...UNIX Protection Scheme Cedric Lee POS/355 Scott Stewart March 25, 2013 UNIX Protection Scheme There is an operation system that supports 5,000 users, and the company only wants to allow 4,990 users permission to access one file. In order to have a protection scheme in UNIX, a number of operations need to be performed first in order for this to work. UNIX file management hierarchy is very essential to know in order to understand and devise a plan that will allow this protection scheme to protect the files. Without knowledge of the hierarchy of the file management system within the UNIX operating system, there is no way that the 4,990 will have access to only one file. A file access control scheme will be the design of UNIX operating system. Therefore, user ids and passwords are needed in order to gain access to the system. All users of the UNIX operating system will each be given a user id and a user password. These user ids and passwords will be kept by the assigned users only. The protection of these ids and passwords depend on how well the user protects them. Encryptions and decryptions can also be used when the users are attempting to login. The administrator can put each user into different groups that allow access or deny access to certain files within the operating system. By doing this, there can be control on who can access what file due to the permission given to them by the administrator. The administrator is referred to as the super user because...
Words: 385 - Pages: 2
...File Management Paper {Your Name} {Your Class} {Date} {Instructor} File Management Paper Before we discuss how I would specify a protection scheme in UNIX® for 4990 users out of 5000 to access one file I think we need to first discuss what file management is in UNIX® and how security is implemented for this type of request. File management is a lot like file management in the DOS days of computers operating systems. Even with the early days of Windows up to Windows 3.11 file management and security were perfumed much the same way UNIX® still does it. Why? Because it works. In DOS and still in the most current version of Windows, Windows 8.1, security to files and directories is performed the same way. You have an attributed command with switches for specific action: R- Read Only, A- Archive, S- System Files, H- Hidden Using the + and – symbols before each instructs the system whether to add or remove the attribute. Example: Attrib –R Text.doc. This command will allow the file text.doc to be editable. Where in DOS and Windows upper and lowercase mean the same thing. I file called. TEXT.DOC is the same as a file named text.doc. Not so in UNIX®. A file with uppercase, DOCUMENT.TXT, or lowercase, document.txt, are two totally different files. UNIX® already provides a way for a system administrator to grant access to files and directories for other users. There are three classes of users who may have access to files and directories...
Words: 754 - Pages: 4
...File Management Paper There are issues that arise concerning file sharing in a multiuser system, and that is access rights and the management of simultaneous access. Access rights to a file is granted unique users whether singular or grouped. A flexible tool is provided to allow extensive file sharing among the users while providing a number of options so that certain access can be harnessed or controlled (Stallings , 2012). Although a wide range of access is being used, there is still a list of representatives with access rights that can be designated to a certain user for a unique file. One way is masking the existence of the file, leaving the user oblivious to its existence. If by chance the user gain knowledge of the files existence and owner identification, a petition to the owner can be put in place to gain additional access rights. There are ways where the user can load and execute a program with copy restrictions. Propriety programs are an example of this because they are made accessible to users with this restriction (Stallings, 2012). The only user with full access rights and the power to grant rights to others is the owner of the file created. There are also three classes of users provided said access by the owner. One- third of the class is a specific user, which are individual users who are assigned by a user id. User groups is the another class with a set of users that are not defined individually. The final class is granted to all users because the files are...
Words: 793 - Pages: 4
...File Management Duane Borchick POS/355 December 24, 2012 Paul Rouk File Management Considering a system that is to support 5000 users, but is only to allow 4990 of the users to have access to one file can be accomplished in a variety of different ways. There are two different options of how to complete this task that will be discussed in this paper. The first and most popular way to accomplish this task is to have an access control list made up with the names of all 4990 user on it. With this list in place the system can access the list and find if the user is allowed to have access to the file. A second way to accomplish this for the 4990 users is to place all those uses in a specific group and then set a group access to the group and file. This way all those in the group are granted access to the file and there is not a chance of an unauthorized user gaining access. The file is linked to the specific group and only those in the group are allowed to access it. The paper will also look at another way to protect the system. It will identify a protection scheme that can be used efficiently than what is provided by the UNIX. First look at the Access Control Lists, which there are two different types, ACLs and default ACLs. With an access ACL it is a list for a specific file or directory. A default ACL can only be associated with directory. With a file that is in the directory and does not have a access ACL it will use the rule of a default ACL for the directory. There...
