Beruflich Dokumente
Kultur Dokumente
Platforms AVR, Coldfire, CortexM3, MSP430, PIC32, 8051 680x0, 683xx, ARM, ColdFire, MIPS32, PowerPC x86 ARM9+ AVR, STM8 Atmel AT91SAM3(U/S), Energy Micro EFM32, NXP LPC13x/LPC17x, ST MicroSTM32, Texas Instruments LM3S, Toshiba TMPM330, Microchip PIC32MX, Microchip PIC24F, PIC24H, dsPIC30F & dsPIC33F DSP56K, I196, IA32, ARM, AVR Freescale Coldfire V1, Freescale HCS08, Texas Instruments MSP430 and Atmel ATMEGA328/128 (Port for PIC18 in development IA32, ARM9 x86, ARM7, ARM9, Cortex-M0, CortexM3, CortexM4, PowerPC e200z, STM8,AVR, MSP430, Coldfire, H8S ? IA32, ARM, AVR, H8, PIC, 8051 AVR, MSP430 8080, Z80, 8086
BeRTOS BRTOS
embedde d embedde d
active active
CapROS ChibiOS/RT
GNU GPL
Modified GNU GPL orpro prietary ? ? proprieta ? ry BSD open source proprieta closed ry (meanw hile: open source) proprieta closed ry BSD open source proprieta closed ry proprieta closed
active active
8086, 286, 386, 68000, (also 8080/Z80 in dual-processor variants) MSP430, AVR GEC 4000 series x86, PowerPC, PowerQUICC
DioneOS
ry proprieta ry proprieta ry proprieta ry free? Open Source and Commerc ial ? modified GNU GPL modified GNU GPLand e CosPro license proprieta ry BSD License GPL+Linki ng exception GPL
critical embedde d general purpose process control ? MCU, DSC, DSP SoC
active
DSOS eCos
? open source open source with nonfree portions closed open source Open Source
defunc t active
TI-980A minicomputer ARM/XScale, CalmRISC, 68000/Coldfire, fr30, FR-V, H8, IA32, MIPS, MN10300, OpenRISC, PowerPC, SPARC, SuperH, V8xx ARM/XScale, CalmRISC, 68000/Coldfire, fr30, FR-V, H8, IA32, MIPS, MN10300, NIOS2, OpenRISC, PowerPC, SPARC, SuperH, V8xx
eCosPro
active
8/16/32 bit processors ARM, LEON, MicroBlaze, x86 ARM7, H8 (Hitachi), Nios2 (Altera), PIC24/dsPIC/PIC32 (Microchip), ST10 (ST Microelectronics)/C167 (Infineon), PPC z7 Mamba, AVR, Tricore1, Mico32, S12XS, H8 IA32
EROS
open source
experime ntal research use embedde d general purpose embedde d embedde d embedde
dorma nt
AVR 186, 286, 386, V60, V70, 68000 Posix, Windows, ARM7 ARM, AVR, AVR32, Freescale ColdFire, HCS12, IA32, MicroBlaze, MSP430, PIC, Renesas H8/S, 8052, STM32 AVR, MSP430, Cortex-M3
FunkOS
active
Fusion RTOS
source ?
