Chapter 15

Understanding Operating Systems Sixth Edition
Chapter 15 Windows Operating Systems
Learning Objectives
After completing this chapter, you should be able to describe: The design goals for Windows operating systems The role of MS-DOS in early Windows releases The role of the Memory Manager and Virtual Memory Manager The use of the Device, Processor, and Network Managers System security challenges The Windows user interface
2
Understanding Operating Systems, Sixth Edition
Windows Development
First Windows product communication method
Graphical user interface (GUI)
Primary user communication method Needed underlying operating system to translate users requests into system commands
Windows 1.0 (1985)

First Windows application Ran on PC-compatible microcomputers Not a true operating system
Ran on top of MS-DOS Interface between MS-DOS and user
Understanding Operating Systems, Sixth Edition 3
Early Windows Products

Advancements in Windows
Increasingly sophisticated GUI design
Increasingly powerful desktop computers
Windows 3.1
Standardized look and feel
Similar to Apples Macintosh computer
Entry level product

Single-user installations or small-business environments
Early Windows Products (cont'd.)

Windows for Workgroups
Accommodate network users needs (small business)
Programs and features for small LANs Share directories, disks, printers Personal intercommunication: e-mail, chat programs
Operating Systems for Home and Professional Users

Disadvantages running Windows on MS-DOS
Little built-in security No multitasking No interprocess communication capability Difficulty moving MS-DOS to other platforms
MS-DOS worked closely with hardware
Microsoft response
Developed and released succession of Windows
Not mere GUIs; had home and office user appeal
Development of powerful networking products

Windows NT (New Technology)
Operating Systems for Home and Professional Users (cont'd.)
Operating Systems for Networks

Windows NT Development (1993)
No reliance on MS-DOS support Primary market requirements
Portability Multiprocessing capabilities Distributed computing support Government procurement compliance requirements Government security certification
Operating Systems for Networks (cont'd.)

Windows NT versions
Windows NT Workstation
Individuals Desktop operating system
Windows NT Server
Small to medium-sized offices Web servers and off-site locations
Windows NT Server Enterprise Edition

Larger and more complex networks
10

Windows NT name changed (1999) Windows 2000 four packages
Windows 2000 Professional Windows 2000 Server Windows 2000 Advanced Server Windows 2000 Datacenter Server
Windows Server 2003

Same four packages plus Web edition
Windows Server 2008 Release 2 (2009)
11
Design Goals
Fulfilling marketing requirements
Incorporate security features Facilitate decision making (coding process)
Windows networking operating systems

Influenced by several operating system models
Use already-existing frameworks Introduced new features
Object model
Manage and allocate resources Symmetric multiprocessing (SMP) Maximum multiprocessor performance
Design Goals (cont'd.)

Needs
Accommodate user needs Optimize resources
Response
Five design goals
Extensibility Portability Reliability Compatibility Performance
13
Extensibility
Easily enhancing operating system Ensuring code integrity: separate functions
Privileged executive process
Kernel mode Processors mode of operation All machine instructions allowed System memory accessible
Nonprivileged processes protected subsystems

User mode Certain instructions not allowed System memory not accessible
Extensibility (cont'd.)
Four more features
Modular structure
New components added to executive process
Objects
Abstract data types manipulated by special services System resources managed uniformly
Drivers
New file systems, devices, and networks added to system at any time
Remote procedure call

Application calls remote services Regardless of location on network
Portability
Operate on different machines
Different processors or configurations Minimum amount of recoding
System guidelines to achieve goal

Written in a standardized, high-level language
Available in all machines
Accommodated ported hardware Minimized direct code interaction with hardware

Reduced incompatibility errors
Hardware-dependent code isolated into modules

Easily modifiable when ported
Portability (cont'd.)
Windows NT and successors features
Modular code Written in C (most of code) Hardware abstraction layer (HAL)
Dynamic-link library Provides isolation from vendors hardware dependencies
17
Reliability
Robustness of system Ability to protect itself and users
Accidental or deliberate user programs damage
Features strengthening system

Structured exception handling Modular design NTFS file system (NT file system)
Can recover from all error types
Advanced security architecture Virtual memory strategy

Compatibility
Execute programs written for other operating systems (or earlier system versions)
Use protected subsystems
Provide application execution different from primary programming interface
Provides source-level POSIX application compatibility Recent Windows versions