Words: 558 - Pages: 3
...File Management POS/355 February 25, 2013 Bhupinder Singh File Management Imagine a system that support 5000 users, and only allow 4000 of those users can access one file. This can be accomplished in many different ways. One option is for the 4000 users placed in a specific group and then set another group access to the group already on file. The second option is would be the way to go, and that is to have an access control list made up with names of all 5000 users on it. This paper will look into a protection scheme that will be used in an efficiently way to provide that protection to the system. There are techniques to protect the systems directories, files, and folders. Most IT departments will set up appropriate file permission on the files, set up certain tools to check accounts security, and make sure that every account and user set up passwords when in the systems. Security properties can be the source of protecting this. This paper will talk about the security descriptor referred to as access control list (ACL). There are two different types of ACL’s. Access Control List is specifically for the directory and files, and Access Control Default can only be associated with the directory. Example: when a file is in the directory and does not have access to the ACL it will use the rule of default for the directory. So with setting up those 500 users the system can access the list and find if those users are allowed to have...
Words: 584 - Pages: 3
...File Management In a computer systems protection is needed for data to keep it from unauthorized access. Protection can be accomplished in many ways. For a small single user system, we might provide protection by physically removing the floppy disks and locking them in a desk drawer or file cabinet. In a multiuser system, however, other mechanisms are needed. Utilizing controlled access to limit the type of access to files is one such protection mechanism. Some of the types of controlled access are read, write, list, execute, append, delete, renaming, copying and editing. Protection mechanisms may differ depending on the type of computer system and the environment it is used in. The protection required for a library may need to be less restrictive than a system supporting a health clinic. Access control list (ACL) is a general scheme of associating specific usernames and access types for each user to files and directories. Of major concern with ACL is their length. If you allow four hundred users to read a file, you must list each user. Drawback of creating ACL is the time and effort needed to build it and the variable size of the directory entries. To counter these issues condensed version of the list using three classifications of users is recognized by many systems to associate to each file. The three classifications of users are: * Owner: The user who created the file is the owner * Group: A set of users who are sharing the file and need similar access is a group...
Words: 663 - Pages: 3
...File Management UNIX systems are based on the access control of files scheme which was introduced in the very early versions of UNIX. The way this works is that each UNIX user has an assigned unique user identification number which also puts this user ID into a primary group as well as other groups if the user ID needs it. These groups are identified, like the user’s ID, with a group ID. When a user creates a file, it is designated as owned solely by that user and marked with that user’s ID. This file can also be associated with a group with a unique group ID. This file is protected by a set of 12 protection bits. These bits along with the group and owner ID are part of the file’s index node or inode. This inode is a data structure that houses all the information about a file system object except the data content and name. Nine of these protection bits specify execute, write and read permissions for the owner of the file, the other members of the group and all other users. The remaining three outline special behavior for files and directories. A particular user ID is the superuser. This superuser ID is freed from the normal file access control constraints and also has system wide access. Whenever a file or program is set as owned by the superuser, the superuser potentially has unrestricted access to the system and to the users that are using the program. This scheme is acceptable when file access requirements are the same with users and a large number of groups of...
Words: 550 - Pages: 3
...File Management Requirements Alan McKinney POS/355 May, 19 2014 Ellis Hodgdon This paper will discuss the protection that is within the UNIX operating system in regards to naming, file sharing and the importance of allowing permissions to users for accessing files. One topic in particular will be discussed in this paper and that will be the ability to allow access of one file to multiple end users while other users will be restricted from gaining access to the same file. Having the ability to control who has access and who doesn’t is very important to a company. The reason for this is that it allows a company to protect data from users who should not have access or data being released to the public from users that shouldn’t have access. This is important as this can ruin a company’s image. The following scenario will help to provide a way to maintain proper file management up to 4,990end users. When giving permissions to end users it is important to know who will need access and who does not, this could mean specific people or groups. Having an open access scheme for end users could mean loss of data, data being access and misused by those who are not knowledgeable or properly trained. The Unix file system provides sharing and protection of files by using a protection scheme that is made up of file, owner and group access rights (Silberschatz, Galvin, & Gagne, 2012, ). This means that the person that created or that has...
