Date post: | 21-Dec-2015 |
Category: |
Documents |
View: | 215 times |
Download: | 0 times |
Accounting, Protection, Security
andMore Fault Handling
Gotchas
May 26, 2000
Instructor: Gary
Kimura
304/18/23
Accounting Systems
• In large old computing centers accounting systems were very common. – Not that applicable in a PC environment. – But again useful in a network
• The task was not necessarily to restrict usage but to hold individual users accountable for their usage of the system
• Why?– Charge back to make money– Monitor system usage monitoring– When to buy a bigger system– Locate usage hogs
404/18/23
Things to measure
• We measure things that give us a metric for overall and specific system usage– CPU Usage– Main Memory Usage– Disk Usage– Paper Usage– Connect time usage
• How to do the measurement is mostly pretty obvious but not always…
504/18/23
Quotas
• A means of limiting resource usage by an individual or a group
• Typical quota items include– Disk usage– Memory usage– Open handle usage– Mail box usage
• Either the system prohibits a user’s usage from exceeding their quota or sounds a lot of bells and whistles when they do
604/18/23
Protection and Security
• “Don’t trust anyone”– Naïve user with dumb mistakes– Destructive malicious user
• DOD security levels (A – D)– D: least protected system (MS-DOS pass any tests)– C: discretionary protection and accountability with two
subgroups (C1 and C2)– B: mandatory protection (security levels)– A: highest level of security
704/18/23
Protection put on objects and users
– Access control lists– Identify either a group or a individual user– Indicates if access is allowed or denied
– Object reuse– Be sure to clear out memory and secondary storage
before reusing objects space
– Revocation– Each user/process has an ID and usually a list of access
rights– Some systems allow the system to revoke the access
rights to an existing process, some systems do not
804/18/23
More security issues
– Authentication– Password, etc
– Program threats– Trojan Horses– Trap doors
– System threats– Worms– Viruses
– Encryption– Denial of service attacks
904/18/23
Places where page faults occur
• User invoked faults– Code– Data– Both
• Kernel invoked faults– Code– Data– Both
1004/18/23
Double faults
• In some systems it is okay for a page fault handler to itself cause a fault
• There is somewhat a chicken and egg problem that needs to be addressed
• Eventually the last fault needs all of its data code to be resident in memory
• It is possible to pin down your code and data, however doing so usually takes more CPU cycles than it’s worth. So just make the code nonpaged to start with.
1104/18/23
Collided page faults
• When two processes both fault in the same page at the same time we can come up with a collided page fault.
• The same can happen if one process touches a page while the fault is almost through being handled