Internal security can be thought of as a way to protect the computer’s resources from the programs concurrently running on the system. Most operating systems set programs running natively on the computer’s processor.
That brings on the problem of how to stop these programs from doing the same task and having the same privileges as the operating system which is just a program too.
Processors used for general purpose operating systems are automatically blocked from using certain hardware instructions such as those to read or write from external devices like disks. Instead, they have to ask the privileged program, or operating system kernel) to read to write. The operating system, therefore, gets the chance to check the program’s identity and allow or refused the request.
An alternative strategy available in systems that don’t meet pre-set requirements is the operating will not run user programs as native code. Instead, they either emulate a processor or provide a host for a “p-Code” based system such as Java.
Internal security is especially important with multi-user systems as it allows each user of the system to have private files that the other users cannot tamper with or read. Internal security is also vital if auditing is to be of any use since a program can potentially bypass the operating system without bypass auditing.
No comments:
Post a Comment