Security Analysis and !Enhancements of Computer Operati Ng Systems
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Getting Started Computing at the Al Lab by Christopher C. Stacy Abstract
MASSACHUSETTS INSTITUTE OF TECHNOLOGY ARTIFICIAL INTELLI..IGENCE LABORATORY WORKING PAPER 235 7 September 1982 Getting Started Computing at the Al Lab by Christopher C. Stacy Abstract This document describes the computing facilities at the M.I.T. Artificial Intelligence Laboratory, and explains how to get started using them. It is intended as an orientation document for newcomers to the lab, and will be updated by the author from time to time. A.I. Laboratory Working Papers are produced for internal circulation. and may contain information that is, for example, too preliminary or too detailed for formal publication. It is not intended that they should be considered papers to which reference can be made in the literature. a MASACHUSETS INSTITUTE OF TECHNOLOGY 1982 Getting Started Table of Contents Page i Table of Contents 1. Introduction 1 1.1. Lisp Machines 2 1.2. Timesharing 3 1.3. Other Computers 3 1.3.1. Field Engineering 3 1.3.2. Vision and Robotics 3 1.3.3. Music 4 1,3.4. Altos 4 1.4. Output Peripherals 4 1.5. Other Machines 5 1.6. Terminals 5 2. Networks 7 2.1. The ARPAnet 7 2.2. The Chaosnet 7 2.3. Services 8 2.3.1. TELNET/SUPDUP 8 2.3.2. FTP 8 2.4. Mail 9 2.4.1. Processing Mail 9 2.4.2. Ettiquette 9 2.5. Mailing Lists 10 2.5.1. BBoards 11 2.6. Finger/Inquire 11 2.7. TIPs and TACs 12 2.7.1. ARPAnet TAC 12 2.7.2. Chaosnet TIP 13 3. -
Access Control and Operating System
Outline (may not finish in one lecture) Access Control and Operating Access Control Concepts Secure OS System Security • Matrix, ACL, Capabilities • Methods for resisting • Multi-level security (MLS) stronger attacks OS Mechanisms Assurance • Multics • Orange Book, TCSEC John Mitchell – Ring structure • Common Criteria • Amoeba • Windows 2000 – Distributed, capabilities certification • Unix Some Limitations – File system, Setuid • Information flow • Windows • Covert channels – File system, Tokens, EFS • SE Linux – Role-based, Domain type enforcement Access control Access control matrix [Lampson] Common Assumption Objects • System knows who the user is File 1 File 2 File 3 … File n – User has entered a name and password, or other info • Access requests pass through gatekeeper User 1 read write - - read – OS must be designed monitor cannot be bypassed User 2 write write write - - Reference Subjects monitor User 3 - - - read read User process ? Resource … User m read write read write read Decide whether user can apply operation to resource Two implementation concepts Capabilities Access control list (ACL) File 1 File 2 … Operating system concept • “… of the future and always will be …” • Store column of matrix User 1 read write - Examples with the resource User 2 write write - • Dennis and van Horn, MIT PDP-1 Timesharing Capability User 3 - - read • Hydra, StarOS, Intel iAPX 432, Eros, … • User holds a “ticket” for … • Amoeba: distributed, unforgeable tickets each resource User m read write write • Two variations References – store -
Research Purpose Operating Systems – a Wide Survey
GESJ: Computer Science and Telecommunications 2010|No.3(26) ISSN 1512-1232 RESEARCH PURPOSE OPERATING SYSTEMS – A WIDE SURVEY Pinaki Chakraborty School of Computer and Systems Sciences, Jawaharlal Nehru University, New Delhi – 110067, India. E-mail: [email protected] Abstract Operating systems constitute a class of vital software. A plethora of operating systems, of different types and developed by different manufacturers over the years, are available now. This paper concentrates on research purpose operating systems because many of them have high technological significance and they have been vividly documented in the research literature. Thirty-four academic and research purpose operating systems have been briefly reviewed in this paper. It was observed that the microkernel based architecture is being used widely to design research purpose operating systems. It was also noticed that object oriented operating systems are emerging as a promising option. Hence, the paper concludes by suggesting a study of the scope of microkernel based