An operating system is a program designed to run other programs on a computer. A computer's operating system is its most important program. It is considered the backbone of a computer, managing both software and hardware resources. Operating systems are responsible for everything from the control and allocation of memory to recognizing input from external devices and transmitting output to computer displays. They also manage files on computer hard drives and control peripherals, like printers and scanners.
The operating system of a large computer system has even more work to do. Such operating systems monitor different programs and users, making sure everything runs smoothly, without interference, despite the fact that numerous devices and programs are used simultaneously. An operating system also has a vital role to play in security. Its job includes preventing unauthorized users from accessing the computer system.
2.0 Definition of Page replacement
One of the most important of all concepts related to Memory Management is Virtual Memory. Virtual Memory refers to the concept whereby a process with a larger size than available memory can be loaded and executed by loading the process in parts. The program memory is divided into pages and the available physical memory into frames. If a process attempts to access a page that is not available in the main memory and the information of which does not exist in its page table, a page fault occurs. The Operating System now takes care of swapping this page in to the main memory from the backing store. The Operating System follows its predefined algorithms for page replacement.
In the virtual memory, failure occurs when the page, the system need transferred to a memory from disk to main memory. Because the number of pages the user's virtual pages is more than the main memory. Virtual memory space can accommodate program than section number can store the memory space of the same length program more section number. Therefore, will appear the memory space has been occupied, and need loaded a new page from disk.
3.0 Page replacement strategy
Page replacement is a basic requirement. It completed the separation of between logical memory and physical memory. With this mechanism, a large virtual memory can be provided for the programmer in a small physical memory. Since there is no demand paging, the two groups may be different. All pages a process must still be in physical memory, however, with demand paging, the size of the logical address space is no longer limited by physical memory. So there are many different page replacement strategies. Each operation system may have its own alternative. Which is a chooser in particular the replacement algorithm can hope to have a minimum page fault rate.
The simplest page replacement algorithm is a first in first out (FIFO) method. The essence of this algorithm, always choose the longest main memory oldest of are placement, that is, first enter the page of memory, first out memory. The reasons are first transferred to the memory page, the possibility of no longer being used into memory than just the possibility of large. A FIFO queue shelters are in memory pages. Always be replaced in the queue head to the page. When a page is put into memory, put it on the end inserted in the team.
This algorithm is a linear order to access the address in the space is ideal, or inefficient. Because those who often visit the page often to stay in the main memory also had the longest, the results are due to become old and had to be replaced out.
FIFO Another drawback is that it has an unusual phenomenon, that is, in the case of increasing block, but the page fault rate increases. Of course, this anomaly led to a page to actually rare.
FIFO algorithm and OPT is the main difference between algorithms, FIFO algorithm uses the page into memory, the length of time as a replacement basis, and OPT algorithm is based on the future use of the page of time. If the recent past as the approximation of the near future, you can over the longest period of time not have been out of use page replacement. Its essence is that when the need to replace the page, select the oldest in the most recent period have not used the page to be replaced. This algorithm is called the lack of use algorithm Least Recently Used.
LRU algorithm is used with each page the last time-related. When a page must be replaced, LRU algorithm to select the most long-lost over a period of time the page is used. LRU algorithm is often used page replacement algorithm, and is considered very well, but there is the question how to achieve it. LRU algorithm needs the support of the actual hardware. The problem is how to determine the order of last use of time.
The simplest case is to make each page table entry corresponding to a time field use, and to add a logical CPU clock or counter. Each memory access, the clock is increased by 1. When visiting a page, the content of the clock register is copied to the corresponding page table entry to use the time field. So that can always retain the last visit of each page time. In the replacement page, select the minimum value of the time the page. To do so, not only to check the page table, and when the page table changes due to CPU scheduling to maintain the page table in the time clock values â€‹â€‹must take into account the overflow problem.
Page number with a stack reserved. When visiting a page, put it out on the top of the stack from the stack. As a result, the stack is always placed on the most current page, and lying bottom of the stack at least use the current page. Removed from the middle of the stack as one use with head and tail pointers to link the two-way chain. In the worst case, remove one and put it on top of the stack pointer on the need for modification 6. Every change must have overhead, but the need to replace the page which is directly available, no need to find, because the tail end of the stack pointer, which have been replaced pages.
