I/O Systems and Security in
Operating Systems
� I/O Systems – Overview
• I/O systems manage the communication
between external devices and the CPU.
• Crucial for effective system performance and
user interaction.
• Key components include:
• - Hardware (devices)
• - Software interface (drivers, OS commands)
• - Data transformation processes (buffering,
interrupt handling)
� Hardware Components
• Input Devices: Allow user data entry (e.g.,
Keyboard, Mouse, Scanner)
• Output Devices: Display or produce data
output (e.g., Monitor, Printer, Speaker)
• Storage Devices: Facilitate long-term data
retention and retrieval (e.g., HDD, SSD, USB)
• All hardware devices need to be managed
through well-defined protocols and hardware
interfaces.
� Interface
• Acts as the middle layer between the OS and
I/O hardware.
• Device Drivers: Provide abstraction for
hardware functions and convert OS
commands.
• I/O Controllers: Manage data flow to/from
peripheral devices and communicate with
CPU.
• Interfaces must support synchronization, error
handling, and communication protocols.
� Transformation Mechanisms
• Buffering: Temporary storage area for I/O data
to handle speed mismatch.
• Spooling: Uses disk as a queue for I/O jobs
(e.g., print jobs).
• Interrupts: Devices alert the CPU when ready,
reducing idle time.
• Polling: CPU continuously checks device status
(inefficient for real-time systems).
� Security & Protection –
Introduction
• Operating systems must protect data and
system integrity.
• Protection mechanisms prevent accidental or
malicious misuse.
• Goals include:
• - Ensuring confidentiality, integrity, availability.
• - Preventing unauthorized access to resources.
• - Monitoring and reacting to security
breaches.
� Access Matrix
• Defines permissions of subjects
(users/processes) over objects (files/devices).
• Matrix representation:
• - Rows = Subjects
• - Columns = Objects
• - Cells = Access Rights (R, W, X)
• Can be implemented as ACLs or Capability
Lists.
� Access Control Techniques
• Discretionary Access Control (DAC): User-
defined permissions (e.g., Unix/Linux).
• Mandatory Access Control (MAC): System-
wide policies (e.g., military systems).
• Role-Based Access Control (RBAC): Roles have
permissions, users are assigned roles.
� Program Threats
• Trojan Horse: Malicious code hidden in
legitimate software.
• Trapdoor (Backdoor): Secret access point
bypassing normal authentication.
• Logic Bomb: Triggers malicious actions under
specific conditions.
• Buffer Overflow: Overwrites memory to
execute arbitrary code.
• Rootkits: Hide presence of malicious software
from OS.
� Cryptography – Importance
• Protects sensitive information from
unauthorized access.
• Ensures safe communication in open and
insecure networks.
• Core Objectives:
• - Confidentiality, Integrity, Authentication,
Non-repudiation
� Types of Cryptography
• Symmetric Key Cryptography: Same key for
encryption/decryption (AES, DES).
• Asymmetric Key Cryptography: Public/private
keys (RSA, ECC).
• Hash Functions: One-way data transformation
(SHA-256, MD5).
� Defense Mechanisms
• Authentication: Passwords, OTPs, biometrics.
• Authorization: Controlled through access
policies.
• Auditing: Monitor and log user activities.
• Firewalls and IDS: Detect and block suspicious
activity.
• Antivirus/Malware Protection: Scan and
remove threats.
� Backup and Recovery
• Essential for data protection in case of failure.
• Full Backup: All files and folders.
• Incremental Backup: Changes since last
backup.
• Differential Backup: Changes since last full
backup.
• Recovery Planning includes RTO and RPO
definitions.
� Conclusion
• I/O systems and security are crucial to system
reliability.
• Efficient I/O improves system throughput.
• Strong security measures protect against
cyber threats.
• A balance between usability and protection is
essential.
� Q&A
• Thank You!
• Questions and Discussions
