resource access control
play

Resource Access Control Radek Pel anek Introduction Mutual - PowerPoint PPT Presentation

Jun 13, 2023 •364 likes •954 views

Introduction Mutual Exclusion Scheduling with Resources Resource Access Control Radek Pel anek Introduction Mutual Exclusion Scheduling with Resources Notions Resources: notions resource something needed to advance execution of a task;

  1. Introduction Mutual Exclusion Scheduling with Resources Resource Access Control Radek Pel´ anek

  2. Introduction Mutual Exclusion Scheduling with Resources Notions Resources: notions resource something needed to advance execution of a task; e.g. printer, file, database lock, ... shared resource resource used by several tasks mutually exclusive resource shared resource that can be used by only one task at a time critical section piece of code executed under mutual exclusion constraint

  3. Introduction Mutual Exclusion Scheduling with Resources Notions Problems how do we assure mutually exclusive access? 1 (see also Operating systems, Parallel Algorithms) mutual exclusion algorithms semaphores how to do scheduling with resources? 2 priority inversion problem priority inheritance/ceiling protocol

  4. Introduction Mutual Exclusion Scheduling with Resources Notions Mutual Exclusion and This Course mutual exclusion – recurring theme today: overview of protocols later: programming: exercises (implementation of protocols) verification: basic example for explanation, exercises

  5. Introduction Mutual Exclusion Scheduling with Resources Motivation Alice, Bob, and Pets Alice has a cat Bob has a dog they share a yard, cat and dog should not be in yard at the same time Alice and Bob cannot see the whole yard, but they see each others window device a “visual protocol” to ensure the “mutual exclusion” (using e.g. flags in windows)

  6. Introduction Mutual Exclusion Scheduling with Resources Motivation Alice, Bob, and their First Attempt Alice: Bob: If there is no flag in Bob’s If there is no flag in 1 1 window: Alice’s window: raise flag raise flag unleash cat unleash dog When cat comes back, When dog comes back, 2 2 lower flag. lower flag.

  7. Introduction Mutual Exclusion Scheduling with Resources Motivation Alice, Bob, and Flag Protocol Bob: Raise flag. 1 While Alice’s flag is Alice: 2 raised: Raise flag. 1 Lower flag. When Bob’s flag is 2 Wait until Alice’s flag lowered, unleash cat. is lowered. When cat comes back, 3 Raise flag. lower flag. Unleash dog. 3 When dog comes back, 4 lower flag.

  8. Introduction Mutual Exclusion Scheduling with Resources Basic Setting Several processes of the following type: while (true) { <noncritical section>; <entry section>; <critical section>; <exit section>; }

  9. Introduction Mutual Exclusion Scheduling with Resources Requirements mutual exclusion: only one process at a time in the CS 1 absence of deadlock: in every situation some process can 2 make progress absence of starvation (liveness): if a process wants to 3 access CS, it will eventually be able to do so a process that halts in its noncritical section must do so 4 without interference with other processes

  10. Introduction Mutual Exclusion Scheduling with Resources Assumptions each process spends only finite time in a critical section no assumptions about relative speed of processes process interleaving can happen at any point → protocol must work for any possible interleaving

  11. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols Test-and-Set Instruction testset(i) : atomic instruction (hardware support): if i = 0 then { i := 1; return true; } else return false; shared variable busy (initial value 0 ) while (true) { <noncritical section>; while not testset(busy) do {}; <critical section>; busy := 0; }

  12. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols Importance of Atomicity what happens if the testset instruction is not atomic? which requirement is violated? find the execution which violates mutual exclusion

  13. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols Software Realization now we discuss several software realizations of mutual exclusion at first we consider just 2 processes we start with wrong attempts – used to illustrate concepts

  14. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols The First Attempt shared variable turn (initial value 0 ) Process 0: Process 1: while (true) { while (true) { <noncritical section>; <noncritical section>; while turn != 0 do { }; while turn != 1 do { }; <critical section>; <critical section>; turn := 1; turn := 0; } }

  15. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols The First Attempt: Discussion mutual exclusion: OK absence of deadlock: OK strict alternation of processes ⇒ starvation if one process does not want to access CS or one process wants to access CS much more often than the other one, the protocol does not work (well)

  16. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols The Second Attempt shared variables flag[0], flag[1] (initialised to false ) – meaning I’m in CS Process 0: Process 1: while (true) { while (true) { <noncritical section>; <noncritical section>; while flag[1] do { }; while flag[0] do { }; flag[0] := true; flag[1] := true; <critical section>; <critical section>; flag[0] := false; flag[1] := false; } }