object oriented operating systems. Keywords: Operating system, research purpose operating system, object oriented operating system, microkernel 1. Introduction An operating system is a software that manages all the resources of a computer, both hardware and software, and provides an environment in which a user can execute programs in a convenient and efficient manner [1]. However, the principles and concepts used in the operating systems were not standardized in a day. In fact, operating systems have been evolving through the years [2]. There were no operating systems in the early computers. In those systems, every program required full hardware specification to execute correctly and perform each trivial task, and its own drivers for peripheral devices like card readers and line printers. -
Storage Organization and Management in TENEX I. Introduction
Storage Organization and Management in TENEX http://www.linique.com/dlm/tenex/fjcc72/ Storage Organization and Management in TENEX by Daniel L. Murphy Presented at the Fall Joint Computer Conference, 1972. Originally published in AFIPS Conference Proceedings Volume 41. I. Introduction In early 1969, BBN began an effort aimed at developing a new time-shared operating system. It was felt at the time that none of the commercially available systems could meet the needs of the research planned and in progress at BBN. The foremost requirement of the desired operating system was that it support a directly addressed process memory in which large list-processing computations could be performed. The cost of core storage prohibited the acquisition of sufficient memory for even one such process, and the problems of swapping such very large processes in a time-sharing environment made that solution technically infeasible as well. Paging was therefore the logical alternative, and our study and experience with list processing systems(1,2) led us to believe that using a demand-paged virtual memory system for such computations was a feasible approach. With demand paged process virtual memory added to our requirements, we found no existing system which could adequately meet our needs. Our approach was to take an existing system which was otherwise appropriate and add the necesary hardware to support paging. The system chosen was the DEC PDP-10 (3), which, although not paged, was available with a time-shared operating system and substantial support software. Consideration was given to modifying the existing PDP-10 operating system to support demand paging, but that approach was rejected because of the substantial amount of work which would be required, because of the inherent constraints imbedded in the architecture of any large system, and because development of a new operating system would allow the inclusion of a great many other features and facilities which were judged desirable. -
NWG/RFC# 752 MRC 2-Jan-79 01:22 Nnnnn a Universal Host Table
NWG/RFC# 752 MRC 2-Jan-79 01:22 nnnnn A Universal Host Table Network Working Group Mark Crispin Request for Comments 752 SU-AI NIC nnnnn 2 January 1979 A Universal Host Table ABSTRACT: The network host table in use at MIT and Stanford is described. This host table is superior to the NIC and Tenex host tables in several ways. A binary file, compiled from this host table, is also described. This file is used by subsystems on MIT's ITS and Stanford's WAITS timesharing systems for efficiency in host and network lookups. HISTORY: As with many other sites on the Arpanet, we found the NIC's host table unsuited to our needs. Part of the problem was because the NIC host table was often inaccurate and all too often failed to include several nicknames in common usage in our communities. In addition, the NIC host table's format was awkward for user programs to use, especially those which wanted to have the host table mapped into memory in some sort of structured binary form for efficient lookups. Finally, the NIC host table neglects to include some essential information. The ITS host table was originally designed to be compiled along with a network handling program (MIDAS, the PDP-10 assembler used, has a pseudo-op to insert a file into an assembly). In order to make the host table palatable to the assembler, every comment line began with a semicolon, and every actual data line began with the word HOST. Each program which used the host table defined HOST as an assembly macro before inserting the host table into the assembly. -
