2010

OPERATING SYSTEM DESIG

AND PRINCIPLE

ASSIGNMENT 4

SUBMITTED TO:
RAMANDEEP SIR SUBMITTED BY :
ANJANI KUNWAR
RA1803A10
10807973
B.TECH(CSE)-H
 Part-1

1. Consider any example of your choice and Make

Comparative analysis of different disk scheduling
algorithm.

Solution:
FCFS

SSTF
SCAN

C-SCAN
C-LOOK

DISK SCHEDULING ALGORITHMS

1. FCFS (First Come, First Served)

o perform operations in order requested
o no reordering of work queue
o no starvation: every request is serviced
o poor performance
2. SSTF (Shortest Seek Time First)
o after a request, go to the closest request in the work queue, regardless
of direction
o reduces total seek time compared to FCFS
o Disadvantages
 starvation is possible; stay in one area of the disk if very busy
 switching directions slows things down
3. SCAN
o go from the outside to the inside servicing requests and then back
from the outside to the inside servicing requests.
o repeats this over and over.
o reduces variance compared to SSTF.
 4. LOOK
o like SCAN but stops moving inwards (or outwards) when no more
requests in that direction exist.
5. C-SCAN (circular scan)
o moves inwards servicing requests until it reaches the innermost
cylinder; then jumps to the outside cylinder of the disk without
servicing any requests.
o repeats this over and over.
o variant: service requests from inside to outside, and then skip back to
the innermost cylinder.
6. C-LOOK
o moves inwards servicing requests until there are no more requests in
that direction, then it jumps to the outermost outstanding requests.
o repeast this over and over.
o variant: service requests from inside to outside, then skip back to the
innermost request.

Q2:Identify the purpose of each level of RAID. Give the

significance of parity bit in RAID levels.

Solution:
RAID is a technology that is used to increase the performance and/or reliability of
data storage. The abbreviation stands for Redundant Array of Inexpensive Disks. A
RAID system consists of two or more disks working in parallel. These disks can be
hard discs but there is a trend to also use the technology for solid state drives.

Below is an overview of the most popular levels:

RAID 0: Striping

In a RAID 0 system, data are split up in blocks that get written across all the drives
in the array. By using multiple disks (at least 2) at the same time, RAID 0 offers
superior I/O performance. This performance can be enhanced further by using
multiple controllers, ideally one controller per disk.

Advantages

• RAID 0 offers great performance, both in read and write operations. There is
no overhead caused by parity controls.
• All storage capacity can be used, there is no disk overhead.
• The technology is easy to implement.

Disadvantages
RAID 0 is not fault-tolerant. If one disk fails, all data in the RAID 0 array are lost.
It should not be used on mission-critical systems.

RAID 1: Mirroring

Data are stored twice by writing them to both the data disk (or set of data disks)
and a mirror disk (or set of disks) . If a disk fails, the controller uses either the data
drive or the mirror drive for data recovery and continues operation. You need at
least 2 disks for a RAID 1 array.

RAID 1 systems are often combined with RAID 0 to improve performance. Such a
system is sometimes referred to by the combined number: a RAID 10 system.

Advantages

• RAID 1 offers excellent read speed and a write-speed that is comparable to

that of a single disk.
• In case a disk fails, data do not have to be rebuild, they just have to be
copied to the replacement disk.
• RAID 1 is a very simple technology.

Disadvantages

• The main disadvantage is that the effective storage capacity is only half of
the total disk capacity because all data get written twice.
 • Software RAID 1 solution do not always allow a hot swap of a failed disk
(meaning it cannot be replaced while the server keeps running). Ideally a
hardware controller is used.

RAID 3

On RAID 3 systems, datablocks are subdivided (striped) and written in parallel on

two or more drives. An additional drive stores parity information. You need at least
3 disks for a RAID 3 array.

Since parity is used, a RAID 3 stripe set can withstand a single disk failure without
losing data or access to data.

Advantages

• RAID-3 provides high throughput (both read and write) for large data
transfers.
• Disk failures do not significantly slow down throughput.
Disadvantages

• This technology is fairly complex and too resource intensive to be done in

software.
• Performance is slower for random, small I/O operations.

