Operating.Systems.and.Middleware.Supporting.Controlled.InteractionTo my familyContentsreface1 Introductionhaptcr Overview2 What Is an Operating System?3 What is Middleware?4 Objectives for the Book1.5 Multiple Computations on One Computer6 Controlling the Interactions Between Computations.117 Supporting Interaction Across Time138 Supporting Inteteraction Across Space15ecurity172 Threads212.1 Introductionl212.2 Example of Multithreaded Programs232. 3 Reasons for Using Concurrent Threads272.4 Switching Between Threads302.5 Preemptive Multitasking372.6 Security and Threads383 Scheduling453.1 Introduction453.2 Thread States463heduling goals493.3.1 Throughput513.3esponse Iim.543.3.3 Urgency, Importance, and Resource Allocation....553.4 Fixed-Priority Scheduling61CONTENTS3.5 Dynamic-Priority Scheduling3.5.1 Earliest Deadline First Scheduling3.5.2 Decay Usage Scheduling663.6 Proportional-Share Scheduling3.7 Security and Scheduling794 Synchronization and Deadlock934.1 Introduction934.2 Races and the need lor Mutual exclusion954.3 Mutexes and Monitors843. 1 The Mutex Application Programing Interface994.3.2 Monitors: A More Structured Interface to Mutexes.. 1034.3.3 Underlying Mechanisms for Mutexes1064. 4 Other Synchronization Patterns.1104.4.1 Bounded buffers1134.4.2 Readers/Writers Locks1154.4.3 Barriers1164.5 Condition Variables.1174.6 Semaphores12314.7 Deadlock1244.7.1 The Deadlock Problem1264. 7.2 Deadlock Prevention Through Resource Ordering1284.7.3 Ex Post Facto Deadlock Detection1294.7.4 Immediate Deadlock DetecTion.1324.8 Thc Interaction of Synchronization with Scheduling.....1344.8.1 Priority Inversion..1354.8The Convoy phenomenon1374.9 Nonblocking synchronization1414.10 Securily and Syuchironizalion5 Atomic Transactions1595.1 Introduction1595.2 Example Applications of Transactions1625.2.1 Database Systems1635.2.2 Message-Queuling systems1675.2.3 Journaled File Systems1725.3 Mechanisms to Ensure Atomicity5.3.1 Serializability: Two-Phase Lockiing1745.3.2 Failure Atomicity: Undo Logging1835.4 Transaction Durability: Write-Ahead Logging186CONTENTSV115.5 Additional Transaction Mechanisms.1905.5.1 Increased Transaction Concurrency: Reduced Isolation 1915.5.2 Coordinated Transaction Participants: Two-Phase Com-mit1935.6 Security and Transaction1966 Virtual Memory2076.1 Introductionl076. 2 Uses for Virtual Menor2126.2.1 Private Storage2126.2.2 Controlled Sharing2136.2.3 Flexible Memory Allocation2166.2.4 Sparse Address Spaces2196.2.5 Persistence2196.2.6 Demand-Driven Program Loading2206.2.7 Efficient Zero Filling2216.2.8 Substituting Disk Storage for RAM222Mechanisms for Virtual Memory2236.3.1 Soflware Hardware Interface2256.3.2 Linear Page Tables.,2296.3.3 Multilevel Page Tables2346.3.4 Hashed Page Tables2396.3.5 Segmentation2426.4 Policies for Virtual Memory2476.4.1 Fetch Policy2486.4.2 Placement policy2506.4.3 Replacement Policy2526.5 Security and Virtual Memory2597 Processes and Protection2697.1 Introductionl2692 POSIX Process Management AP2717.3 Protecting Memory28117.3.1 The Foundation of Protection: Two Processor Modes2827.3.2 The Mainstream: Multiple Address Space systems..2853.3 An Alternative: Single Address Space Systems2877.4 Representing access Rights.2897.4.1 Fundamentals of Access rights1.2 Capabilities.2957.4.3 Access Control Lists and Credentials299CONTENTS7.5 Alternative Granularities of Protection7.5.1 Protection Within a Process7.5.2 Protection of Entire Simulated Machines].3096 Security and protection3138 Files and Other Persistent Storage3298.1 Introduction8.2 Disk Storage Technology8. 3 POSIX File aPi3368.3.1 File Descriptor3368.3.2 Mapping files Into Virtual memory3418.3.3 Reading and Writing Files at Specified Positions8.3.4 Sequential Reading and Writing344阝4 Disk Space allocation..3468.4.1 Fragmentation8.4.2 Localit...3508.4.3 Allocation Policies and Mechanisms3528.5 Metadata35418.5.1 Data Location Meladalal35518.5.2 Access Control Metadata3648.5.3 Other Metadata.3676 Directories and Indexing3678.6.1 File Directories Versus Database Indexes36718.6. 2 Using Indexes to Locale Files.3696.3 Filc linking37018.6.4 Directory and Index Data Structures8.7 Metadata Integrity8. 8 Polymorphism in File System Implementations3798.9 Security and Persistent Storage3809 Networking3919.1 Introduction3919.1.1 Networks and Internets3929.1.2 Protocol Layers9. 1.3 The End-to-Fnd Principle9.1.4 The Networking Roles of Operating Systems, Middle-ware, and Application Software3989.2 The Application Layer9. 2. The Web as a Typical Example399CONTENTS9.2.2 The Domain Name System: Application Laver as Infrastructur4029.2.3 Distributed File Systems: An Application Viewed ThroughOperating systems4059.3 The Transport layer4079.3.1 Socket APIs.,4089.3.2 TCP, the Dominant Transport Protocol49.3.3 Evolution Within and Beyond TCPI4179.1 The Network Layer1189.4.1 IP. Versions 4 and 64189.4.2 Routing and Label Switching4219.4.3 Network Address Translation: An End to End-to-End?4229.5 The Link and Physical Layers259.6 Network Security1279.6.1 Security and the Protocol Layers,4289.6.2 Firewalls and Intrusion Detection Systems4309.6.3 Cryptography4310 Messaging RPC, and Web Services44310.1 Introductionl44310.2 Messaging Systems444110.3 Remote Procedure Calll44710.3.1 Principles of Operation for RPC4480.3.2 An Example USing Java RMI45110.4 Wcb Scrviccs45510.5 Security and Communication Middleware46311 Security47311.1 Introduction.,47311.2 Security Objectives and Principles47411.3 User Authenticate48011.3.1 Password Capture Using Spoofing and phishing48111.3.2 Checking Passwords Without Storing Them4831.3.3 Passwords for Multiple, Independent Systems18311.3.4 TwO-Factor Authentication48311.4 Access and Information-Flow Controls48611.5 Viruses and worms.4911.6 Security Assurancel49511. 7 Security monitoring.49711.8 Key security best Practices500CONTENTSA Stacks511A 1 Stack-Allocated Storage: The Concept512A 2 Representing a Stack in MemorA. 3 Using a Stack for Procedure Activations514Bibliography517