Support existing file systems FAT, CDFS, NTFS
Built-in verification
Important hardware and software
Performance
Achieve good performance levels Windows features
Testing and optimization system calls, page faults, crucial processes Incorporate local procedure call (LPC): guarantee fast communication among protected subsystems Maximize speed of frequently used system services Critical Windows networking software elements built into operating system privileged portion
20
Memory Management
Every operating system
Has own physical memory view Makes application programs access memory in specified ways
Full physical memory

Virtual Memory Manager pages some memory contents to disk
Challenge for all Windows operating systems

Run application programs (Windows, POSIX)
Without programs crashing into each others memory
Memory Management (cont'd.)

Memory layout (recent Windows versions)
Operating system: high virtual memory User code and data: low virtual memory
User process
Cannot read or write system memory directly
Memory paged to disk

User-accessible memory System memory segment labeled paged pool
Memory never paged to disk

System memory segment labeled nonpaged pool
Memory Management (cont'd.)
23
User-Mode Features
VM Manager (virtual machine manager)
User-mode subsystems share memory efficiently Provides process services to manage virtual memory
Allocate memory in two stages Read and/or write protection for virtual memory Lock virtual pages in physical memory Retrieve information about virtual pages Protect virtual pages Rewrite virtual pages to disk
24
Virtual Memory Implementation

VM manager reliance
Address space management Paging techniques
Address space management

Upper half of virtual address space
Accessible only to kernel-mode processes
Code in lower part (kernel code and data)

Never paged out of memory
25
Virtual Memory Implementation (cont'd.)

Paging (VM manager is pager)
Transfers pages
Between memory page frames and disk storage
Complex combination
Software policies: when to bring a page into memory and where to put it Hardware mechanisms: exact manner VM Manager translates virtual addresses into physical addresses
Pager not portable Windows: small code and well isolated

Virtual Memory Implementation (cont'd.)

Paging policies
Dictate how and when paging done Composition
Fetch policy: determines when pager copies a page from disk to memory Placement policy: determines where virtual page is loaded in memory Replacement policy: determines which virtual page is removed from memory to make room for a new page
27
Processor Management
Windows
Preemptive-multitasking, multithreaded operating system
Windows NT process
Requires at least one thread
Default
Process contains one thread
28
Processor Management (cont'd.)

Thread composition
A unique identifier Contents of volatile set of registers indicating processors state Two stacks used during threads execution Private storage area: used by subsystems and dynamic-link libraries
29

Threads
Thread components called threads context Actual data forming context varies from one processor to another Kernel
Schedules threads for execution on a processor
Thread actually executes code Overhead incurred by thread is minimal Unitasking

Process with single thread
31

Multithreading using multitasking
Systems with multiple processors
Process has as many threads as CPUs available All threads belonging to one process: share global variables, heap, environment strings
Versions of Windows since NT

Include some synchronization mechanisms
Avoid problems with multiple threads
32
33
Device Management
Windows NT I/O system and networking descendents provide:
Multiple installable file systems (FAT, CDFS, NTFS) Services making device-driver development easy
Workable on multiprocessor systems
Adding drivers to the system (system administrators)

Remove them dynamically
Fast I/O processing

Drivers written in high-level language
Mapped file I/O capabilities

Image activation, file caching, application use
Device Management (cont'd.)

I/O system
Packet driven
I/O request represented by I/O request packet (IRP)
IRP
Data structure controlling how I/O operation processed at each step
I/O manager IRP creation

Creates an IRP representing each I/O operation Passes IRP to appropriate driver Disposes of packet when operation complete

Driver IRP receipt
Performs specified operation Passes it back to I/O manager or Passes it through I/O manager to another driver for further processing
36

I/O manager tasks
Supplies code, common to different drivers Manages buffers for I/O requests Provides time-out support for drivers Records installable file systems loaded into operating system Provides flexible I/O facilities
Subsystems (POSIX) implement their respective I/O application programming interfaces
Allows dynamic loading of device drivers and file systems

Based on users needs

Windows I/O services
Device-independent model
Multilayered device driver concept
Device driver made up of standard set of routines

Initialization routine, dispatch routine, start I/O routine, completion routine, unload routine, error logging routine
38