LRU algorithm for implementation must have a lot of hardware support, also need some software overhead. So the actual implementation of LRU is a simple and effective approximation algorithm.
3.1.4 Not recently used (NRU)
The not recently used (NRU) page replacement algorithm is an algorithm that favors keeping pages in memory that have been recently used. This algorithm works on the following principle: when a page is referenced, a referenced bit is set for that page, marking it as referenced. Similarly, when a page is modified (written to), a modified bit is set. The setting of the bits is usually done by the hardware, although it is possible to do the software level as well.
3.1.5 Least frequently used
The least frequently used method, namely LFU algorithm (Least Frequently Used algorithm). The algorithm selected the least recently accessed page as the page is replaced. Obviously, this is a very reasonable method, because so far the least used of the page, it is possible to access the page is the future at least. The algorithms not only take full advantage of the situation of main memory in the history of paging information, and correctly reflect the program's locality. However, this algorithm is very difficult, it should be set for each page, a long counter, and to choose a fixed time clock count for each counter. It is replaced in the selection page, from all counters to find a maximum count counter.
3.1.6 Random Page
Random page replacement requires no intelligence and works moderately well. When a page frame is needed, the random algorithm simply select any page frame at random, dumps the page from that frame onto disk, and then uses it. If the memory reference pattern of the application program is very irregular, for example, as occurs during some list processing application, it may even be the best solution.
4.0 Definition Security Measure
Computer security for any personal computer, it is very important, because personal computers are often saved a great deal of personal information, if they are invading criminals, will result in the loss of one kind or another.
Despite the use of various security measures to prevent a lot of hackers, but due to various operating systems and server software vulnerabilities continue to find ways to attack after another, technology or clever hackers can break through layers of protection, access control permissions system, so to undermine the purpose of the home page.
Because viruses and Trojans are constantly developing, we have to learn new knowledge and protection, to resist the invasion of viruses and Trojans.
5.0 Security Measures that can be taken to Protect
Encryption technology is a proactive information security measures, the most commonly used security measures. Encryption technology is the use of certain encryption algorithm the use of technical means to important data becomes garbled encrypted transmission,
the destination and then uses the same or different means of reduction decryption.
Encryption technology consists of two elements: algorithms and keys. Algorithm is general information or information that can be understood and a string of numbers keys combine to produce the cipher text cannot understand the steps, the key is used to decrypt the data coding and an algorithm. In the security and confidentiality can be done by the appropriate key encryption technology and management mechanisms to ensure information and communication network security. For example, in cryptography, private or secret key encryption, decryption key only know secret information to the party or parties of communication. In traditional encryption keys, a key is common communication so that each could encrypt and decrypt messages. This system is that, if the risk of any party lose key or stolen, the system is broken. Recently one alternative is to use a combination of public and private key. In this system, public keys are used together private key.
Authentication process is to confirm the identity of entities is an important measure to ensure the safety of the system. When the server or system for the services provided, to confirm the identity of visitors, visitors sometimes need to verify the identity of service providers.
Authentication refers to the computer and network systems operator identity confirmation process. Computer network system is a virtual digital world. In this digital world, all the information including the user's identity information is to use a specific set of data to that, the computer only recognizes the user's digital identity, all authorized users of digital identity is authorized for the user. For example, Identity refers to the user to the system to produce their identification process, the main use of the agreed password, smart card and the user fingerprint, retina, and voice and other physical characteristics. Digital certificates provide mechanisms for authentication using public key methods
5.1.3 Access Control
User identity and its ownership by a certain predefined groups to limit user access to certain information items, or restrict the use of certain control functions. Access control is often used for system administrators to control user on the server, directory, file access and other network resources. It only will be access the right for user to process any programs.
Access control features are the following firs to prevent illegal to enter the protected network resources. Second is allowing legitimate users access to protected network resources. Third is to prevent legitimate users of the protected network resources from unauthorized access.
