P1L3 Flashcards

1
Q

Operating Systems Definition

A

Hardware: I/o…Memory….CPU
Operating Systems: Windows or Android, etc
Applications run on operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Operating Systems’ uses

A
  • Makes it easier to use resources. Allows for high-level abstractions ­like files
    ­- Hardware is controlled by the OS
    ­- Provides isolation ­(each process believes it is the only one running on the system)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

TCB

A

trusted computing base/kernel

  • The operating system has direct control of the hardware resources.
  • The OS must determine who is an authorized user of the resources.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TCB (trusted computing base) Requirements

A
  • Complete mediation ­: the OS comes between the hardware resources and applications. The OS must make sure the application has the necessary authorizations.
  • The OS must be tamperproof.
  • The OS must be correct­­: the protected resources are used properly.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

OS controls access to protected resources by?

A

­- Establish the source of the request (authentication - who?)
­- Authorization or access control ­ does the source of the request have the right to access the resource.
- The OS follows the policies for authorization and authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

claim that 1 OS is more secure is based on

A

it’s less likely to be a target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is a system call?

A
  • ask the OS for (access to) resources.
  • is often called protected procedure call
  • go through call gates (controlled/defined fashion)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

why does system call have higher cost?

A
  • user domain to OS domain (control transfer)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can we trust OS?

A
  • hardware support memory protection

- processor execution modes/rings (system & user)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is system call instruction in x86

A

sysenter/sysexit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

how to achieve untrusted user code isolation?

A

hardware support

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

how do hackers access to OS secure memory?

A
  • firmware

- refresh mechanism of a dynamic ram

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

address space

A
  • a container, collection, sequence of memory location
  • unit of isolation
  • 2^32 for 32bit system and 2^64 for 64bit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

process views memory as

A
  • continuous, available memory location, can even be bigger than the physical memory (virtual memory)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

memory process

A
  • logical addr - addr space - physical memory or ram

- isolate physical addrs that are accessible by process A to physical addrs that are accessible by process B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

page table

A
  • page#|displ for each memory location (logical/virtual address translation)
  • managed by OS
17
Q

process data/code protection

A

OS will not map a logical page of process A to a physical page of process B unless explicit sharing is desired.

18
Q

use of processor memory management unit (MMU)

A
  • use page table to resolve virtual addresses to physical addresses
  • rwx bit on page limits type of access
19
Q

how does TCB ensure complete mediation?

A
  • make sure no protected resources could be accessed w/o going through the TCB
  • TCB acts as a reference monitor that cannot be bypass
20
Q

how does the OS ensure complete mediation?

A
  • virtualizes physical resources and provides API
  • file for storing persistent data on disk
  • virtual resources must be translated to physical resource handle
21
Q

how does virtualization limit the damage of a hacked OS?

A
  • H/W - hypervisor (virtual machine monitor) - VMs (guess OS and apps)
22
Q

how does TCB ensure correctness?

A
  • smaller and simpler hypervisor.

- secure coding with type safe language