Words: 733 - Pages: 3
...File Management In the company which I am employed, we have employees which access one file at a time. We offer any user to access the file at any time, but if a user already have the file open. He or she cannot make any changes to the file, until the primary user close the following file. This will protect the file from getting damage by other users, or other problems which may occur. When considering a system that supports 5,000 users. Suppose to only wanting to allow 4,990 of those users to be able to access one file can be accomplish in many different ways. Access control list can provide a greater control over file permissions when traditional UNIX file permissions are not enough. UNIX file protection provides read, write, and execute permissions for three user classes: owners, groups and other. An ACL provides better file security by enabling you to define file permissions for the owner, owner’s group, others, specific users, and groups. It also enables you to define default permissions for each if these categories. Another protection scheme that can be used is the universe access information applies to all users unless their name appears in the access-control list with different access permission. With this scheme you simply put the names of the remaining ten users in the access control list but with no access privileges allowed. A file system management system is essential when dealing with the issues of file access and other services in an operating system. Access...
Words: 320 - Pages: 2
...Memory Management Paper For this assignment, you will choose one the following options: · Option 1: Write a 2-page paper that explains memory management requirements. · Option 2: Write a 2-page paper that explains the differences in memory management between Windows® and Linux®. Format your paper consistent with APA guidelines. UNIX/Linux Versus Mac Versus Windows Write an 8- to 10-page paper that compares and contrasts the basic system differences between UNIX®/Linux®, Mac®, and Microsoft ® Windows® operating systems. Include discussion and comparison of the following: · Memory management · Process management · File management · Security Format your paper consistent with APA guidelines. Create a 10- to 12-slide Microsoft® PowerPoint® presentation based on the paper. Discussion Question Main Memory Should DMA access to main memory be given higher priority than processor access to main memory? What is the purpose and technique of DMA logic? Note: Be prepared to discuss in class. Do not submit a written response. POS 355 Week 2 Individual Assignment File Management Paper For this assignment, you will choose one of the following options: · Option 1, File Access: Write a 2-page paper that discusses the following: Consider a system that supports 5,000 users. Suppose you want to allow 4,990 of those users to be able to access one file. How would you specify this protection scheme...
Words: 355 - Pages: 2
...Stephen Sylvester File Management POS:335 John Demory May 26th 2014 In this paper on file access I will be covering two different ways that a system that can support 5,000 users, specifically a protection scheme in UNIX. Please note that out of these 5,000 users, only 4,990 of those users will have access to a specific file. I will first begin with the explanation of one of the ways that a system can support 5,000 users and then move on to the second way that a system can support 5,000 users. The first way that a system can support 5,000 users is for the administrator or facilitator to set up an access control list of all 4,990 users that he or she wants to have access to the specific file. A great real world example of controlled access would be at my current place of employment at the Department of Veteran’s Affairs. Every employee within the company is assigned user roles. These user roles reflect their job position within the company. Every employee has access to our shared drive folder on our network based on the employee’s credentials and need to know privileges (based on their specific duties and user role). Based on their credentials it will grant that employee access to specific folders. I personally deal with medical records and often, at times the doctors use our network shared drive to upload patient information to be indexed into our system. The doctors must be on the access control list in order to access our shared network drive. Being that I...
Words: 654 - Pages: 3
...Week 2 File Management Paper POS/355 Joey Turner JR Professor Alicia Pearlman Most UNIX systems that you will come across are usually based on the control scheme of file access associate with early versions of the UNIX system. In UNIX, every individual user is assigned their own unique user ID that they may use to access files saved in memory. Users are identified by being a part of a private group or various groups which can be identified then by their group ID. When a file is created in LINUS it is identified as being owned by a particular user and marked with the user that created the file’s user id. The file also belongs to whatever group the user is associated with as well or else the group of its parent directory but only if that parent directory has SetGID permission configured. SetGID (SetGIUD) are access rights flags that allow users to run executable (.exe) files with the permission of user ids or group id. Protection bits in sets of twelve are associated with each file as well. The owner ID, group ID, and protection bits are part of the file’s index node-which are a data-structure used to represent a file-system object which can be a file or file directory. There are 9 of the 12 protection bits that are advocated to the user and group ids owners of the files which control reading, writing, and execute permissions. These nine protection bits then form a system of hierarchy of user id, group id, and all others. The hierarchy is also coupled with the...