The type of access control can be divided into discretionary access control and mandatory access control into two categories. As discretionary access control is defined by the user the right to create its own access objects such as files, data sheets access, and will grant access to these objects from other users and grant permissions to access the user to recover their. Mandatory access control is defined by the system through a special set of system security officer on the user object created by the mandatory unified control, in accordance with the rules which determine which users can object to the operating system what type of access, Even the creator user, create an object, they may not have access to the object. For example, network logon control
generally requires authenticated user identity to identify the user name, verify the user password, confirm the user identity, and verification of the user account's default permissions. In these three areas, as long as one of the unusual aspects, the user can not log on the network. Among them, the first two aspects of the identity of the user authentication process is a more important part, the user should strengthen the security and confidentiality of the process, in particular to enhance the confidentiality of user passwords. Users can use one-time password, or use the IC card, secure way to prove his identity.
5.1.4 Security attacks
Security attack is the hacker is the specialized research, they are in the network to find vulnerabilities and attack our networks. The main attack techniques and their own vulnerability in the network, hackers, hacking techniques will be applied to attack the network. Software tools such as detectors and scanners are used to understand the network of resources to find the destination network, host and application of the potential vulnerability. For example, there is software designed to crack the code. This software is designed for network administrators, administrators can use them to help employees who forget passwords, or that those who do not tell anyone your password to the company's employees to leave the password.
The types of attack techniques include cryptanalysis, Virus, software exploitation and system penetration.
Hackers use their imagination to analyze the user's password. If you select text attacks are chosen plaintext attacks and chosenciphertext attackcombination. Decipher what
those known include: encryption algorithm, selected by the password cracker plaintext message and its corresponding cipher text, and those selected by the code-breaking
speculative and its corresponding cipher text is deciphered plaintext. But the difficulty of approach, test analysts uses the information available at least.
A virus is a piece of code that executes on a computer system without the knowledge of the computer's owner. Viruses replicate themselves, attach themselves to executable files and are often able to spread to other system on a network. A virus usually arrives on a computer attached to an executable program as a payload. When the user executes the program, the virus starts up and begins to work. Viruses can be few type of categorized.
Macro Virus - A macro virus is inserted into Microsoft Office documents and uses the Office macro scripting capabilities to compromise the system. The document is then emailed to a user who opens the document to read it thereby unleashing the virus.
Boot Sector Virus - A boot sector virus is written to the boot record of a computer's system hard drive such that when the user reboots the system the virus starts up.
Software applications and operating systems, they have great design and programming language has been used by humans to achieve a complex entity. If the test if not seriously sees that the software will still contain errors. One of the most common mistakes of memory buffer has been allocated by the programmer to a specific data storage overflow. When the data is written to the storage area of more than a buffer overflow and spatial distribution of some or all of the system crash, it is possible to leave it open the intruders to take over.
5.1.5 Security Prevention
Security prevention is to prevent hackers or virus attacks, they need to know how to prevent them guilty. Firewall technology for the Internet network was originally taken by the insecurity of a protection and shielded from external factors, internal network secure barrier, its purpose is to prevent unauthorized external access to network users.
Firewalls are generally based on the source and destination addresses, applications, protocols and ports for each IP packet to determine whether or not to make adopted.
It is through the collection and analysis of computer networks or computer systems in a number of key points of information, check whether the network or system security policy violation behavior and signs of attack. Intrusion detection software and hardware combination is IDS. This method can prevent the close of the communication session, to prevent attacks.IDS may be different in the subsequent period of time scheduled or random attacker who tried to prevent the host from all communications sent.
Antivirus is software that monitors a computer for Viruses by looking for irregularities in a computer system and then comparing its findings to a database of virus information. It is important to update virus definitions or signatures regularly and upgrade the software periodically to protect against newly created viruses. Can be used to detect, prevent and clean up or remove such malicious viruses and worms. Such as malware, including but not limited to computer viruses, computer worm, Trojan horses, spyware and adware. Therefore, anti-virus software, software updates can make to protect your computer from the latest viruses.
Operating system is the core of any computer system. It controls the input / output, peripherals, and provides all applications and processes running platform. Operating system based security of the system and the user and the computer interface. Today, most operating systems use the interface of the graphical user interface (GUI), and seamlessly manage multiple processes simultaneously. This study suggests that some operating systems that are commonly used on the Internet system, and to assess their suitability for this purpose. However, if the operating system security measures, protection, and how good the operating system is not let us get the best facilities, so the prevention of the virus is to make reference to the operating system to maintain the best efficiency.