Weekly Note 11 - Week 17

14 April 2019

Lecture - Tuesday, April 23rd.

16-19 in U82

This week we will cover Protection, as this is the smallest of the remaining topics, and this will leave us time to have code review of project 3.

We will also have a small review of the previous lecture, so this time it will be filesystems, and have the Kahoot as well.

Tutorial session

Thursday April 25th. 08-10 or 12-14 in U166.

Preparation:

Make a list of 10-15 keywords for a 10 min. presentation with the topic: "Protection"

Prepare at home to discuss:

  1. What are the main differences between capability lists and access lists?

  2. The access-control matrix could be used to determine whether a process can switch from, say, domain A to domain B and enjoy the access privileges of domain B. Is this approach equivalent to including the access privileges of domain B in those of domain A?

  3. Discuss the strengths and weaknesses of implementing an access matrix using access lists that are associated with objects.

  4. Discuss the strengths and weaknesses of implementing an access matrix using capabilities that are associated with domains.

  5. What is the need-to-know principle? Why is it important for a protection system to adhere to this principle?

  6. How are the access-matrix facility and the role-based access-control facility similar? How do they differ?

  7. How does the principle of least privilege aid in the creation of protection systems?

  8. Why is it difficult to protect a system in which users are allowed to do their own I/O? .

In class:

Use the first 45 minutes to discuss the exercises prepared at home and your list of keywords.

Use the last 45 minutes to discuss project 4. You can discuss with the TA any design choices you have considered, and get his opinion on the solution and its complexity. It is up to you to not overcomplicate project 4, and the design of your filesystem is a big factor in this.

  • Chapter 17 in Operating System Concepts, Enhanced eText, 10th Edition

Material (Slides, etc.)