3. FILE PROTECTION
4/12/2018
•The Protection of a file is mostly needed in multi-user
environment where a file is shared among several users.
•On system which does not permit access to the files of
other users, protection is not required.
•Protection mechanism must provide controlled access by
restricting the types of files which can be made.
•Access is permitted or denied depending upon several
factors, one of which is the type of access requested.
4. 4/12/2018
Several different types of operations
may be controlled. These operations
are:
•Reading from the file.
•Writing on the file.
•Executing the file by loading into main
memory.
•Writing new information at the end of a
file.
•Deleting the file and releasing the
space.
Operations
Other
operations
9. HOW TO NAME YOUR FILES?
Nobody likes unorganized
folders.
If everyone took the initiative to
name their files correctly, there
wouldn't be such a hassle
downloading and sorting files.
This is an example of poor
mp3 naming.
4/12/2018
10. 4/12/2018
You must be much more
descriptive.
-Give all the information that is
necessary.
-Do not use ID tags. ID tags hide
the truth, and hiding the truth is
wrong.
- Instead of ID tags, use
parenthesis and underscores to
specify meta data.
11. 4/12/2018
Name your
files and
folders
wisely..!
You must adhere to file-naming conventions when
saving files :
1.Case sensitivity – upper and lower case are different
True in Linux and Unix variations, not in Windows
2. Maximum length (Windows 260 characters)
3. Spaces allowed
4. Digits allowed
5. / : * ? " < > | not allowed (Special Characters)
6. File names not allowed (con, nul, prn)
File extensions provide clues to the file contents.
OS uses extensions to know which application created the file
and the internal format of the file.
12. FILENAME EXTENSIONS
4/12/2018
Extension Type of Document Application
.doc or .docx Word processing document Microsoft Word
.xls or .xlsx Workbook Microsoft Excel
.ppt or .pptx PowerPoint presentation MS PowerPoint
.accdb Database Microsoft Access
.gif, .jpg, .png Images Windows Image Viewer
.mp4, .mp3 Videos, audio Windows Media
.zip Compressed file WinZip
.pdf Portable Document Format Adobe Acrobat
.htm or .html Web page Hypertext Markup
Language
14. 4/12/2018
In this approach, password is associated with each
file.
Just as a password is required to access a computer
system, access to each file will be also controlled by
a password.
A password is a string of characters used to verify the identity of a user during
the authentication process. Passwords are typically used in conjuncture with a username; they
are designed to be known only to the user and allow that user to gain access to a device,
application or website.
15. LIMITATIONS
There are, however, several disadvantages to this
scheme:
If we associate a separate password with each
file, the number of passwords that need to he
remembered are quite large, making the scheme
impractical. If only one password is used for all the
files, then once it is discovered all files are
accessible. Some systems allow a user to
associate a password with a subdirectory rather
than an individual file, to deal with this problem.
4/12/2018
16. Commonly, only one password is associated with each file. Thus protection is on an
all-or-nothing basis. To provide protection on a more detailed level, multiple
Passwords are needed.
4/12/2018
HACKERS!!
19. 4/12/2018
APPROACH : to make access dependent on the
identity of the user.
Multiple users >> different types of access to a
file or directory.
‘‘ An access list can be associated with each
file and directory, specifying the user name
and the types of access allowed- for each
user. ’’
WORKING!!!
1. USER REQUESTS ACCESS
2. OS CHECKS THE ACCESS LIST
3. IF (USER IS PRESENT IN AL)
ACCESS ALLOWED;
ELSE
ACCESS DENIED; //protection violation
20. DISADVANTAGES OF
ACCESS LISTS
4/12/2018
This has two undesirable consequences:
•Constructing such a list may be a tedious and
unrewarding task, especially if we not know in advance
the list of users in the system.
•The directory entry which previously was of fixed size
needs now to be of variable size, resulting in space
management being more complicated.
These problems can be resolved by using a condensed
version of the access list.(ACCESS GROUPS)
21. To condense the length of the access list, many
systems recognize three classifications of users in
connection with each file:
Owner
The user who created
the file.
Universe(Others)
All other users in the
system
Group
A set of users who
are sharing the file
and need similar
access.
22. A SITUATION TO ILLUSTRATE THE
WORKING OF ACCESS GROUPS :
4/12/2018
Consider a person, X, who is working on a new project. She has hired three graduate students (A,
B, C) to work on the project.
X
CBA
Owner
Group
23. Re protection associated with this file is as follows:
X should be able to invoke all operations on the file.
A, B and C should only be able to read, write, and execute the file. They should be
allowed to delete the file.
4/12/2018
Read(r)
Write(w)
Execute(x)
Delete
All operations
24. All other users should be able to execute the file.
(X is interested in letting as many people as possible play the game in order to obtain
appropriate feedback.)
To achieve such a protection, a new group must be created with member A, B, C. The
name of the group must be then associated with the file project, and the access-right
must be set in accordance with the policy that is outlined .
4/12/2018
Others(universe)