  17. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols The Second Attempt: Discussion same as non-atomic testset absence of starvation: OK absence of deadlock: OK mutual exclusion not satisfied

  18. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols The Third Attempt shared variables flag[0], flag[1] (initialed to false ) – meaning I want to access CS Process 0: Process 1: while (true) { while (true) { <noncritical section>; <noncritical section>; flag[0] := true; flag[1] := true; while flag[1] do { }; while flag[0] do { }; <critical section>; <critical section>; flag[0] := false; flag[1] := false; } }

  19. Introduction Mutual Exclusion Scheduling with Resources Simple Protocols The Third Attempt: Discussion absence of starvation: OK mutual exclusion: OK deadlock can occur

  20. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Peterson’s Algorithm flag[0], flag[1] (initialed to false ) – meaning I want to access CS turn (initialized to 0 ) – used to resolve conflicts Process 0: Process 1: while (true) { while (true) { <noncritical section>; <noncritical section>; flag[0] := true; flag[1] := true; turn := 1; turn := 0; while flag[1] and while flag[0] and turn = 1 do { }; turn = 0 do { }; <critical section>; <critical section>; flag[0] := false; flag[1] := false; } }

  21. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Peterson’s Algorithm: Discussion mutual exclusion: OK absence of starvation: OK absence of deadlock: OK Can be extended for more than 2 processes (non-trivial).

  22. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Lamport’s Bakery Algorithm protocol which works for n processes simulation of a “ticket system” at post office (bakery) process wants to access CS ⇒ it is assigned the “next” ticket process with the lowest ticket is allowed to access CS non-atomicity of ticket assignment – requires special checking

  23. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Lamport’s Bakery Algorithm number[i] – current ticket number choosing[i] – I’m choosing my ticket number Process i: while (true) { <noncritical section>; choosing[i] := 1; number[i] := 1 + max(number[0], ..., number[N-1]); choosing[i] := 0; for j:=0 to N-1 { while (choosing[j]) do {} while (number[j] != 0 and (number[j], j) < (number[i], i)) do {} } <critical section>; number[i] := 0; }

  24. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Fischer’s Protocol real-time protocol – correctness depends on timing assumptions simple, just 1 shared variable, arbitrary number of processes assumption: known upper bound D on reading/writing variable in shared memory each process has it’s own timer (for delaying)

  25. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Fischer’s Protocol id – shared variable, initialized -1 each process has it’s own timer (for delaying) for correctness it is necessary that K > D Process i: while (true) { <noncritical section>; while id != -1 do {} id := i; delay K; if (id = i) { <critical section>; id := -1; } }

  26. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Fischer’s Protocol: Exercise suppose K < D : find a run which violates mutual 1 exclusion suppose K > D : prove the correctness (advanced) 2

  27. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Alur and Taubenfeld’s protocol Fischer’s protocol: process delays even if it is the only trying to access CS Alur and Taubenfeld’s protocol eliminates this waiting same assumptions as Fischer’s protocol (particularly known D) x, y – shared int variables, z – shared boolean variable

  28. Introduction Mutual Exclusion Scheduling with Resources Well-known Protocols Alur and Taubenfeld’s protocol Process i: while (true) { <noncritical section>; start: x:=i; while (y != 0) do {} y := i; if (x != i) { delay 2*D; if (y != i) goto start; while (! z) do {}; } else {z := true; } <critical section>; z := false; if (y == i) y:= 0; }

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios Kokoris-Kogias, Prof. Bryan Ford 1 Motivation Access Control: Management of access to a resource Simple access control Static binding

494 views • 24 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files &amp; processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
Resource Access Control in the Facebook Model K. Chronopoulos 1 M. Gouseti 1 A. Kiayias 2 1

Resource Access Control in the Facebook Model K. Chronopoulos 1 M. Gouseti 1 A. Kiayias 2 1

Resource Access Control in the Facebook Model K. Chronopoulos 1 M. Gouseti 1 A. Kiayias 2 1 University of Amsterdam, The Netherlands 2 Department of Informatics &amp; Telecommunications University of Athens, Greece The 12th International

544 views • 40 slides
SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
CS419 Spring 2010 Computer Security Access Control: Policies and Mechanisms Vinod Ganapathy

CS419 Spring 2010 Computer Security Access Control: Policies and Mechanisms Vinod Ganapathy