RAID 4

Diagram of a RAID 4 setup with dedicated parity disk with each color representing
the group of blocks in the respective parity block (a stripe)

A RAID 4 uses block-level striping with a dedicated parity disk. This allows each
member of the set to act independently when only a single block is requested. If
the disk controller allows it, a RAID 4 set can service multiple read requests
simultaneously. RAID 4 looks similar to RAID 5 except that it does not use
distributed parity, and similar to RAID 3 except that it stripes at the block level,
rather than the byte level. Generally, RAID 4 is implemented with hardware
support for parity calculations, and a minimum of 3 disks is required for a
complete RAID 4 configuration.

In the example on the right, a read request for block A1 would be serviced by disk
0. A simultaneous read request for block B1 would have to wait, but a read request
for B2 could be serviced concurrently by disk 1.
For writing the parity disk becomes a bottleneck, as simultaneous writes to A1 and
B2 would in addition to the writes to their respective drives also both need to write
to the parity drive. In this way RAID example 4 places a very high load on the
parity drive in an array.

The performance of RAID 4 in this configuration can be very poor, but unlike
RAID 3 it does not need synchronized spindles. However, if RAID 4 is
implemented on synchronized drives and the size of a stripe is reduced below the
OS block size a RAID 4 array then has the same performance pattern as a RAID 3
array.

RAID 5

RAID 5 is the most common secure RAID level. It is similar to RAID-3 except
that data are transferred to disks by independent read and write operations (not in
parallel). The data chunks that are written are also larger. Instead of a dedicated
parity disk, parity information is spread across all the drives. You need at least 3
disks for a RAID 5 array.
A RAID 5 array can withstand a single disk failure without losing data or access to
data. Although RAID 5 can be achieved in software, a hardware controller is
recommended. Often extra cache memory is used on these controllers to improve
the write performance.
Advantages
Read data transactions are very fast while write data transaction are somewhat
slower (due to the parity that has to be calculated).

Disadvantages

• Disk failures have an effect on throughput, although this is still acceptable.

• Like RAID 3, this is complex technology.

Q3:Demonstrate the usefulness of access matrix in

protection and give its implementation.

Solution:
An Access Control Matrix or Access Matrix is an abstract, formal security model
of protection state in computer systems that characterize the rights of each subject
with respect to every object in the system.

In this matrix example there exists two processes, a file and a device. The first
process has the ability to execute the second, read the file and write some
information to the device, while the second process can only send information to
the first.

Asset 1 Asset 2 file device

Role 1 read, write, execute, own execute read write
Role 2 Read read, write, execute, own

Because it does not define the granularity of protection mechanisms, the Access
Control Matrix can be used as a model of the static access permissions in any type
of access control system. It does not model the rules by which permissions can
change in any particular system, and therefore only gives an incomplete
description of the system's access control security policy.

An Access Control Matrix should be thought of only as an abstract model of

permissions at a given point in time; a literal implementation of it as a two-
dimensional array would have excessive memory requirements. Capability-based
security and access control lists are categories of concrete access control
mechanisms whose static permissions can be modeled using Access Control
Matrices. Although these two mechanisms have sometimes been presented (for
example in Butler Lampson's Protection paper) as simply row-based and column-
based implementations of the Access Control Matrix, this view has been criticized
as drawing a misleading equivalence between systems that does not take into
account dynamic behavior.

Part-2

Q4:Study different security tools available in market.

Discuss cryptography.

Solution:
Cryptography is the study and practice of encoding data using transformation
techniques so that it can only be decoded by specific users. In simpler words, it is a
theory of secret writing. Practitioners of cryptography are known as
cryptographers.

Cryptography is the technique of using mathematics, computer science and

engineering to encrypt and decrypt information. It facilitates a user to store vital
information or send it across insecure networks (like the Internet) so that it cannot
be interpreted by any user except the intentional receiver. While cryptography is
the technique of protecting information, cryptanalysis is the technique of analyzing
and breaching protected communication. Traditional cryptanalysis engages a
remarkable mixture of analytical reasoning, use of mathematical tools, and pattern
discovery. Cryptanalysts are also known as attackers. Cryptology shelters both
cryptography and cryptanalysis.

