In a multiprogramming and time-sharing environment, several users share the system simultaneously. This situation can result in various security problems. Name at least two of these problems. Can we ensure the same degree of security in a time-share machine as we have in a dedicated machine? Explain your answer.
First, let us define these terms: multiprogramming and time-sharing environment, and security. Multiprogramming is a form of processing in which a computer holds more than one program in memory and works on them in round-robin fashion that is, by sharing out the processor's time so that each program receives some attention some of the time. This way of working is in contrast to using the processor to run one program at a time. Time-sharing is an approach to interactive computing in which a single computer is used to provide apparently simultaneous interactive general-purpose computing to multiple users by sharing processor time. So basically, time sharing is for multi-user computer systems. Further, time-sharing is the sharing of a computing resource among many users by means of multiprogramming and multi-tasking. A time-sharing environment supports multiple users simultaneously. The term originated in the 1960s when multiple terminals were first connected to a single mainframe, allowing programmers and students simultaneous access to computing resources. Security is making sure that files are not read or modified by unauthorized persons/programs which include technical, administrative, legal, social, psychological and political issues.
For the first question, because the data and resources are shared in the memory, one user can copy another user's program / memory space. This could be very detrimental if, for example, an administrator was running a decryption protocol, and another user stole the decryption program and/or key. If it is possible to copy someone else's file it may also be possible that an unauthorized user might modify data without owner’s permission, overwrite another program’s area in the memory. There are many types of intruders that would be the reason for the security issues one of them is a passive intruder, Passive -- read files without authorization; Active -- malicious, unauthorized changes; Casual prying; Snooping by insiders --personal challenge to break security (also by former insiders); Financial gain -- theft, blackmail; Espionage -- commercial or military; Virus or worm-- program, not a direct person, (usually) trying to do (usually) general damage via replication. Using system resources (CPU, disk space) without proper accounting causes the printer to mix output by sending data while some other user's file is printing; is also a problem that may arise.
As for the second question, probably not, since any protection scheme devised by a human can also be broken -- and the more complex the scheme is, the more difficult it is to be confident of its correct implementation, note that even in the case of dedicated processing, you still have security issues (most notably, physical access issues (repairmen, etc), and sanitizing media upon system decommission. In real computer security (as opposed to what's in your textbook, apparently), the answer to the second question is "No, it's not as secure”. A case can be made that to secure a system, multi-user operation is required, in order to support multiple roles (systems admin, security auditor, and user) - dedicated operations don't provide a suitable audit trail. Also, it's the rare multiprogramming system these days where the operating system is the weak link - even Windows provides enough security that your biggest threat is idiot and malicious users.
No comments:
Post a Comment