Engineering Strategy Overview Preliminary
March 1982 Engineering Preliminary Strategy Company Overview Confidential If.-t8···· L..4L ~ \:')' j.~.! / .;.' ' 1985 1990 1995 2000 - P,O S SIB L E DEC PRO Due T S - $lJOO cellular radio net discontinouous.100 word ~ lim! ted context HANDHELD speaker independent speaker independent $1.0K speech recogn. • sketchpad , interpretation Glata structures , ' & relat~onsh~ps object filing natural languaqe (invisible, protected structures) $40K I CAB I NET I ,4 (dedicated fixture) ~~~n limited context [:~~~~e~ ~~~:~~i:ti~n ~ ak rind pendent • voice ~tuate~ retrieval spe ~ e _ .. • te1econferenc1ng center cont1nued speechlrecogn~tion " ;., encryption associa tiveJparallel a;;;'e'los (, ..j." .---~ provide CAtt= ASSISTANT -------...--- .. • LIBRARlj\N ~ ?ertified "best match" retrieval ~ (secure) os (holographic? ) $650K BD 1/15/81 PRELIMINARY ENGINEERING STRATEGY OVERVIEW MARCH lYtil SECONIJ IJRAFT PRELIMINARY ENGINEERING STRATEGY OVERVIEW TABLE OF CONTENTS ,Preface Chapter I fhe Product Strategy and Transitioning to the Fifth Generation - Product Strategy Overview - The Transitions - Personal Computer Clusters, PCC, Are An Alternative to Timeshared Computers - The Product Strategy - Fifth and Sixth Computer Technology Generations - Uistributed Processing and Limits to Its Growth Chapter II Essays on the Criteria for Allocation of Engineering Resources - Overview, - Heuristics for Building Great Products, - Proposed Resource Allocation Criteria - UEC's Position in the VAN - Buyout Philosophy/Process/Criteria - Example of a "Make vs Buy" Analysis - Engineering Investment Sieve Chapter III Essays on Strategic Threats and Opportunities - Uverview, - Strategic Threats - Getting Organized in Engineering and Manufacturing to Face Our Future Competitors p - View of Competitors ---~,.~".~.-~ l f;t-1) IPrT Co?"! v. 7U/L, / IJ ...J - Te-Iecommunications Environment ) ;2f e-c.. - Competitive TeChnology Exercise, ltv • Chapter IV TeChnology Managers Committee Report ,MC- . -
Lisp: Program Is Data
LISP: PROGRAM IS DATA A HISTORICAL PERSPECTIVE ON MACLISP Jon L White Laboratory for Computer Science, M.I.T.* ABSTRACT For over 10 years, MACLISP has supported a variety of projects at M.I.T.'s Artificial Intelligence Laboratory, and the Laboratory for Computer Science (formerly Project MAC). During this time, there has been a continuing development of the MACLISP system, spurred in great measure by the needs of MACSYMAdevelopment. Herein are reported, in amosiac, historical style, the major features of the system. For each feature discussed, an attempt will be made to mention the year of initial development, andthe names of persons or projectsprimarily responsible for requiring, needing, or suggestingsuch features. INTRODUCTION In 1964,Greenblatt and others participated in thecheck-out phase of DigitalEquipment Corporation's new computer, the PDP-6. This machine had a number of innovative features that were thought to be ideal for the development of a list processing system, and thus it was very appropriate that thefirst working program actually run on thePDP-6 was anancestor of thecurrent MACLISP. This earlyLISP was patterned after the existing PDP-1 LISP (see reference l), and was produced by using the text editor and a mini-assembler on the PDP-1. That first PDP-6 finally found its way into M.I.T.'s ProjectMAC for use by theArtificial lntelligence group (the A.1. grouplater became the M.I.T. Artificial Intelligence Laboratory, and Project MAC became the Laboratory for Computer Science). By 1968, the PDP-6 wasrunning the Incompatible Time-sharing system, and was soon supplanted by the PDP-IO.Today, the KL-I 0, anadvanced version of thePDP-10, supports a variety of time sharing systems, most of which are capable of running a MACLISP. -
Non Unix Family Tree and Timeline Version 0.3.2
