The document presents an ontology of a general operating system that could be used as a guideline for security software to create snapshots of operating systems for intrusion detection. It describes the main classes that make up an operating system like SystemObject, Resource, ObjectType, and AdditionalObject. Resources like the CPU, memory, and hardware are described. Additional security objects like ACLs, DACLs, and users are also defined. System objects like files, processes, and threads are outlined. Object types that describe the possible states of system objects are included to make the ontology clear. Individual instances are created to make the ontology practical.
File system and IOCS
Files and file organization
Fundamentals of file organizations
Directory structures
File protection
Interface between file system and IOCS
Allocation of disk space
Implementation of file access
FellowBuddy.com is an innovative platform that brings students together to share notes, exam papers, study guides, project reports and presentation for upcoming exams.
We connect Students who have an understanding of course material with Students who need help.
Benefits:-
# Students can catch up on notes they missed because of an absence.
# Underachievers can find peer developed notes that break down lecture and study material in a way that they can understand
# Students can earn better grades, save time and study effectively
Our Vision & Mission – Simplifying Students Life
Our Belief – “The great breakthrough in your life comes when you realize it, that you can learn anything you need to learn; to accomplish any goal that you have set for yourself. This means there are no limits on what you can be, have or do.”
Like Us - https://www.facebook.com/FellowBuddycom
Advanced Operating System- IntroductionDebasis Das
Introduction to Advanced Operating systems. Many university courses run advanced/ distributed operating system courses in their 4 year engineering programs. This is based on WBUT CS 704 D course but matches many such courses run by different universities. If you need to downloaad this presentation, please send me an email at ddas15847@gmail.com
File system and IOCS
Files and file organization
Fundamentals of file organizations
Directory structures
File protection
Interface between file system and IOCS
Allocation of disk space
Implementation of file access
FellowBuddy.com is an innovative platform that brings students together to share notes, exam papers, study guides, project reports and presentation for upcoming exams.
We connect Students who have an understanding of course material with Students who need help.
Benefits:-
# Students can catch up on notes they missed because of an absence.
# Underachievers can find peer developed notes that break down lecture and study material in a way that they can understand
# Students can earn better grades, save time and study effectively
Our Vision & Mission – Simplifying Students Life
Our Belief – “The great breakthrough in your life comes when you realize it, that you can learn anything you need to learn; to accomplish any goal that you have set for yourself. This means there are no limits on what you can be, have or do.”
Like Us - https://www.facebook.com/FellowBuddycom
Advanced Operating System- IntroductionDebasis Das
Introduction to Advanced Operating systems. Many university courses run advanced/ distributed operating system courses in their 4 year engineering programs. This is based on WBUT CS 704 D course but matches many such courses run by different universities. If you need to downloaad this presentation, please send me an email at ddas15847@gmail.com
Overview - Functions of an Operating System – Design Approaches – Types of Advanced
Operating System - Synchronization Mechanisms – Concept of a Process, Concurrent
Processes – The Critical Section Problem, Other Synchronization Problems – Language
Mechanisms for Synchronization – Axiomatic Verification of Parallel Programs - Process
Deadlocks - Preliminaries – Models of Deadlocks, Resources, System State – Necessary and
Sufficient conditions for a Deadlock – Systems with Single-Unit Requests, Consumable
Resources, Reusable Resources.
Solution to Operating system concepts ninth edition.
By Navid Daneshvaran, software engineering student at Kharazmi university.
I would be grateful if you would notify me of any errors to solutions.
E-Mail:
nd.naviddaneshvaran@gmail.com
An operating system is a system software that is responsible for the
management of various activities of the computer and sharing of computer resources.
Operating system is a collection of programs which makes interface between hardware, software and user.
Overview - Functions of an Operating System – Design Approaches – Types of Advanced
Operating System - Synchronization Mechanisms – Concept of a Process, Concurrent
Processes – The Critical Section Problem, Other Synchronization Problems – Language
Mechanisms for Synchronization – Axiomatic Verification of Parallel Programs - Process
Deadlocks - Preliminaries – Models of Deadlocks, Resources, System State – Necessary and
Sufficient conditions for a Deadlock – Systems with Single-Unit Requests, Consumable
Resources, Reusable Resources.
Solution to Operating system concepts ninth edition.
By Navid Daneshvaran, software engineering student at Kharazmi university.
I would be grateful if you would notify me of any errors to solutions.
E-Mail:
nd.naviddaneshvaran@gmail.com
An operating system is a system software that is responsible for the
management of various activities of the computer and sharing of computer resources.
Operating system is a collection of programs which makes interface between hardware, software and user.
