1. Need for file protection
· When information is kept in a computer system, we want to keep it safe from physical damage (reliability) and improper access (protection).
Reliability is generally provided by duplicate copies of files. Many computers have systems programs that automatically (or though computer-operator intervention) copy disk files to tape at regular intervals (once per day or week or month) to maintain a copy should a file system be accidentally destroyed.
· File systems can be damaged by hardware problems (such as errors in reading or writing), power surges or failures, head crashes, dirt, temperature extremes, and vandalism. Files may be deleted accidentally. Bugs in the file-system software can also cause file contents to be lost.
· Protection can be provided in many ways. For a small single-user system, we might provide protection by physically removing the floppy disks and locking them in a desk drawer or file cabinet. In a multi-user system, however, other mechanisms are needed.
2. Types of Access
· Complete protection is provided by prohibiting access.
· Free access is provided with no protection.
· Both approaches are too extreme for general use.
· What is needed is controlled access.
· Protection mechanisms provide controlled access by limiting the types of file access that can be made. Access is permitted or denied depending on several factors, one of which is the type of access requested. Several different types of operations may be controlled:
1. Read: Read from the file.
2. Write: Write or rewrite the file.
3. Execute: Load the file into memory and execute it.
4. Append: Write new information at the end of the file.
5. Delete: Delete the file and free its space for possible reuse.
6. List: List the name and attributes of the file.
3. Access Control
· Associate with each file and directory an access-control list (ACL) specifying the user name and the types of access allowed for each user.
· When a user requests access to a particular file, the operating system checks the access list associated with that file. If that user is listed for the requestedaccess, the access is allowed. Otherwise, a protection violation occurs and the user job is denied access to the file.
· This technique has two undesirable consequences:
• Constructing such a list may be a tedious and unrewarding task, especially if we do not know in advance the list of users in the system.
• The directory entry, previously of fixed size, now needs to be of variable size, resulting in more complicated space management.
· To condense the length of the access control list, many systems recognize three classifications of users in connection with each file:
Owner: The user who created the file is the owner.
Group: A set of users who are sharing the file and need similar access \is a group, or work group.
Universe: All other users in the system constitute the universe.