Security Tools:

Sr. Tool Function

no.
1. Acunetix It is used to scan web vulnerabilities
2. Sam Spade It is used in Foot printing and used to scan web components.
3. Nslookup It is used in Foot printing and used to scan web components.
4. N-map It is used to scan the LAN Network, to weather it is secured
or not.
5. CAPTCHA It is used for Brain Storming in web development.
6. Certin It handles computer security incidents
7. Core It is used by Penetration testers to find vulnerabilities.
Impact

Ques5. Compare caching and Remote Service.

Solution:
Cache

In computer engineering, a cache is a component that transparently stores data so

that future requests for that data can be served faster. The data that is stored within
a cache might be values that have been computed earlier or duplicates of original
values that are stored elsewhere. If requested data is contained in the cache (cache
hit), this request can be served by simply reading the cache, which is comparably
faster. Otherwise (cache miss), the data has to be recomputed or fetched from its
original storage location, which is comparably slower. Hence, the more requests
can be served from the cache the faster the overall system performance is().

As opposed to a buffer, which is managed explicitly by a client, a cache stores data

transparently: This means that a client who is requesting data from a system is not
aware that the cache exists, which is the origin of the name cache (from French
"cacher", to conceal).

To be cost efficient and to enable an efficient use of data, caches are comparably
small. Nevertheless, caches have proven themselves in many areas of computing
because access patterns in typical computer applications have locality of reference.
References exhibit temporal locality if data is requested again that has been
recently requested already. References exhibit spatial locality if data is requested
that is physically stored close to data that has been requested already.

Diagram of a CPU memory cache

Remote Services
Remote Service, formerly known as Terminal Services, is one of the components
of Microsoft Windows (both server and client versions) that allows a user to access
applications and data on a remote computer over a network, using the Remote
Desktop Protocol (RDP). Terminal Services is Microsoft's implementation of thin-
client terminal server computing, where Windows applications, or even the entire
desktop of the computer running terminal services, are made accessible to a remote
client machine. The client can either be a fully-fledged computer, running any
operating system as long as the terminal services protocol is supported, or a
barebone machine powerful enough to support the protocol (such as Windows
FLP). With terminal services, only the user interface of an application is presented
at the client. Any input to it is redirected over the network to the server, where all
application execution takes place. This is in contrast to appstreaming systems, like
Microsoft Application Virtualization, in which the applications, while still stored
on a centralized server, are streamed to the client on-demand and then executed on
the client machine. Microsoft changed the name from Terminal Services to Remote
Desktop Services with the release of Windows Server 2008 R2 in October 2009.
RemoteFX is being added to Remote Desktop Services as part of Windows Server
2008 R2 SP1

Q6:Give the characteristics of multimedia and real time

system.

Solution:
Real-time multimedia refers to applications in which multimedia data has to be
delivered and rendered in real time; it can be broadly classified into interactive
multimedia and streaming media.
Multimedia is a term that describes multiple forms of information, including audio,
video, graphics, animation, images, text, etc. The best examples are continuous
media such as animation, audio and video that are time-based, i.e., each audio
sample or video frame has a timestamp associated with it, representing its
presentation time. Multimedia data has to be presented in a continuous fashion, in
accordance with their associated timestamp. For example, video is typically
rendered at 30 frames per second to give the viewers the illusion of smooth motion.
As a result, multimedia applications typically have the real-time constraint, i.e.,
media data has to be delivered and rendered in real time.
Today, with the advances of digital media and networking technologies,
multimedia has become an indispensable feature on the Internet. Animation, audio
and video clips become increasingly popular on the Internet. A large number of
distributed multimedia applications have been created, including Internet
telephony, Internet videoconferencing, Internet collaboration that combines video,
audio and whiteboard, Internet TV, on demand streaming or broadcasting, distance
learning, distributed simulation, entertainment and gaming, multimedia messaging,
etc.

Real-Time Networked Multimedia

Real-time multimedia can be broadly classified into interactive multimedia and

streaming media. Interactive multimedia applications include Internet telephony,
Internet video-conferencing, Internet collaboration, Internet gaming, etc.