FILE
PROTECTION
1.
Need for file protection
· When information is kept
in a computer system, we want to keep it safe from physical damage
(reliability) and improper access (protection).
Reliability is generally provided by duplicate
copies of files. Many computers have systems programs that automatically (or
though computer-operator intervention) copy
disk files to tape at regular intervals (once per day
or week or
month) to maintain
a copy should a file system be
accidentally destroyed.
·
File systems can be damaged by hardware problems (such
as errors in reading or writing), power surges or failures, head crashes, dirt,
temperature extremes, and vandalism. Files may be deleted accidentally. Bugs in
the file-system software can also cause file contents to be lost.
·
Protection can be provided in many ways. For a
small single-user system, we might provide protection by physically removing
the floppy disks and locking them in a desk drawer or file cabinet. In a
multi-user system, however, other mechanisms are needed.
2.
Types of Access
·
Complete protection is provided by prohibiting
access.
·
Free access is provided with no protection.
·
Both approaches are too extreme for general use.
·
What is needed is controlled access.
· Protection mechanisms
provide controlled access by limiting the types of file access that can be
made. Access is permitted or denied depending on several factors, one of which
is the type of access requested. Several different types of operations may be controlled:
1. Read: Read from
the file.
2. Write: Write or
rewrite the file.
3. Execute: Load the
file into memory and execute it.
4. Append: Write new
information at the end of the file.
5. Delete: Delete
the file and free its space for possible reuse.
6. List: List the
name and attributes of the file.
3.
Access Control
· Associate with each file
and directory an access-control list (ACL) specifying the user name and the
types of access allowed for each user.
·
When a user requests access to a particular file,
the operating system checks the access list associated with that file. If that
user is listed for the requestedaccess, the access is allowed. Otherwise, a
protection violation occurs and the user job is denied access to the file.
·
This technique has two undesirable consequences:
• Constructing such a list may be a tedious and
unrewarding task, especially if we do not know in advance the list of users in
the system.
• The directory entry, previously of fixed size, now
needs to be of variable size, resulting in more complicated space management.
·
To condense the length of the access control list,
many systems recognize three classifications of users in connection with each
file:
Owner: The user who created the file is
the owner.
Group: A set of users who are sharing
the file and need similar access \is a group, or work group.
Universe: All other users in the system
constitute the universe.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.