d semigeneral purpose safety critical ? ? FPGA general purpose general purpose embedde d MS Windows extension embedde d embedde d, safety critical embedde d embedde d active ARM, Blackfin, StarCore, DSP 56800E
HeartOS
proprieta ry Helium free HP-1000/RTE ? Hybridthread ? s IBM 4680 OS proprieta ry IBM 4690 OS proprieta ry INTEGRITY proprieta ry IntervalZero proprieta RTX ry ITRON, uITRON, microITRON ioRTOS varies
x86, PowerPC, PowerQUICC Open-Source RTOS for HCS08 & AVR MCUs ? Xilinx Virtex-II Pro ML310, Xilinx Virtex-II Pro XUP 286 286, 386 ARM, XScale, Blackfin, Freescale ColdFire, MIPS, PowerPC, x86 x86
varies
active
closed
active
iRTOS LynxOS
open source source code availabl e open source ? ? open source closed (meanw hile: open source) compli mentary source
active active
AVR, ARM7 Motorola 68010, x86/IA-32, ARM, Freescale PowerPC, PowerPC 970, LEON3
MQX
proprieta ry
embedde d
active
PDP-11 386 AVR, MSP430 ARM, MIPS, PPC, SH, x86, XScale
Nokia OS
Nucleus OS
proprieta ry
NuttX RTOS
BSD
ARM
active
ARM (Cortex-M3, M4, R4, R4F, A8, A9, ARM7, ARM9, ARM11), PowerPC, MIPS32, MIPS16e, microMIPS, Coldfire, SuperH Linux user mode, ARM7, ARM9, 8052, SH1, Renesas MC16C/26, Zilog Z16F, Zilog eZ80 Acclaim!, Zilog Z8Encore!, Z80, partial ports for MIPS 32/64-bit x86
active
On Time RTOS-32
proprieta ry
OS4000
active
OpenRTOS
source code availabl e open source closed availabl e to custom ers specific ation ?
see FreeRTOS
PIC10-PIC24, AVR 8bit, STM8 ARM, PowerPC, MIPS, IXP2400, TI OMAP, ARM/strongARM, MIPS, PowerPC, SuperH, x86/Pentium, XSCALE, Motorola 6809, Motorola 68000-series engine control units ?
n/a ?
embedde d ?
active ?
GNU GPL GNU GPL Modified BSD License GNU GPL proprieta ry
open source open source open source open source availabl e to custom ers source code provide d open source ? open source ? ? availabl e to custom ers Open Source
embedde d embedde d embedde d embedde d safety critical, virtualizat ion embedde d, small footprint embedde d ? microkern el ? general purpose embedde d
? ?
? PIC18
discont 6502, 80x86, ARM7, AVR, PowerPC inued ? active ARM7, X86, PowerPC PPC, x86, ARM, MIPS, SPARC/Leon, SuperH
PhoenixRTOS PikeOS
Portos
proprieta ry
active
active ? active
discont Motorola 680x, Motorola 68000 inued active IA32, MIPS, PowerPC, SH-4, ARM, StrongARM, XScale active PIC-30, PIC-24, dsPIC, PIC32MX
QP
RDOS ReaGOS
active
defunc t active
ARM7/9, ARM Cortex-M3/Cortex-M0, MSP430, TMS320C28x, AVR, AVRXmega, ColdFire, 68HC08, M16C/R8C, H8, 8051, 80251, PIC18, PIC24/dsPIC33, Nios II, PSoC1 Data General Nova, Data General Eclipse x86, ATmega, ARM, portable
proprieta ry GPLv2
active active
8080, 8086, 80386 or higher PDP-11 PDP-11 x86, ARM ARM, Blackfin, ColdFire, TI C3x/C4x, H8/300, x86, 68k, MIPS, Nios II, PowerPC, SuperH, SPARC, ERC32, LEON, MongooseV ARM7, ARM9, Cortex-M3, CortexA8, Blackfin, PowerPC, Windows (simulatio n) same as Linux ARM, IA-32, AVR32,M16C, MIPS ARM Atmel/Freescale/NXP/ST/TI, Blackfin, Coldf ire/68K, PowerPC, StarCore, TI/Luminary Stellaris, TI OMAP, XScale 8051, ARM ARM7TDMI and Cortex-M3, Atmel AVR and Mega AVR, Epson S1C17, Motorola M68HC11, TI MSP430, PICmicro 12/14000/16/17/18, PIC24, dsPIC, PIC32, TMS320C2000 ARM, Cortex-M3, CortexM0, XScale, PowerPC, ColdFire, HCS12, M1 6C,MSP430, Windows(simulation) ARM, Cortex-M3, Blackfin, MSP430, AVR ARM, Cortex-M3, Blackfin, PIC18, PIC24, i386 win32/linux synthetic targets ? AVR only Norsk Data computers x86, i386+, ARM, 68k, 8051, ...
rt-kernel
mixed
availabl e to custom ers open source open source source availabl e closed
embedde d
active
Salvo
proprieta ry
embedde d
active
SCIOPTA
proprieta ry
SMX RTOS
closed, source availabl e open source open source open source open source ? availabl e under license availabl e under
active
active
license open source open source ? availabl e to custom ers source availabl e ? availabl e to custom ers
H8/300 ARM
active ?
