Protection in File System
In computer systems, alot of user’s information is stored, the objective of the operating system
is to keep safe the data of the user from the improper access to the system.
Protection can be provided in number of ways
Types of Access :
The files which have direct access of the any user have the need of protection. The files which
are not accessible to other users doesn’t require any kind of protection.
The mechanism of the protection provide the facility of the controlled access by just limiting
the types of access to the file.
Access can be given or not given to any user depends on several factors, one of which is the
type of access required. Several different types of operations can be controlled:
Read - Reading from a file.
Write - Writing or rewriting the file.
Execute - Loading the file and after loading the execution process starts.
Append - Writing the new information to the already existing file, editing must be end at
the end of the existing file.
Delete - Deleting the file which is of no use and using its space for the another data.
List - List the name and attributes of the file.
Operations like renaming, editing the existing file, copying; these can also be controlled. There
are many protection mechanism.
each of them mechanism have different advantages and disadvantages and must be appropriate
for the intended application.
Access Control :
There are different methods used by different users to access any file.
The general way of protection is to associate identity-dependent access with all the files and
directories an list called access-control list (ACL) which specify the names of the users and the
types of access associate with each of the user.
The main problem with the access list is their length. If we want to allow everyone to read a file,
we must list all the users with the read access.
�This technique has two undesirable consequences:
Constructing such a list may be tedious and unrewarding task, especially if we do not know in
advance the list of the users in the system.
Previously, the entry of the any directory is of the fixed size but now it changes to the variable
size which results in the complicates space management. These problems can be resolved by
use of a condensed version of the access list. To condense the length of the access-control list,
many systems recognize three classification of users in connection with each file:
Owner - Owner is the user who has created the file.
Group - A group is a set of members who has similar needs and they are sharing the
same file.
Universe - In the system, all other users are under the category called universe.
