FILE PROTECTION
FILE PROTECTION
Files often contain information that is highly valuable to their users.
One of the major functions of file system is to protect this information against unauthorized access and physical damage.
Physical Damage may occur because of hardware problems,power failure, head crashes, dirt and extreme temperatures.
In order to prevent such damage some systems performs backup at regular intervals.
To protect the files use the following:
Access Control:
It is the most common approach to protect the files and directories depending upon the identity of the users:
Access Control limits who can access files and how they can access them.
Access Control is implemented by creating an Access Control List.
Access Control List may be associated with each file and directory.
This list contains the user name and the type of access allowed for each user on this file.
When user requests an access to the particular file, The Operating System checks the Access Control List associated with that file.
If that user is listed for the requested access, the access is allowed. Otherwise Access is denied.
The Use of Access Control List create a problem. If large number of users are having read access on a particular file, its ACL becomes very long.
To solve the problem of ACL many systems classify the users of a file into following three types:
Owner: The user who created the file.
Group: A set of users who are sharing the file and need similar access.
Universe: All remaining users in the system constitute the universe.
Password Protection:
Another Approach to protect a file from an unauthorized access is to ue a password with each file.
The owner of a file can control its access by assigning a password.
Only those users who know the password, can access a particular file.
Disadvanatges:
If a separate password is associated with each file, The user will have to remember all passwords which is impossible.
If only one password is associated with all files then cracking of one password is not so much difficult task for an unauthorized user.
Files often contain information that is highly valuable to their users.
One of the major functions of file system is to protect this information against unauthorized access and physical damage.
Physical Damage may occur because of hardware problems,power failure, head crashes, dirt and extreme temperatures.
In order to prevent such damage some systems performs backup at regular intervals.
To protect the files use the following:
- Access Control
- Password Protection
Access Control:
It is the most common approach to protect the files and directories depending upon the identity of the users:
Access Control limits who can access files and how they can access them.
Access Control is implemented by creating an Access Control List.
Access Control List may be associated with each file and directory.
This list contains the user name and the type of access allowed for each user on this file.
When user requests an access to the particular file, The Operating System checks the Access Control List associated with that file.
If that user is listed for the requested access, the access is allowed. Otherwise Access is denied.
The Use of Access Control List create a problem. If large number of users are having read access on a particular file, its ACL becomes very long.
To solve the problem of ACL many systems classify the users of a file into following three types:
Owner: The user who created the file.
Group: A set of users who are sharing the file and need similar access.
Universe: All remaining users in the system constitute the universe.
Password Protection:
Another Approach to protect a file from an unauthorized access is to ue a password with each file.
The owner of a file can control its access by assigning a password.
Only those users who know the password, can access a particular file.
Disadvanatges:
If a separate password is associated with each file, The user will have to remember all passwords which is impossible.
If only one password is associated with all files then cracking of one password is not so much difficult task for an unauthorized user.
Post a Comment