Hardware Abstraction LayerHardware Abstraction Layer (HAL) is the layerthat exists between the hardware and software operating in your system. In thepast hardware used to be much less varied, this is because programs need to bewritten with the drivers from specific pieces of hardware in mind.
Developersdidn’t want to have to update the programs every time a new piece of hardwarewith a new driver came out so hardware was much less varied. Additionally, whena program needed to use a piece of hardware, such as a game or mp3 using yoursoundcard, it accessed it directly. This meant that only one program could beusing a piece of hardware at a time, so in the last example if you wanted toplay an mp3 in the background while your played your game you couldn’t becausethe game was already using the soundcard. This also lead to other issues suchas a program crash locking you out of that piece of hardware.The solution to these problems was the HAL, theHAL exists between the hardware and software in your system. Only HAL can directly access the hardware inyour system, this solved the issue of multiple programs trying to use the samehardware because now they all went through the HAL. This also opened up morehardware variety because the HAL created a standard for hardware that is thesame on every operating system. This means that programs only needed torecognize the HAL instead of different types of drivers, the drivers now toldthe HAL how to access that piece of hardware.
The Android operating system is an example ofan operating system acting as a HAL, in the android system HAL implementations arepacked into modules and then loaded at the appropriate time. A module is madespecifically for a piece of hardware and is loaded on the system only when itis needed. It uses a pointer to direct the module to the correct piece ofhardware to initiate communication and abstraction. V b Anotherexample of a system acting as a HAL, add more hereabout 150 wordsOperating system as recourse managerIn some ways it can be said that an operatingsystems main job is to act as a resource manager. There are many devicesconnected to a modern computer including printers, mice, processors, memorydevices and many more. All of the programs in your computer are competing foraccess to these different recourses.
Giving out a fair amount of memory space,processor time, input/output devices and various other recourses is one of themain jobs of your operating systems. A computer or network with multiple users hasan even greater need for resource management so that users do not interruptanother I/O or access files from another user. However, users do sometimes need to share recourses or access files fromeach other, keeping track of when the users can do this and how much of arecourse each user gets is the job of the operating system.An example of this is the priorities system, inthis system the operations get 100% of the recourse at a time and each operationis given a priority. The highest priority uses the resource first while thenext in line gets ready.
There is the option to changes the priority of tasksas they are running, this is all done by an algorithm, an example of this wouldbe Deadline-monotonic scheduling. This works by assigning the tasks prioritiesbased on when their deadline for finishing is. Some operations will have thesame priority, there are a few ways the determine what happens in thissituation.
One way is to use a roundrobin method another is to use the shortest-job-first(SJF) algorithm, this allows the shortest operation to finish firstwitch stops a backlog of smaller tasks building behind a much larger one. Allof this is performed by the operating system acting as a resource manager. Another way the operating system canallocate recourses is to instead divide them up and allocate certain parts todifferent programs. This can be linked back to the HAL that allowed a hardware recourseto be used by multiple programs at the same time. Deciding how to split up these recourses’ andwhere they are allocated to is all done by the operating system. Add more to examplesabout 100 words eachContextSwitchA context switch is the action of savingthe state of one process and then switching to the save state of anotherprocess while making sure they do not conflict with each other. The context is the content of the CPU registerthat is being switched. There are normally three situations that would requirea context switch.
Multitasking between different processeswhere the CPU needs to switch witch process has access to various parts ofmemory. When the CPU gets interrupted, this normallyhappens through the clock timer, but can happen through some sort of eventtrigger. Switching kernel/user mode also sometimesuses a context switch.
The steps of a context switch happen as follows;The first step is to get into kernel mode, this isnormally started by a system call but this can be unerliable so we need to getan interupt. This is done a a clock/timer that sends regular interupts calledclock ticks to the CPU. Below is a diagram illusatrating a clock tick. The averageamount of clock ticks ranges from 50Hz up to 1,000Hz. Once you are in kernel mode you need to save thecurrent state of the porgram that you are switching from so that it can bereloaded later. This information is save into the into the process controlblock (PCB), the PCB is a data structure that the operating system maintainsfor every process that stores information about that process. Below is a diagram that shows the differentpieces of data that are stored inside the PCB during a context switch. The current page mapping for the program that you areswitching from is also saved into the PCB and is then unmapped so that the nextprgram can be mapped.