Non Unix family tree and Timeline Version 0.3.2 1958 FMS SOS 1958 Late 1950's Late 1950's 1960 1960 IBM 1410/1710 OS Early 1960's CTSS 1961-1962 1962 IBSYS PDP-1 OS 1962 Early 1960's 1962 SABRE 1962-64 EXEC I 1964 Tops-10 1.4 1964 1964 Early 1960's OS/360 Multics TOS (BOS, TOS,DOS) 1965 1965 EXEC II Early 1960's DOS CP-40 1966 (CP-67) Tops-10 1.9 MS/8 1966 1966 1966 1966 CAL BPS/360 CP/CMS Tops-10 2.18 Late 1960's ITS WAITS EXEC 3 Late 1960's 1967 1967 1967 1967 Late 1960's DOS/VSE 1968 PARS Tops-10 3.27 1968 1968 SCOPE TDOS 1968 Late 1960's EXEC 4 Late 1960's Late 1960's VMOS ACP v4 EXEC 8 OS/MFT Tops-10 4.50 ACP TENEX Unix Late 1960's 1969 1969 1969 1969 MSS 4.0 1969 Late 1960's Tops-10 4.72 10/1969 1969 MSS 5.0 1970 12/1969 1970 Tops-10 5.01 DOS/Batch 11 MSS 6.0 1970 1970 3/1970 MSS 7.0 3/1970 MSS 8.0 6/1970 1971 RSTS-11 1971 1971 Tops-10 5.02 Tape Scope 2 KRONOS 1971 OS/8 Early 1970's Early 1970's VS/9 Chios 1971 VM/CMS Earl 1970's Early 1970's 1972 OS/VS1 Tops-10 5.03 BKY 1972 1972 1972 Early 1970's Tops-10 5.04 5/1972? KI-TELNEX Tops-10 5.05 mid 1972 7/1972? Tops-10 5.06 1973 11/1972 1973 VSE RSX-11D 5/1973 RT-11 OS/12 Alto 7/1973 1973 OS/VS2 r1 1974 1974 MSS 22.0 1974 RSX-11M 1/1974 1974 Tops-10 5.07 Tops-10 6.01 MR 1.0 CP/M 1.0 5/1974 5/1974 6/1974 1974 OS/VS2 r2 7/1974 1975 1975 OS/VS2 MVS r3 3/1975 Tops-10 5.07A Tops-10 6.01A 5/1975 5/1975 CP/M 1.3 1976 Tops-10 6.02 1975 RSX-11M Plus 1976 Tops-20 1 MSS 28.0 1976 2/1976 2/1976 Tops-20 1A 4/1976 Tops-20 1B 10/1976 Tops-20 101B 12/1976 1977 1977 Tops-10 6.03 p-System I.0 3/1977 -
Mixed-Criticality Scheduling and Resource Sharing for High-Assurance Operating Systems
Mixed-Criticality Scheduling and Resource Sharing for High-Assurance Operating Systems Anna Lyons Submitted in fulfilment of the requirements for the degree of Doctor of Philosophy School of Computer Science and Engineering University of New South Wales Sydney, Australia September 2018 Abstract Criticality of a software system refers to the severity of the impact of a failure. In a high-criticality system, failure risks significant loss of life or damage to the environ- ment. In a low-criticality system, failure may risk a downgrade in user-experience. As criticality of a software system increases, so too does the cost and time to develop that software: raising the criticality also raises the assurance level, with the highest levels requiring extensive, expensive, independent certification. For modern cyber-physical systems, including autonomous aircraft and other vehicles, the traditional approach of isolating systems of different criticality by using completely separate physical hardware, is no longer practical, being both restrictive and inefficient. The result is mixed-criticality systems, where software applications with different criticalities execute on the same hardware. Sufficient mechanisms are required to ascertain that software in mixed-criticality systems is sufficiently isolated, otherwise, all software on that hardware is promoted to the highest criticality level, driving up costs to impractical levels. For mixed-criticality systems to be viable, both spatial and temporal isolation are required. Current aviation standards allow for mixed-criticality systems where temporal and spatial resources are strictly and statically partitioned in time and space, allowing some improvement over fully isolated hardware. However, further improvements are not only possible, but required for future innovation in cyber-physical systems. -
The UNIX Time- Sharing System
1. Introduction There have been three versions of UNIX. The earliest version (circa 1969–70) ran on the Digital Equipment Cor- poration PDP-7 and -9 computers. The second version ran on the unprotected PDP-11/20 computer. This paper describes only the PDP-11/40 and /45 [l] system since it is The UNIX Time- more modern and many of the differences between it and older UNIX systems result from redesign of features found Sharing System to be deficient or lacking. Since PDP-11 UNIX became operational in February Dennis M. Ritchie and Ken Thompson 1971, about 40 installations have been put into service; they Bell Laboratories are generally smaller than the system described here. Most of them are engaged in applications such as the preparation and formatting of patent applications and other textual material, the collection and processing of