Virtualization
Virtualization is a powerful
tool for trusted system designers because it allows users to access complex
objects in a carefully controlled manner. By virtualization we mean that the operating system emulates or
simulates a collection of a computer system's resources. We say that a virtual machine is a collection of real
or simulated hardware facilities: a [central] processor that runs an
instruction set, an amount of directly addressable storage, and some I/O
devices. These facilities support the execution of programs.
Obviously, virtual resources
must be supported by real hardware or software, but the real resources do not
have to be the same as the simulated ones. There are many examples of this type
of simulation. For instance, printers are often simulated on direct access
devices for sharing in multiuser environments. Several small disks can be
simulated with one large one. With demand paging, some noncontiguous memory can
support a much larger contiguous virtual memory space. And it is common even on
PCs to simulate space on slower disks with faster memory. In these ways, the
operating system provides the virtual resource to the user, while the security
kernel precisely controls user accesses.
Multiple Virtual Memory Spaces
The IBM MVS/ESA operating
system uses virtualization to provide logical separation that gives the user
the impression of physical separation. IBM MVS/ESA is a paging system such that
each user's logical address space is separated from that of other users by the
page mapping mechanism. Additionally, MVS/ESA includes the operating system in
each user's logical address space, so a user runs on what seems to be a
complete, separate machine.
Most paging systems present to a user only the
user's virtual address space; the operating system is outside the user's
virtual addressing space. However, the operating system is part of the logical
space of each MVS/ESA user. Therefore, to the user MVS/ESA seems like a
single-user system, as shown in Figure 5-17.
A primary advantage of
MVS/ESA is memory management. Each user's virtual memory space can be as large
as total addressable memory, in excess of 16 million bytes. And protection is a
second advantage of this representation of memory. Because each user's logical
address space includes the operating system, the user's perception is of
running on a separate machine, which could even be true.
Virtual Machines
The IBM Processor Resources/System Manager
(PR/SM) system provides a level of protection that is stronger still. A
conventional operating system has hardware facilities and devices that are
under the direct control of the operating system, as shown in Figure 5-18. PR/SM provides an entire virtual
machine to each user, so that each user not only has logical memory but also
has logical I/O devices, logical files, and other logical resources. PR/SM
performs this feat by strictly separating resources. (The PR/SM system is not a
conventional operating system, as we see later in this chapter.)
The PR/SM system is a natural extension of the
concept of virtual memory. Virtual memory gives the user a memory space that is
logically separated from real memory; a virtual memory space is usually larger
than real memory, as well. A virtual machine gives the user a full set of
hardware features; that is, a complete machine that may be substantially
different from the real machine. These virtual hardware resources are also
logically separated from those of other users. The relationship of virtual
machines to real ones is shown in Figure 5-19.
Both MVS/ESA and PR/SM
improve the isolation of each user from other users and from the hardware of
the system. Of course, this added complexity increases the overhead incurred
with these levels of translation and protection. In the next section we study
alternative designs that reduce the complexity of providing security in an
operating system.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.