The scheduler then determines witch program should runnext, this links back to the section about rescourse management, this would bethe point when the operating system would decide witch operation would be nextin line to recive the resouce. The next program is then loaded using the data storedin its PCB, this includes its old state and and all mapping informtaion. SecurityViolations SSLSSLis the Insertion of cryptography at one layer of the ISO network model (thetransport layer) that limits exchanges between computers to provide security. It works by creating a certificate signingrequest (CSR) on the server, this creates a public and private key. Thecertificate authority (CA) then validates your details by comparing the publicand private keys.
From there you are issued and SSL certificate that is matchedto your private key, from there an encrypted link is established between yourwebsite and the user. Somesecurity violations that SSL helps to protect against are;Breach of confidentiality, this is whereprivate information is taken by a third party, this could include things likebank details or identity information. The goal of this violation is to capturethis data from a system or data stream and use it for identify fraud or tosteal money from an account. Breach of integrity, the goal of this sortof violation is to gain access to unauthorized data and modify it. This sort ofattack can result in the passing of liability to an innocent party or could beused to gain access to a commercial product in order to modify it. Breach of availability, this violations goalis simply to destroy or disrupt the system that the hacker has gained accesstoo. The goal of this attack is to gain some sort of notoriety through the actof destroying an important system. Theft of service, this attack involvesusing the recourses of system in order to use them for malicious acts.
Thiscould include installing a file server onto the system or leaving a backdoorfor later. Denial of service, this attack is meant toprevent the legitimate use of a service, it is important to note that thisviolation can sometimes occur by accident. A Key way that these attacks can take placeis through a network, there is a lot of data moving through various private andpublic lines on the internet. A lot of this data can be very sensitive and is abig target for malicious attacks. There are many different things a hackercould do when gaining access to this data including something like a denial ofservice attack witch could potentially reduce consumer trust in a system. A type of network attack is called a reply attack;this is where a genuine communication between two computers is replayed to oneor both of the original parties. For example, some sort of verification requestcould be replayed in order to gain access to a system.
SSl protects against replay attacks byusing the private key that is assigned when you get your certificate. This key will confirm that messages are formthe correct source and not from a third party attempting a replay attack inorder to gain access to the system.Another way that attackers could gainaccess is through session hijacking, this is Add some more ways itprotects (b) SSL makes use of both symmetric and public-keycryptography. Explain what you understand by these concepts, distinguishingclearly between them. Give examples of each. Identify how each of thesecryptographic techniques is used in SSL, explaining the reasons for the choiceof technique in each case.
(7 marks) (c) SSL is susceptible to a man-in-the-middleattack. Explain the nature of this attack. Identify the precise vulnerabilityof SSL to this attack and discuss how users of SSL can protect themselvesagainst it. (7 marks)Man inthe middle attack A man in the middle attack is a type of networkattack where the hacker inserts themselves into a conversation between two parties.They then imitate both parties in order to gain aces to any information beingshared between them. These attacks are designed to steal sensitive data,including data that potentially wasn’t being sent during the attack, withoutanyone knowing until it’s too late. The main threat of man in middle attacks isthat SSl protected sites are still susceptible to these attacks. Some of theways a man in the middle attack can occur include;Email Hacking, this sort of attack focuses on gainingaccess to the emails of the targeted system this could be a bank or even just aprivate email.
The attacker can then monitor any emails being sent and receivedand wait for their opportunity. An example could be that they could wait for alarge amount of money to be transferred and send an email counting their ownbank details instead of those belonging to the client/bank. Wi-Fi eavesdropping is another very commonmethod for these attacks to take place, the hacker simply needs to set up alegitimate looking Wi-Fi network and wait for a device to connect to it. Onceconnected they will have full access to the device and any data stored on it. “Man”in the Middle AttackIYouare going to send your credit card details to a shopping web site..
.IHowdo you know it is genuine?IA”man in the middle” could pose as the site, publish a counterfeitpublickey and use this to intercept messages…Iusuallysending them on to the real site, encrypted with the realpublickeyISolution:digital certificatesITheseare proof of who or what owns a public keyIPublickeys are digitally signed a trusted partyITrustedparty receives proof of identification from entity andcertifiesthat the public key belongs to the entityICertificateauthorities are trusted parties their public keys areincludedwith web browser distributions; they vouch for otherauthoritiesvia digitally signing their keys (and so on).