Definition of Computer
Classification of Computer
Applications of Computer
Block Diagram and Working of Computer System
Different Peripheral Devices
Main Storage and Auxiliary Storage Devices
Computer Hardware and Software
1. OSOnto
Razvan Benchea,
Catalin Lita
BogdanTimofte
Abstract. The operating system has always been one of the most important part
of the software that runs on a computer. As technology becomes more and more
advanced so does the software. In this paper we present an ontology of a
general operating system. This ontology may be used as a guide line for
security software that wants to create a snapshot of an operating system in order
to detect intrusion detection.
Keywords: operating system, ontology, security
1 Introduction
1.1 Motivation
In the last years more and more devices have been created that use an operating
system already available on the market. Even though the devices have become more
and more complex, the basic architecture of an operating system remains the same.
Mainly this is because the architecture of a device is still based on a Turing Machine.
In the last few years we also witnessed a great increase in the number of malware.
Because of the great number of malware that appear every day, most of the security
products can no longer analyze every malware so they are searching for an automated
way of detecting it. By giving a logical description of every part of an operating
system, one can use it to create a snapshot of a running machine and compare it to a
original one. By comparing the differences one can detected, based on additional
heuristics, if the system has been compromised.
2 Organizational structure
2.1 An operating system’s basic description is given in the following section
presenting requirements that need to be fulfilled. Then, as components are identified,
2. more detail is presented about each concept modeled in the ontology. Short
descriptions and graphs showing the ontology are also presented. Conclusions and
future work are described in the last section. Annex 1 contains a list of classes and
properties with a brief.
The main classes that make the operating system are SystemObject, Resource,
ObjectType and AdditionalObject. The SystemObject will contain every object that
we consider fundamental. A resource refers to a piece of hardware controlled by an
operating system. This part is responsible for maintaining a list of available resource
for every piece of hardware that makes an operating system(ex: used memory, total
memory, free memory). The class ObjectType contains individuals that describe
every object and state in the ontology. AdditionalObject contain objects that are not
general for an operating system. These object may be used or not. We described here
the users and some security specifications.
3. 2.2 Resources
The superscript numeral used to refer to a footnote appears in the text either directly
after the word to be discussed or – in relation to a phrase or a sentence – following the
punctuation mark (comma, semicolon, or period). Footnotes should appear at the
bottom of the normal text area, with a line of about 5cm set immediately above them 1
The central processing unit (CPU) is the portion of a computer system that carries out
the instructions of a computer program, and is the primary element carrying out the
computer's functions. The central processing unit carries out each instruction of the
program in sequence, to perform the basic arithmetical, logical, and input/output
operations of the system. This term has been in use in the computer industry at least
since the early 1960s.[1] The form, design and implementation of CPUs have changed
dramatically since the earliest examples, but their fundamental operation remains
much the same.
The fundamental operation of most CPUs, regardless of the physical form they take,
is to execute a sequence of stored instructions called a program. The program is
represented by a series of numbers that are kept in some kind of computer memory.
There are four steps that nearly all CPUs use in their operation: fetch, decode,
execute, and writeback.
The clock rate is the speed at which a microprocessor executes instructions. Every
computer contains an internal clock that regulates the rate at which instructions are
executed and synchronizes all the various computer components. The CPU requires a
fixed number of clock ticks (or clock cycles) to execute each instruction. The faster
the clock, the more instructions the CPU can execute per second.
Another strategy of achieving performance is to execute multiple programs or threads
in parallel. This area of research is known as parallel computing. In Flynn's
taxonomy, this strategy is known as Multiple Instructions-Multiple Data or MIMD..
2.3 Additional Objects
We described here mainly Security Objects. If the ontology wishes to be extended
this is where the new objects should be used. Currently there are described here the
following Objects: ACL, DACL, USER.
An access control list (ACL) is a list of permissions attached to an object. An
ACL specifies which users or system processes are granted access to objects, as well
as what operations are allowed on given objects. Each entry in a typical ACL
specifies a subject and an operation. For instance, if a file has an ACL that contains
(Alice, delete), this would give Alice permission to delete the file.
1
4. The ACL is technically a list of access control entries (ACE). Each ACE in an
ACL identifies a trustee and specifies the access rights allowed, denied, or audited for
that trustee. The security descriptor for a securable object can contain two types of
ACLs: a DACL and a SACL.
A discretionary access control list (DACL) identifies the trustees that are allowed
or denied access to a securable object. When a process tries to access a securable
object, the system checks the ACEs in the object's DACL to determine whether to
grant access to it. If the object does not have a DACL, the system grants full access to
everyone. If the object's DACL has no ACEs, the system denies all attempts to access
the object because the DACL does not allow any access rights. The system checks the
ACEs in sequence until it finds one or more ACEs that allow all the requested access
rights, or until any of the requested access rights are denied. For more information,
see How DACLs Control Access to an Object.
A user account allows a user to authenticate to system services and be granted
authorization to access them; however, authentication does not imply authorization.