I/O manager
Determine driver called to process request
Using file objects name
Driver object
Represents individual driver in system I/O manager creates Created when driver loaded into system May have multiple device objects connected to it
Device object
Physical, logical, or virtual device on the system Describes device characteristics
40
41

Device objects list
Represents physical, logical, virtual devices Controlled by the driver
Advantages of using different objects

Portability
Frees I/O manager from knowing details about drivers Follows pointer to locate driver
Easy loading of new drivers Easy assigning drivers to control additional or different devices
If system configuration changes
43

I/O manager knows nothing about file system Overhead
I/O manager passes information requests back and forth Uses single-layer device driver approach
Simple devices (serial and parallel printer ports)
Uses multilayered approach

More complicated devices (hard drives)
I/O operations asynchronous

Almost all low-level operations
File Management
Windows current versions
Designed to be independent of file system on which they operate Support multiple file systems for hard disks including:
MS-DOSs FAT file system 32-bit FAT file system NTFS
45
File Management (cont'd.)

Virtual file
Primary file handling concept (current windows) Programs perform I/O on virtual files
File handles manipulate them
Executive file object representing all sources and destinations of I/O
Processes call native file object services to read from or write to file I/O manager directs virtual file requests
Real files, file directories, physical devices

File objects
Hierarchical names Protected by object-based security Support synchronization Handled by object services
Opening file
Process supplies files name and type of access required
47

File objects bridge gap
Between physical devices characteristics and directory structures, file system structures, data formats
Provides memory-based representation of shareable physical resources Created with new set of handle-specific attributes
Each time process opens a handle
48
49
50

Mapped file I/O
Important feature of I/O system Achieved by cooperation with I/O system and VM Manager Memory-mapped files exploit VM capabilities
Cache manager uses mapped I/O

Manages its memory-based cache
File management system supports long filenames

Include spaces and special characters Automatically shortens filenames when required
Network Management
Networking
Integral to Windows NT-based operating systems Provides services
User accounts, resource security Communication between computers
Named pipes
Provide high-level interface for passing data between two processes (regardless of locations)
Mailslots
Provide one-to-many and many-to-one communication mechanisms
Network Management (contd.)

Microsoft Networks (MS-NET)
Released in 1984 Model for NT Network Manager
Three components
Redirector Server message block (SMB) protocol Network server
MS-NET components
Extensively refurbished and incorporated into Windows NT and later versions
Network Management (cont'd.)

Redirector
Coded in C programming language Implemented as loadable file system driver Not dependent on systems hardware architecture Function
Direct I/O request from user or application to remote server that has appropriate file or resource
Network can incorporate multiple redirectors
54

SMB Protocol
High-level specification
Formatting messages sent across network
OSI model correlation

Application layer (layer 7) Presentation layer (layer 6)
API called NETBIOS interface

Used to pass I/O requests structured in SMB format to remote computer
SMB protocols and NETBIOS API

Adopted in several networking products before appearing in Windows

Windows Server operating systems
Written in C
Complete compatibility with existing MS-NET and LAN manager SMB protocols
Implemented as loadable file system drivers No dependency on hardware architecture

Where operating system running
56
Directory Services
Active Directory
Database storing all information types General-purpose directory service for heterogeneous network Built entirely around DNS and LDAP Groups machines into administrative units called domains
Each domain gets a DNS domain name (e.g., pitt.edu) Each domain must have at least one domain controller Domain can have more than one domain controller
Active Directory clients use standard DNS and LDAP protocols to locate objects on the network
Directory Services (cont'd.)
58
Security Management
Windows network operating systems
Provide object-based security model Security object
Represent any resource in system (file, device, process, program, or user)
Allows administrators to give precise security access

To specific objects in system allowing them to monitor and record how objects used
Windows biggest concern

Aggressive patch management needed
Combat many viruses and worms
Security Basics
U.S. Department of Defense
Identified and categorized operating system features Seven levels of security
Compliance with Class C2 level security

Features in Windows
A secure logon facility Discretionary access control Auditing ability Memory protection
60
Security Basics (cont'd.)

Multilayered security system
Strives to prevent access by unauthorized users
Password management: first security layer NTFS: second security layer

File access security
Distinguishes between owners and groups Users decide operation types person is allowed to perform on a file Gives user auditing capabilities
Automatically keeps track of who uses files and how
Security Terminology
Built-in security
Necessary element for managers of Web servers and networks Requires authentication mechanism allowing client to prove identity to server Client supplies authorization information Server uses information to determine specific access rights given to client Provides data integrity using various methods
Windows uses Kerberos security

Security Terminology (cont'd.)