Words: 884 - Pages: 4
...File Management: File Access in UNIX POS/355 July 7, 2014 File Management: File Access in UNIX The Problem Company X is an organization that utilizes a UNIX operating system supporting approximately 5,000 users. Recently, the IT Department has received a request from the CEO of the company; 4,990 out of its 5,000 users on the network need to be able to access one file. How would the IT Department specify the protection scheme in UNIX where the other ten users would not be able to gain access to that one file? Traditional UNIX File Access Control According to Stallings (2012), “Most UNIX systems depend on, or at least are based on, the file access control scheme introduced with the early versions of UNIX.” Because the 4,990 users only need access to one file versus many different files, the traditional file access control UNIX provides is sufficient. The premise of UNIX file access control is based on file permissions that can assign ownership to three categories of users. The first is the user, who is the file or directory owner, usually the user who created the file. The owner of a file assigns the permissions to the file, such as the right to read the file, to write to the file (make changes to it), or, to execute the file if the file is a command (Oracle, 2012). The second category is a group. A group is “members of a group of users” (Oracle, 2012). In this case the owner of the file would create a group, assign the permissions to the group, and then add...
Words: 727 - Pages: 3
...OLABISI ONABANJO UNIVERSITY P.M.B 2002 AGO IWOYE, OGUN STATE. NAME: BISAN SHOLA ELIZABETH DEPARTMENT: MATHEMATICAL/COMPUTER SCIENCE MATRIC NO: SCI/13/14/0247 LEVEL: 300L COURSE TITLE: OPERATING SYSTEM 1 COURSE CODE: CMP 307 TOPIC: MEMORY MANAGEMENT DATE SUBMITTED: 15 – 02 – 2016 LECTURER IN CHARGE: DR ADESHINA MEMORY MANAGEMENT Memory management is the functionality of an operating system which handles or manages primary memory. Memory management keeps track of each and every memory location either it is allocated to some process or it is free. It checks how much memory is to be allocated to processes. It decides which process will get memory at what time. It tracks whenever some memory gets freed or unallocated and correspondingly it updates the status. Memory management provides protection by using two registers, a base register and a limit register. The base register holds the smallest legal physical memory address and the limit register specifies the size of the range. For example, if the base register holds 300000 and the limit register is 1209000, then the program can legally access all addresses from 300000 through 411999. Instructions and data to memory addresses can be done in following ways Compile time -- When it is known at compile time where the process will reside, compile time binding is used to generate the absolute code. Load time -- When it is not known at compile time where the process will reside in memory, then the compiler...
Words: 2862 - Pages: 12
...Digital Rights Management 12/1/2010 Digital Rights Management 1 Introduction • Digital Rights Management (DRM) is a term used for systems that restrict the use of digital media • DRM defends against the illegal altering, sharing, copying, printing, viewing of digital media • Copyright owners claim DRM is needed to prevent revenue lost from illegal distribution of their copyrighted material 12/1/2010 Digital Rights Management 2 DRM Content and Actions • There are many capabilities covered by DRM Digital Rights Management Digital content: • Videos • Music • Audio books • Digital books • Software • Video games Possible Actions and Restrictions: • Play once • Play k times • Play for a set time period • Play an unlimited amount • Copy • Burn to physical media • Lend to a friend • Sell • Transfer to a different device 12/7/2010 Digital Rights Management 3 Early U.S. Copyright History • US Constitution, Article 1, Section 8 – “The Congress shall have the Power … To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries” • Copyright Act of 1790 – "the author and authors of any map, chart, book or books already printed within these United States, being a citizen or citizens thereof....shall have the sole right and liberty of printing, reprinting, publishing and vending such map, chart, book or books...." – Citizens could patent...
Words: 2387 - Pages: 10