CS419 Spring 2010 Computer Security Access Control: Policies and Mechanisms Vinod Ganapathy Lectures 9 and 10 Access Control The prevention of unauthorized use of a resource, including the prevention of use of a resource in an

1.17k views • 90 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient access control and authentication checks Insecure access control methods Private, internal functions and data are accessible through a

547 views • 11 slides
Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a simple, modular approach to networked access control with scalability in mind. Easy management from a central location PC from anywhere with an

196 views • 9 slides
Resource and Admission Control Resource and Admission Control for Next Generation Networks for

Resource and Admission Control Resource and Admission Control for Next Generation Networks for

I nternational Telecom m unication Union ITU-T Resource and Admission Control Resource and Admission Control for Next Generation Networks for Next Generation Networks Hui-Lan Lu, Ph.D. Q.4/ 13 Rapporteur Bell Labs, Lucent Technologies I

229 views • 10 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confiden5ality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ applica5on Hardware/

985 views • 46 slides
Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer Security Announcements intermission Day 10: OS security: access control Multilevel and mandatory access control Stephen McCamant University of

324 views • 10 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confidentiality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ application

1.31k views • 50 slides
Ariane 5.01 failure Patriot failure Mars orbiter loss (overflow) (float rounding) (unit error)

Ariane 5.01 failure Patriot failure Mars orbiter loss (overflow) (float rounding) (unit error)

Motivation (1 mn) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Abstract interpretation, reminder (10 mn) . . . . . . . . . . . . . . . . . . 6 Applications of abstract interpretation (2 mn) . . . . . . . . .

876 views • 16 slides
Scheduling Marcel Kneib marcel.kneib@posteo.de Hochschule RheinMain Jonas Reininger

Scheduling Marcel Kneib marcel.kneib@posteo.de Hochschule RheinMain Jonas Reininger

User-Level CPU Inheritance Scheduling Marcel Kneib marcel.kneib@posteo.de Hochschule RheinMain Jonas Reininger jonas.reininger@gmail.com Hochschule RheinMain Introduction Scheduling in user-level Hierarchy of schedulers

346 views • 16 slides
CS 31: Intro to Systems Deadlock Martin Gagne Swarthmore College April 25, 2017 What is

CS 31: Intro to Systems Deadlock Martin Gagne Swarthmore College April 25, 2017 What is

CS 31: Intro to Systems Deadlock Martin Gagne Swarthmore College April 25, 2017 What is Deadlock? Deadlock is a problem that can arise: When processes compete for access to limited resources When threads are incorrectly synchronized

599 views • 55 slides
Analyzing Real-Time Systems Reference: Burns and Wellings , Real-Time Systems and Programming

Analyzing Real-Time Systems Reference: Burns and Wellings , Real-Time Systems and Programming

Analyzing Real-Time Systems Reference: Burns and Wellings , Real-Time Systems and Programming Languages 17-654/17-754: Analysis of Software Artifacts Jonathan Aldrich Real-Time Systems Definition Any system in which the time at which

374 views • 20 slides
R e a l - T i me S y s t e ms , w e r e b e t t e r i n t h e p a s

R e a l - T i me S y s t e ms , w e r e b e t t e r i n t h e p a s

R e a l - T i me S y s t e ms , w e r e b e t t e r i n t h e p a s t ( o h , r e a l l y ? ) H a n s Z u i d a m, f o r 0 4 0 c o d e r s . n l S e p t e mb e r 2 0 ,

456 views • 44 slides
Multicore for safety-critical embedded systems: challenges and opportunities Giuseppe Lipari

Multicore for safety-critical embedded systems: challenges and opportunities Giuseppe Lipari

Multicore for safety-critical embedded systems: challenges and opportunities Giuseppe Lipari CRIStAL Universit de Lille Centre de Recherche en Informatique, Signal et Automatique de Lille June 23, 2016 Giuseppe Lipari (CRIStAL)

1.39k views • 105 slides
Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main

Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main

Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main Objectives Implement a sustained and affordable human and robotic program to explore the solar system and beyond; Extend human presence

745 views • 37 slides
LBNE Beam Simulation G4 needs Thoughts... Requests... Paul Lebrun CD/APC/ Fermilab, March

LBNE Beam Simulation G4 needs Thoughts... Requests... Paul Lebrun CD/APC/ Fermilab, March

LBNE Beam Simulation G4 needs Thoughts... Requests... Paul Lebrun CD/APC/ Fermilab, March 24 2014. Take Home message For the most part, Geant4 and MARS are adequate for we need to do. Assuming that a ~10 to 15 % absolute prediction

148 views • 13 slides

More recommend