Operating System Architecture :: Computers Technology Technological papers

Operating System Architecture By gaining control of computers, computer viruses, worms, trojans, software bugs, and bad people can create extraordinary damage by shutting down infrastructure, using online banking to steal money, or using robots to attack people. Our civilization is increasingly depended on computers for survival. Therefore, a fully secure operating system is essential for the society. Below is the architecture by which maximum security against viruses and other threats can be achieved. Operating system and the rest of the software should be modular. Each small module performs a function and may take parameters. For example, a web browser uses an HTML renderer to display a webpage. In turn, the HTML renderer uses a jpg-renderer to display jpg images. An e-mail program might use the same HTML renderer. The rich collection of functions (with application program interfaces) makes writing programs much easier, greatly reduces the need to write the same functionality many times, and allows the same program to work on different computers. Modularity is also essential for stability and internal security of a complex program--failure of some modules to work properly should affect only the functions the modules perform and (usually) should not cause the program to crash or become unnecessarily insecure. Moreover, proper multi-tasking (see below) ensures that a delay in a non-essential module does not excessively delay the program. While the code for a function is loaded once into the memory, multiple executions can occur simultaneously. Functions remain in memory until the memory (RAM) is about to run out; when that happens, functions least likely to be called are unloaded or put into the swap space. Each process has a set of rights and priorities. The rights include the type of resources the process can access such as what devices (speakers, networks, etc.) and files the process can access and at what permission level. For example, a process may be allowed to modify only a certain region of the monitor. A process can be denied access to a file, given a read-only access, allowed to read and append, or allowed read-write access. Ideally, each process is given just enough rights to perform all of the functions it should perform. The priorities are specified for limited resources such as the amount of memory, processing time, bandwidth, and disk space. The priorities are determined based on the importance of each process. The process managers allocate scarce resources based on the priorities.