T-Kernel
THEOS ThreadX
embedde d RTOS ? ?
active
ARM/MIPS/SH/others
? active
Trampoline Operating System (OSE K and AUTOSAR) TNKernel Transaction Processing Facility TRON Project TUD:OS Unison RTOS
GNU LGPL
open source
embedde d
active
? ARC, ARM/Thumb, AVR32, BlackFin, ColdFire/68K, H8/300H, Luminary Micro Stellaris, M-CORE, MicroBlaze, PIC24/dsPIC, PIC32, MIPS, V8xx, Nios II, PowerPC, SH, SHARC, StarCore, STM32, StrongARM, TMS320C54x, TMS320C6x, x86/x386, XScale, Xtensa/Diamond, ZSP AVR, H8/300H, POSIX, NEC V850e, ARM7, Infine on C166, HCS12 or PowerPC
BSD proprieta ry open? GNU GPL Open Source and Commerc ial proprieta ry
open source ?
active active
active ? active
any: not an implementation, but a specification IA-32 Pic32, ARM Cortex (TI Stellaris, ST STM32, NXP LPC1700), SH2A, SH2AFPU, R32C, MIPS4K, {SHARC, Coldfire, TMS320, Altera NIOS, Xilinx Microblaze, Proprietary} ARM7/9/11/Cortex M1/3, AVR, HC11/12/S12, Coldfire, Blackfin, Microblaze, NIOS, 8051, x86, Win32, H8S, M16C, M32C, MIPS, 68000, PIC24/dsPIC33/PIC32, MSP430, PowerPC,
C/OS-II
embedde d
active
C/OS-III
proprieta ry
embedde d
active
? ? proprieta ry
u-velOSity velOSity
? ?
? open source Opencode. Free for noncommer cial or with support license ? ?
? embedde d embedde d
? ? active
SH, StarCore, STM32, ARM7/9/11/Cortex M1/3, AVR, HC11/12/S12, Coldfire, Blackfin, Microblaze, NIOS, 8051, x86, Win32, H8S, M16C, M32C, MIPS, 68000, PIC24/dsPIC33/PIC32, MSP430, PowerPC, SH, StarCore, STM32, PDP-11 ARM7TDMI, AVR, H8 Coldfire M522XX, AVR32, SAM7X, Luminary Micro, LPC2XXX, STR91X, NE64
microkern el ?
active active
? Power Architecture, ARM/XScale, MIPS, x86/Pentium, ColdFire, Blackfin, OMAP, DaVinci ARM, MIPS, PowerPC, RISC ARM, IA32, MIPS, PowerPC, SH-4, StrongARM, xScale x86, MIPS, ARM, SuperH
? proprieta ry proprieta ry
? embedde d embedde d
? active active
Xenomai
GPLv2
general
active
xPC Target
active
x86, x86_64, PowerPC, ARM, Analog Devices Blackfin BF52x, BF53x, BF54x and BF56x x86
Cortex-M3, STM32 ? Motorola 68k AVR, ARM, MIPS32, MSP430, Intel i386, Linux386
An early example of a large-scale real-time operating system was the Transaction Processing Facility developed by American Airlines and IBM for the Sabre Airline Reservations System. Currently the best known, most widely deployed, real-time operating systems are LynxOS OSE QNX RTLinux VxWorks Windows CE
[citation needed]
Authentication mechanisms
An authentication mechanism defines rules about security information, such as whether a credential is forwardable to another Java process, and the format of how security information is stored in both credentials and tokens. Authentication is the process of establishing whether a client is who or what it claims to be in a particular context. A client can be either an end user, a machine, or an application. An authentication mechanism in WebSphere Application Server typically collaborates closely with a user registry. The user registry is the user and groups account repository that the authentication mechanism consults with when performing authentication. The authentication mechanism is responsible for creating a credential, which is an internal product representation of a successfully authenticated client user. Not all credentials are created equally. The abilities of the credential are determined by the configured authentication mechanism. Although this product provides multiple authentication mechanisms, you can configure only a single active authentication mechanism at one time. The active authentication mechanism is selected when configuring WebSphere Application Server global security.
