. Reliability

• Provided by duplicate copies of files

• Take backup's at regular intervals

(daily/weekly/monthly)



2. Security

• Protecting files from unauthorized access

• More important in a multi user system

• Provided by controlling access to files



Need for protecting files

• Need for protection is due to the ability to

access files

• Two ways to tackle the problem

1. Prohibit access providing complete protection

2. Provide free access without protection

• Both approaches are too extreme for general

use


Controlled Access

• Desirable

• Provided by limiting the types of file access that

can be made


Types of Access

• Read : Read from the file

• Write : Write or rewrite the file

• Execute : Load file into memory and execute

• Append : Write new information at end of file

• Delete : Delete the file and free its space

• List : List the name and attributes of the file


Protection Mechanisms

• Different mechanisms proposed

• Select mechanism depending on the application

Ex : A small computer used only by a few

members of a research group may not need the

same protection as a large corporate computer

used for research, finance and personnel

operations


Access Lists and Groups

• A common approach to protection is provide

access based on user identity

• Associate with each file and directory an access list

• Access list specifies user name and types of

access allowed for each user

• Access to user is provided as per the access list


Problem with access lists

• Length of the list

• If every user need to be given read access to a file,

we must list all users with read access

a) constructing such a list is tedious

b) The directory entry needs to be of

variable size, resulting in complicated

space management


Classification of users

To condense the length of access list many systems recognize three classifications of users in connection with each file

• Owner : The user who created the file

• Group : A set of users sharing the file and need similar access

• Universe : All other users in the system constitute the universe


Representing different users in UNIX

• Unix defines three fields of three bits each rwx, where

r controls read access

w controls write access

x controls execution

• A separate field is kept for the file owner, group users and other users

• 9 bits per file are needed


A sample directory listing in Unix


Consider the first field in the above listing -rwxrw-r--

• The first field describes the file’s protection

• A d as the first character indicates that the file is a

directory ; a – indicates an ordinary file

• 2nd,3rd & 4th bits owner’s access permissions

• 5th,6th & 7th bits group users’ permissions

• 8th,9th & 10th bits others’ permissions


Other Protection Approaches

• Associate a password with each file

• Access to the file is controlled by the password

• Effective scheme in limiting access to a file if

passwords chosen randomly

passwords changed often


Disadvantages of password protection

• If each file has a separate password, the no. of passwords a user needs to remember becomes large

• If all files have same password, then once it is discovered all files are accessible

• To deal with this problem, some systems allow a user to associate a password with a subdirectory rather than with a single file


Summary

In this class, you have learnt:

• File protection

• Need for controlled access to files

• Types of access

• Access Lists

• User classification

• Password protection


Frequently Asked Questions

1. Explain the concept of file protection

2. List the types of access to files

3. Explain access lists and groups

4. Explain disadvantages of password

protection


Any questions ?


Quiz


1. File systems can be damaged by

a) Hardware problems

b) Power failures

c) Dirt

d) All of the above


2. Which of following is desirable with regard to access to files?

a) Free access without protection

b) No access at all

c) Controlled access

d) None of the above


3. Which is true about password protection ?

a) Passwords should be chosen randomly

b) Passwords must never be changed

c) Password should be changed often

d) Both a & c


State whether the following are true or false


State true or false

Reliability of files can be provided by duplicate copies

True


State true or false

The problem with access lists is their length

True


State true or false

Owner is the user who created the file

True


State true or false

Unauthorized access to files is desirable

False

Other subject materials

• Web designing• Micro processors• C++ tutorials• java

home

32http://raj-os.blogspot.in/

Documents

File protection.59 to 60