Programs and the Machine
How are programs built and launched? How does the machine appear to a
running program (process)?
- Overview of the systems programming in C, the
development environment, and runtime environment
- The program and
the process virtual memory: sections, segments, stack, heap, pointers,
alignment, memory allocation, procedure calls
- Execution: threads, cores, registers, context, context switching
- Protected kernel mode: booting, traps, faults, interrupts, kernel
stacks
- Virtualizing the CPU and memory
- Unix programs: main(), arguments, environment variables,
standard I/O, system calls, perror
- Project: building a heap manager
Reading:
Operating System Case Study: Unix
- Unix process model: fork/exit/exit/wait
- The process tree: parents and their children, inheritance,
process groups, signals, job control and the tty
- The file tree: directories and pathnames
- I/O and IPC: read/write, blocking and EOF, files, pipes, and sockets
- File descriptors: inheritance, dup, close, reference counting
- Login, userID, file permissions, setuid
- Project: shell
Reading:
Protection and Security Fundamentals
- The Unix protection system: login, root, setuid, setuid bit
- Identity: labels and attributes
- Programs, services, invocation and isolation, protection
domain, integrity
- Reference monitor: subject, object, guard, authorization
- Trust
- Malware: exploits and attacks
Reading:
Servers: Networking and the Web
The Unix socket abstraction was introduced in the early 1980s and is the basis for most networking software. This unit is a quick introduction to sockets, clients and servers and SaaS, web request/response, and network naming.
- Clients and servers: network socket API, ports
- The kernel network protocol stack
- TCP/IP stream sockets
- Request/response service example: the Web and SaaS
- Internet network naming: IP addresses, domain names (DNS), and web URI/URLs
- Concurrency in clients and servers
Concurrency and Synchronization
Reading:
Resource Management and Scheduling
Resource management policy is a core OS topic. We only scratch the surface, using CPU scheduling as an example.
Network Security, Threats, and Cryptosystems
Basics of secure communication: digests, symmetric and asymmetric crypto, digital signatures, and secure transport (SSL/TLS/HTTPS). Students should understand basic elements and functions at the API level, e.g., as in the java.net classes InetAddress, Socket, ServerSocket, and URLConnection, and the 'top half' security classes Signature, MessageDigest, SSLSocket, Cipher, Key, and Certificate. We discuss examples of how these primitives are used in basic cryptosystems: PKI certificate hierarchy, nonces, HTTPS, code signing, password digest authentication. We are concerned with concepts and not the details of the class interfaces or implementations.
- Authentication with secrets and passwords
- Secure hash functions (fingerprint/digests)
- Threats and attacks: phishing, spearphishing, privilege escalation, dictionary attacks
- Case study: Mandiant report [PDF] on Advanced Persistent Threats
- Crypto functions and keys
- Symmetric vs. asymmetric encryption
- Digital signatures
- The key distribution problem
- Secure Sockets Layer (SSL) and Secure HTTP (HTTPS)
- Certificates and certifying authorities
- Web security architecture
Optional background reading:
File Systems and Storage
- Storage, disks, SSDs, and virtual storage volumes
- Naming: hierarchical pathnames, volumes and mounting, hard links and soft links
- Offsets and logical block numbers
- Metadata: block maps, inodes, directories
- Block allocation and layout
- Block buffer cache, read-ahead, and write-behind
- Failures, recovery, and atomicity
- Reading: OSTEP green column.
- Mentioned only in passing: FFS, journaling, LFS, NFS, Andrew.
Android
As a counterpoint to Unix, and to illustrate the enduring importance of the Unix abstractions,
we take a quick look at modern client-side platforms for application delivery, based on material
made available by Google.
Android is an open-source operating system layered on the Linux kernel, and
provides an operating system framework for personal devices (e.g.,
smartphones and tablets). Android uses Linux kernel abstractions in an interesting
way, and replaces the programming environment (shell etc.) with a Java-based
application framework based on modern abstractions for components, component interactions, and
lifecycle management.
- Android
security architecture. This site follows the class discussion, and also has pointers into developer guides for overviews of the Android permission model and the four key component classes: activities, services, receivers, and providers. This material is in scope at the overview level discussed in classes and in the class slides. The following material is out of scope: other pointers in the security document, details of the component classes, details of the binder, memory management extensions, and Digital Rights Management.
- Optional: Anatomy
and physiology of Android (2008)
Virtual Machines and the Cloud
Infrastructure-as-a-Service (Iaas) and Platform-as-a-Service (PaaS) as examples of OS platforms.
The virtual machine (VM) abstraction and structure: hypervisors. Overview of hardware support for virtual machines: a simplified view of protection rings. Virtual appliances as VM programs. IaaS cloud abstractions (EC2). Elastic scaling of cloud-hosted services.
Network infrastructure as a service.
Optional background reading:
Other
This academic paper introduces fundamental patterns for combining
components, which appear in some form in the systems we study. It is
a little abstract and has a software engineering flavor, but it is
worth your time.