Authentication process
The figure demonstrates the authentication process. Authentication is required for enterprise bean clients and Web clients when they access protected resources. Enterprise bean clients, like a servlet or other enterprise beans or a pure client, send the authentication information to a Web application server using one of the following protocols: Common Secure Interoperability Version 2 (CSIv2) Secure Authentication Service (SAS) Note: Web clients use the HTTP or HTTPS protocol to send the authentication information, as shown in the previous figure.
The authentication data can be from a basic authentication (user ID and password), a credential token (in the case of Lightweight Third Party Authentication (LTPA)), or a client certificate. The Web authentication is performed by the Web Authentication module. The enterprise bean authentication is performed by the Enterprise JavaBean (EJB) authentication module, which resides in the CSIv2 and SAS layer. The enterprise bean authentication is performed by the Enterprise JavaBean (EJB) authentication module The authentication module is implemented using the Java Authentication and Authorization Service (JAAS) login module. The Web authenticator and the EJB authenticator pass the authentication data to the login module (2), which can use the following mechanisms to authenticate the data: LTPA Simple WebSphere Authentication Mechanism (SWAM)
The authentication module uses the registry that is configured on the system to perform the authentication (4). Three types of registries are supported: local OS, Lightweight Directory Access Protocol (LDAP), and custom registry. External registry implementation following the registry interface that is specified by IBM can replace either the local OS or the LDAP user registry. The login module creates a JAAS subject after authentication and stores the credential that is derived from the authentication data in the public credentials list of the subject. The credential is returned to the Web authenticator or to the enterprise beans authenticator (5). The Web authenticator and the enterprise beans authenticator store the received credentials in the Object Request Broker (ORB) current for the authorization service to use in performing further access control checks. If the credentials are forwardable, they are sent to other application servers.
The first type authentication is accepting proof of identity given by a credible person which has evidence on the said identity or on the originator and the object under assessment as his artifact respectively. The second type authentication is comparing the attributes of the object itself to what is known about objects of that origin. For example, an art expert might look for similarities in the style of painting, check the location and form of a signature, or compare the object to an old photograph. An archaeologist might use carbon dating to verify the age of an artifact, do a chemical analysis of the materials used, or compare the style of construction or decoration to other artifacts of similar origin. The physics of sound and light, and comparison with a known physical environment, can be used to examine the authenticity of audio recordings, photographs, or videos. Attribute comparison may be vulnerable to forgery. In general, it relies on the fact that creating a forgery indistinguishable from a genuine artifact requires expert knowledge, that mistakes are easily made, or that the amount of effort required to do so is considerably greater than the amount of money that can be gained by selling the forgery. In art and antiques certificates are of great importance, authenticating an object of interest and value. Certificates can, however, also be forged and the authentication of these pose a problem. For instance, the son of Han van Meegeren, the well-known art-forger, forged the work of his father and provided a certificate for its provenance as well; see the article Jacques van Meegeren. Criminal and civil penalties for fraud, forgery, and counterfeiting can reduce the incentive for falsification, depending on the risk of getting caught. The third type authentication relies on documentation or other external affirmations. For example, the rules of evidence in criminal courts often require establishing the chain of custody of evidence presented. This can be accomplished through a written evidence log, or by testimony from the police detectives and forensics staff that handled it. Some antiques are accompanied by certificates attesting to their authenticity. External records have their own problems of forgery and perjury, and are also vulnerable to being separated from the artifact and lost. Currency and other financial instruments commonly use the first type of authentication method. Bills, coins, and cheques incorporate hard-to-duplicate physical features, such as fine printing or engraving, distinctive feel, watermarks, and holographic imagery, which are easy for receivers to verify. Consumer goods such as pharmaceuticals, perfume, fashion clothing can use either type of authentication method to prevent counterfeit goods from taking advantage of a popular brand's reputation (damaging the brand owner's sales and reputation). A trademark is a legally protected marking or other identifying feature which aids consumers in the identification of genuine brand-name goods. [edit]Authentication
AUTHENTOCATION ALGO Windows Vista and later operating systems support the following 802.11 authentication algorithms: IEEE 802.11 Open System algorithm.