trouble data from various switching machines within the Bell System, and recording and checking telephone service orders. Our own installation is used mainly for research in operating sys- tems, languages, computer networks, and other topics in computer science, and also for document preparation. UNIX is a general-purpose, multi-user, interactive Perhaps the most important achievement of UNIX is to operating system for the Digital Equipment Corpora- demonstrate that a powerful operating system for interac- tion PDP-11/40 and 11/45 computers. It offers a number tive use need not be expensive either in equipment or in of features seldom found even in larger operating sys- human effort: UNIX can run on hardware costing as little as tems, including: (1) a hierarchical file system incorpo- $40,000, and less than two man years were spent on the rating demountable volumes; (2) compatible file, device, main system software. -
David Walden and Raymond Nickerson
Chapter 18 Distributed Computing at BBN Network Computing Software Infrastructure and Distributed Applications from 1970-1995 Richard Schantz In this article we review highlights of the history of BBN and distributed computing from a number of different perspectives: early investigations, distributed systems infrastructure (later to be more commonly known as Middleware), and network-centric applications which utilized the emerging distributed systems capabilities in new and innovative ways, with lasting impact. 18.1 Introduction The innovations being pursued in the area of packet switching and inter-computer communications (see Chapter 17 on networking) spawned a simultaneous interest and investigation into how to utilize this emerging new data oriented communication capability. To complement its activities in pioneering network communications, from the earliest conception of the ARPANET and continuing to this day, BBN initiated and participated in a number of the leading edge, innovative activities aimed at delivering value from the increasing interconnectivity through network centric applications and by providing the network centric infrastructure needed to more easily build these types of applications (see also Chapter 19 on email and 20 relating to distributed simulation). We use the term “Distributed Computing” to loosely tie together these activities covering both advanced, higher levels of multi-host1 infrastructure and the innovative distributed applications themselves, and to distinguish it from the lower level capabilities (e.g., -
Operating System Verification—An Overview
Sadhan¯ a¯ Vol. 34, Part 1, February 2009, pp. 27–69. © Printed in India Operating system verification—An overview GERWIN KLEIN Sydney Research Laboratory, NICTA,∗ Australia, School of Computer Science and Engineering, University of New South Wales, Sydney, Australia e-mail: [email protected] Abstract. This paper gives a high-level introduction to the topic of formal, interactive, machine-checked software verification in general, and the verification of operating systems code in particular. We survey the state of the art, the advantages and limitations of machine-checked code proofs, and describe two specific ongoing larger-scale verification projects in more detail. Keywords. Formal software verification; operating systems; theorem proving. 1. Introduction The fastest, cheapest and easiest way to build something is properly the first time (Parker 2007). This engineer’s credo has made it into popular literature, but it seems to be largely ignored in the world of software development. In the late 1960s a software crisis was diagnosed on a summit in the Bavarian Alps (Naur & Randell 1969): Software was getting more and more complex, and we had no structured way of building it. We ended up with projects that took significantly longer than planned, were more expensive than planned, delivered results that did not fully address customer needs, or at worst were useless. This summit in the late 1960s is widely seen as the birth of the discipline of software engineering. Now, almost 40 years later, we have come a long way. There are numerous books on software engineering, a plenitude of methodologies, programming languages, and processes to choose from.