To log in to an account, a user is typically required to authenticate oneself with a
password or other credentials for the purposes of accounting, security, logging, and
resource management.Once the user has logged on, the operating system will often
use an identifier such as an integer to refer to them, rather than their username,
through a process known as identity correlation
2.4 System Objects
Files:
A computer file is a block of arbitrary information, or resource for storing
information, which is available to a computer program and is usually based on some
kind of durable storage.
A file is durable in the sense that it remains available for programs to use after the
current program has finished. Computer files can be considered as the modern
5. counterpart of paper documents which traditionally are kept in offices' and libraries'
files, and this is the source of the term.
Processes.
A key abstraction utilized in the design of an operating system is the notion of
process. A process is a program in execution.
The status of a process includes:
- the code that is executing
- the values of its variables
- the contents of the CPU registers, especially the program
counter (PC)
- the state of the process (running, ready, waiting, etc.)
At any given time, the system kernel is managing a collection of processes. Some
are user processes (shells, applications, etc.), some are system processes (print
spooler, accounting process, etc.)
An important kernel function is the management of processes. The kernel is
responsible for creating, scheduling and deleting processes and often for inter-process
communication.A thread of execution is the smallest unit of processing that can be
scheduled by an operating system. It generally results from a fork of a computer
program into two or more concurrently running tasks.Multiple threads can exist
within the same process and share resources such as memory, while different
processes do not share these resources. In particular, the threads of a process share the
latter's instructions (its code) and its context (the values that its variables reference at
any given moment).
Threads differ from traditional multitasking operating system processes in that:
processes are typically independent, while threads exist as subsets
of a process
processes carry considerable state information, whereas multiple
threads within a process share state as well as memory and other resources
processes have separate address spaces, whereas threads share their
address space
processes interact only through system-provided inter-process
communication mechanisms.
Context switching between threads in the same process is typically
faster than context switching between processes.
6. 2.5 Object Type
In order to make the ontology as clear as possible we included the state of system
objects in ObjectType. The Class object type describes every state that an object
(system object or additional object) can be at one moment in time. It describes the
state of processes, thread, files, user rights, priorities, etc:
4 Individuals
In order to make the ontology as practical as we could we created some instances of
the classes described above. In fact, we created the same individuals that will appear
in a windows machine.
We present you a screen-shot from Protégé 4.0 of the way individuals are
organized. Due to the lack of space, we did not include here all the individuals. For
example, we did not include processes, threads or file. These can be observed by
opening the ontology
7.
8. 5 Conclusions
An OS takes care for all input and output in a computer system. It manages
users, processes, memory management, printing, telecommunication, networking etc.
It sends data to a disk, the printer, the screen and other peripherals connected to the
computer.
And because every machine is build different, commands for in or output
will have to be treated differently too. In almost all cases an Operating System is not
one large big behemoth but consists of many small system programs governed by the
core or kernel of the OS. Because of the compactness of these small supporting
programs it is easier to rewrite parts or packages of the OS than to redesign an entire
program. In general programmers only have to make a "call" to the system to make
9. things happen. This not only makes their live less miserable but the production time
becomes shorter. As well as that programs can run on different types of machines
with the same family of CPU's without changing anything in the program. This is
what makes a standard Operating System so important. In fact any form of
standardization is important for production and compatibility.
In our ontology we tried to create an operating system as general as possible
that can be used for many aspects. We presented the class Additional Objects as an
way to extend this ontology and we gave an example by using security objects.
17. AditionalObject, Resource, SystemObject
Class: Process
+ Thing
+ SystemObject
Process
Superclasses (1)
SystemObject
Disjoints (2)
File, Thread
Disjoints (14)
alg.exe, calc.exe, csrss.exe, explorer.exe, firefox.exe, lsass.exe, notepad
.exe, services.exe, smss.exe, solitaire.exe, spoolsv.exe,svchost.exe, syste
m.exe, winlogon.exe
Usage (22)
• alg.exe: Process
• calc.exe: Process
• csrss.exe: Process
• explorer.exe: Process
• firefox.exe: Process
• lsass.exe: Process
• notepad.exe: Process
• services.exe: Process
• smss.exe: Process
• solitaire.exe: Process
• spoolsv.exe: Process
• svchost.exe: Process
• system.exe: Process
• winlogon.exe: Process
• hasCPUUsageValue Domain Process
• hasMemoryUsageValue Domain Process
• hasProcessIDValue Domain Process
• hasOpenFile Domain Process
• hasParent Domain Process
• hasThread Domain Process
• hasParent Range Process
• isFromProcess Range Process
Class: Resource
22. • threadStateSuspended: ThreadStateType
• hasThreadState Range ThreadStateType
Class: User
+ Thing
+ AditionalObject
User
Superclasses (1)
• AditionalObject
Disjoints (2)
ACL, DACL
Disjoints (3)
userBMR, userBTE, userKID
Usage (7)
• userBMR: User
• userBTE: User
• userKID: User
• hasNameValue Domain User
• hasSystemRight Domain User
• hasOwner Range User
• hasUser Range User