|
The various processes in an operating system must be protected from one another's activities. For that purpose, various mechanisms exist that can be used to ensure that the files, memory segments, CPU, and other resources can be operated on by only those processes that have gained proper authorization from the operating system. Protection refers to a mechanism for controlling the access of programs, processes, or users to the resources'defined by a computer system. This mechanism must provide a means for specification of the controls to be imposed, together with some means of enforcement. As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. Protection was originally conceived as an adjunct to multi-programming operating systems, so that untrustworthy users might safely share a common logical name space, such as a directory of files, or share a common physical name space such as memory. Modem protection concepts have evolved to increase the reliability of any complex system that makes use of shared resources. |