Kerberos Security
Authentication, data integrity, data privacy, mutual authentication Each domain has own Kerberos server Microsoft implemented standard Kerberos protocol Microsoft separated users of distributed security services from their providers
Allows support for many options without unusable complexity
63
Security Terminology (cont'd.)
64
User Interface
Start an application
Double-click application icon Select it from Start menu
Quit application
Select Exit from File menu Click x in top-right corner of window
65
User Interface (cont'd.)

Start Menu
Divides functions into logical groups Users access common functions
All Programs Documents, Pictures, Music, and Computer Control Panel Help and Support Search
66
67

Windows Task Manager
Open
Pressing and holding the CTRL, ALT, delete keys
User view running applications and processes

Set priorities of each
User views information

Performance, networking, users logged into system
Windows Explorer (standard utility program)

Contains director, file display tools, file-finding tool Series of pull-down menus
File, Edit, View, Tools, Help, etc.
69
70

Networked systems
Identify and access network resources
Folders, printers, connections to other nodes
Command interface
Resembles MS-DOS Available from most Windows desktops
Keyboard shortcuts: (CTRL+C for copy) Built-in input methods and fonts for languages Windows offers an on-screen keyboard Resource monitor
71
72
73
74
75
76
Summary
Current Windows operating systems
Ease-of-use with technical power Operate network across several platforms
Significant security controls

Allowed inroads to organizations requiring consistent protection Authentication models support new user interfaces Implementation of different security architectures
Require aggressive patch management

Target of viruses and worms

Chapter 15

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Chapter 15

Hochgeladen von

Copyright:

Verfügbare Formate

Understanding Operating Systems Sixth Edition

Chapter 15 Windows Operating Systems

Understanding Operating Systems, Sixth Edition

Windows 1.0 (1985)

Early Windows Products

Entry level product

Understanding Operating Systems, Sixth Edition

Early Windows Products (cont'd.)

Understanding Operating Systems, Sixth Edition

Operating Systems for Home and Professional Users

Development of powerful networking products

Operating Systems for Home and Professional Users (cont'd.)

Understanding Operating Systems, Sixth Edition

Operating Systems for Networks

Understanding Operating Systems, Sixth Edition

Operating Systems for Networks (cont'd.)

Understanding Operating Systems, Sixth Edition

Operating Systems for Networks (cont'd.)

Windows NT Server Enterprise Edition

Understanding Operating Systems, Sixth Edition

Operating Systems for Networks (cont'd.)

Windows Server 2003

Windows Server 2008 Release 2 (2009)

Understanding Operating Systems, Sixth Edition

Windows networking operating systems

Design Goals (cont'd.)

Understanding Operating Systems, Sixth Edition

Nonprivileged processes protected subsystems

Remote procedure call

System guidelines to achieve goal

Accommodated ported hardware Minimized direct code interaction with hardware

Hardware-dependent code isolated into modules

Understanding Operating Systems, Sixth Edition

Features strengthening system

Advanced security architecture Virtual memory strategy

Provides source-level POSIX application compatibility Recent Windows versions

Understanding Operating Systems, Sixth Edition

Full physical memory

Challenge for all Windows operating systems

Memory Management (cont'd.)

Memory paged to disk

Memory never paged to disk

Memory Management (cont'd.)

Understanding Operating Systems, Sixth Edition

Understanding Operating Systems, Sixth Edition

Virtual Memory Implementation

Address space management

Code in lower part (kernel code and data)

Understanding Operating Systems, Sixth Edition

Virtual Memory Implementation (cont'd.)

Pager not portable Windows: small code and well isolated

Virtual Memory Implementation (cont'd.)

Understanding Operating Systems, Sixth Edition

Understanding Operating Systems, Sixth Edition

Processor Management (cont'd.)

Understanding Operating Systems, Sixth Edition

Processor Management (cont'd.)

Thread actually executes code Overhead incurred by thread is minimal Unitasking

Processor Management (cont'd.)

Understanding Operating Systems, Sixth Edition

Processor Management (cont'd.)

Versions of Windows since NT

Understanding Operating Systems, Sixth Edition

Processor Management (cont'd.)