IEEE 802.11 Shared Key algorithm. Wi-Fi Protected Access (WPA) algorithm. This algorithm is supported only for infrastructure basic service set (BSS) networks. WPA algorithm that uses preshared keys (PSK). This algorithm is supported only for infrastructure BSS networks. IEEE 802.11i Robust Security Network Association (RSNA) algorithm. This algorithm is supported only for infrastructure BSS networks. IEEE 802.11i RSNA algorithm that uses PSK. This algorithm is supported for infrastructure BSS networks. This algorithm is also supported for independent BSS (IBSS) networks when used in conjunction with the AESCCMP cipher algorithm. Data authentication
Common functions Functions SHA-3 finalists MAC algorithms Authenticated encryption modes Attacks Misc. Standardization
FSB SHA-3 ECOH GOST HAS-160 HAVAL LM hash MDC-2 MD2 MD4 N-Hash RadioGatn RIPEMD BLAKE Grstl JH Keccak Skein DAA CBC-MAC HMAC OMAC/CMAC PMAC VMAC UMAC Poly1305-AES
Collision attack Preimage attack Birthday attack Brute force attack Rainbow table Distinguishing attack Side-cha Avalanche effect Hash collision MerkleDamgrd construction Salt CRYPTREC NESSIE NIST hash function competition
Authorization Strategies
Authorization controls user access to resources. Using access control lists (ACLs), security groups, and NTFS file permissions, you can make sure that users have access only to needed resources, such as files, drives, network shares, printers, and applications. Security Groups Security groups, user rights, and permissions can be used to manage security for numerous resources while maintaining fine-grained control of files and folders and user rights. The four main security groups include: Domain local groups Global groups Universal groups Computer local groups
Using security groups can streamline the process of managing access to resources. You can assign users to security groups, and then grant permissions to those groups. You can add and remove users in security groups according to their need for access to new resources. To create local users and place them within local security groups, use the Computer Management snap-in of MMC or the User Accounts option in Control Panel. Within the domain local and computer local security groups there are preconfigured security groups to which you can assign users. Administrators Members of this group have total control of the local computer and have permissions to complete all tasks. A built-in account called Administrator is created and assigned to this group when Windows Vista is installed. When a computer is joined to a domain, the Domain Administrators group is added to the local Administrators group by default. Power Users Members of this group have read/write permissions to other parts of the system in addition to their own profile folders, can install applications, and can perform many administrative tasks. Members of this group have the same level of permissions as Users and Power Users in Windows XP Professional. Users Members of this group are authenticated users with read-only permissions for most parts of the system. They have read/write access only within their own profile folders. Users cannot read other users' data (unless it is in a shared folder), install applications that require modifying system directories or the registry, or perform administrative tasks. Guests
Members of this group can log on using the built-in Guest account to perform limited tasks, including shutting down the computer. Users who do not have an account on the computer or whose account has been disabled (but not deleted) can log on using the Guest account. You can set rights and permissions for this account, which is a member of the built-in Guests group by default. The Guest account is enabled by default. You can configure access control lists (ACLs) for resource groups or security groups and add or remove users or resources from these groups as needed. The ability to add and remove users makes user permissions easier to control and audit. It also reduces the need to change ACLs. You can grant users permissions to access files and folders, and specify what tasks users can perform on them. You can also allow permissions to be inherited, so that permissions for a folder apply to all its subfolders and the files in them. Group Policy You can use Group Policy settings to assign permissions to resources and grant rights to users as follows: To restrict which types of users can run certain applications. This reduces the risk of exposing the computer to unwanted applications, such as viruses. To configure many rights and permissions for client computers. You can also configure rights and permissions on an individual computer to be used as the base image for desktop installations, to ensure standardized security management even if you do not use Active Directory.
Auditing features allow you to detect attempts to disable or circumvent protections on resources. You can use preconfigured security templates that meet the security requirements for a given workstation or network. Security templates are files with preset security settings that can be applied to a local computer or to client computers in a domain by using Active Directory.