Monday, December 6, 2010

MULTIPROGRAMMING & TIME-SHARING ENVIRONMENT SECURITY PROBLEMS

          In computing, multitasking is a method by which multiple tasks, also known as processes, share common processing resources such as a CPU. In the case of a computer with a single CPU, only one task is said to be running at any point in time, meaning that the CPU is actively executing instructions for that task. Multitasking solves the problem by scheduling which task may be the one running at any given time, and when another waiting task gets a turn. The act of reassigning a CPU from one task to another one is called a context switch. Operating systems may adopt one of many different scheduling strategies, which generally fall into three categories that are multiprogramming, time-sharing and real-time systems.
In multiprogramming systems, the running task keeps running until it performs an operation that requires waiting for an external event (e.g. reading from a tape) or until the computer's scheduler forcibly swaps the running task out of the CPU. Multiprogramming systems are designed to maximize CPU usage. Also in multiprogramming, several programs are in memory concurrently; the system switches among the programs for efficient processing, and minimal idle time. The main advantage of multiprogramming makes efficient use of the CPU by overlapping the demands for the CPU and its I/O devices from various users. It attempts to increase CPU utilization by always having something for the CPU to execute.
In time-sharing systems, the running task is required to relinquish the CPU, either voluntarily or by an external event such as a hardware interrupt. Time sharing systems are designed to allow several programs to execute apparently simultaneously. Time-sharing is using scheduling and multiprogramming to provide an economical interactive system of two or more users. The main advantage of time-share system is when the interaction with computer while program is running, short response times (usually less than 10 seconds). The expression 'time sharing' was usually used to designate computers shared by interactive users at terminals, such as IBM's TSO, and VM/CMS. In real-time systems, some waiting tasks are guaranteed to be given the CPU when an external event occurs.

          In a multiprogramming and time-sharing environment, several users share the system simultaneously. This situation can result in various security problems. The two problems are first is stealing or copying one’s programs or data and second is using system resources (CPU, memory, disk space, peripherals) without proper accounting. Stealing or copying user’s files is when writing over another program’s (belonging to another user or to the OS) area in memory and the user may modify the data which is required by another user. One user can copy another user's program / memory space. This could be very detrimental if, for example, an administrator was running a decryption protocol, and another user stole the decryption program and/or key. Using system resources (CPU, disk space) without proper accounting is causing the printer to mix output by sending data while some other user’s file is printing and one user may use the resources but charge expenses to some another user. Resource usage may not be completely controlled, and could cause deadlock for certain users. For example, if user A had resource 1 and was waiting for resource 2, and user B had resource 2 and was waiting for resource 1, deadlock would occur and neither user would be able to make progress in their program, no matter how many time slots they were allocated.

          Can we ensure the same degree of security in a time-share machine as we have in a dedicated machine? Probably not, since any protection scheme devised by man can inevitably be broken by him, and the more complex the scheme, the more difficult it is to feel confident of its correct implementation. It is not as secure and the real question is "How much less secure is it, and does the added exposure outweigh the cost savings for this application”. If you're working with nuclear launch codes, it's going to be hard to argue for saving money by time-sharing. If it's just a bank's database, time-sharing makes sense (and you get added security there because you can have the one guy update software for patching and everybody is running the new software, rather than having 1,000 desktops not all of which are patched). But a case can be made that to secure a system, multi-user operation is required, in order to support multiple roles (security auditor, and user) - dedicated operations don't provide a suitable audit trail.
It's the rare multiprogramming system these days where the operating system is the weak link - even Windows provides enough security.

No comments:

Post a Comment