unit v(remem)(full)
DESCRIPTION
Unit v(Remem)(Full)TRANSCRIPT
UNIT-V(CH-I)
RESOURCE MANAGEMENT
An operating system can be viewed as resource manager and virtual memory manager.
Here concentrate on role of resource manager ie how to keep track of resources of the computer system, decide which processes should get to use them, and when they should get to use them.
RESOURCES IN OPERATING SYSTEM:-
1. HARDWARE RESOURCE:- a) Processors---process management
system.b) Memory---- memory management
systemc) I/o device---i/o systemd) Disk space----file system
These hardware resources are transformed into another resources such as
Processes---- virtualization of the entire computer.Virtual memory---virtualization of physical memory.
Logical device--- virtualization of physical device.Files-----virtualization of disk space.Processes are easier to use than the physical processor, because the instruction set is extended with the system call that performs various functions. Therefore there can be number of processes but fixed number of processors.Virtual memory is larger than physical memory and then is virtual address space for each process.Logical device have interface and easier to use than the physical device. A logical device can be said as a part of physical device.Files are easier to use than disk in terms of command, naming and reliability.
Physical and virtual OS resources
Software resources:-These are other resources in an operating system that are not directly related to a specific hardware device.Exclusive access to a file is a resource.A message in a messages queue is also a software resource.Table space is a resource.(process table of fixed size---300 slots. 300 processes can exist in the system.)
RESOURCE MANAGEMENT ISSUES:-
--MODEL OF RESOURCE MANAGEMENTAt various times in their execution, processes require the use of resource controlled by operating system resource manager.--process request the resource.
--process waits until the resource can be allocated to it.--the resource is allocated to the requesting process.---the process uses the resource.---- the process returns the resource to resource manager.There are also some goals and tasks of the resource manager.RESOURCE MANAGEMENT TASKS---1. Allocation:- it assigns resources to
processes that need them.2. Acounting: - it keeps track of the
resource and knows which are free and which process the others are allocated to. It makes sure resources do not get lost or unavailable.
3. Scheduling: - it decides which process should get the resources next when it becomes free.
4. Protection: --it makes sure that processes can only access a resource when the resource manager allows them to.
RESOURCE MANAGEMENT GOALS:-A resource manager controls the use of the resource.
Efficiency:-the resources should be used as much as possible. A resource should be used by the process that needs it the most.
Fairness:- processes should get the resources they need.
No deadlock or starvation:- it should not be possible for a process to be blocked forever waiting for a resource.
Protection:- a process should not be allowed to access a resource without permission to do so from the resource manager.
OS resource management
TYPES OF RESOURCES:-
1)consumable resources and capitals:- the word resource is also used in economics, but there it has a different meaning.
In economics, resources are consumable, ie when they are used, they are used up and can not be used again. Example: oil, steel, timber etc.
Resources like machine tools, factories, trucks are called capital in economics.
When a process is done, memory and disk space can be used again so o.s are not consumable; but there are logical resources that are consumables such as message, ie once a message is read, it is gone and can not be read again, so it is a consumable resource.
Capital resource are harder to manage.
Preemption of resource:-
Time multiplexing a resource means switching between 2 processes from time to time, but at one time one process can complete usage of resource.
But, when to switch between process. One solution is to wait until one process is done with the resource and then give it to next process.
Another possibility is preempt the resource, i.e simply take a resource from one process, even if it is not finished using the resource and give it to the another process.
But the problem here is the resource have a state which process using the resource depends on.
When a resource is preempted, it is necessary to save the state of the resource, so it can be restored. When the resource is returned to the process it is being taken away from it.
For example, we switch the processor to an other process. It consists of saving or loading a few dozen registers.(the cost of preemption is high).
PROTECTION OF RESOURCES:-
THE O.S PROTECT ITS RESOURCES FROM UNAUTHORIZED USE.
Users and processes:- the main active entities in a computer system were user processes(or threads) which caused things to happen by making system calls. There are people we usually call users who initiate user processes. It is the users whose interests and data we want to protect, and The user processes are acting as their agents. So while a user can not really do much in a computer system except through a user process.
The importance of protection of resources:-
the o.s must protect itself from interference by users, and it must protect users from each other. the o.s is in charge of managing the resources of the computer system. this means it decides who gets to use the resources and when. the o.s must protect the interests of the users. This means that one user’s processes should not be able to perform operations on other users processes or data.
Resources that need protecting:-
The resources of a computer system can be divided into two levels, hardware resources and software resources.
Hardware resources:
Processors
Memory
I/o devices
Disks
Each user process gets its fair share.
We want to protect the memory so that one process can not read, write or execute in the memory of another process unless such sharing is explicitly allowed by the process. we want to be sure that a process has access to an i/o device only when it is allowed to by the operating system.
We want to make sure each user has a fair share of the disk, and that information on the disk is protected from unauthorized destruction , modification, or disclosure.
Software resources:-
the software resources are the virtual resources can be used to protect the hardware resources plus some other o.s resources that have no direct hardware equivalent.
Processes
Virtual memory
Logical devices
Files
Ipc objects: semaphores, message queues, ports
Shared memory.
What we are protecting againest:-
There are 4 types of protection failure that can happen to the resources in a computer system.
1. Unauthorized disclosure of information:-information that is private is revealed to someone who is not authorized to have the information.
2. Unauthorized modification of information:-information is changed by someone who is not authorized to change the information. This includes loss of data, modification of data, and Falsification of data.
Denial of service:- people who are authorized to use the computer are prevented from doing so. This includes interruption of service, denial of service, slowing down of service.Unauthorized use of service:- people who are not authorized to use the service do anyway.Authorization:-The protection system will maintain a database of information that records the objects each user can access and what operations can be performed on them. For example, for each file, information is kept about who can read it, who can write it, and who can execute it. The job of the protection system is to enforce these constraints, that is, to allow authorized actions and to prevent unauthorized actions.Authentication:-
An authentication says that a certain user can perform certain operations on an object. For example bank teller system require
A card with a magnetic strip and a password.(called a pin).
Security and protection analogies:-computer systems have protection mechanisms so that people will not use their resources in unauthorized ways. A person’s files should be private. It should not be possible for someone’s else to read those files if the owner does not want them to. Also, other people should not be able to change existing files, add new files, or delete files unless the owner allows them to. A person should have an account on a system in order to use it, and should not be able to run programs or print documents unless they are authorized to do so.
General strategy for protection:-
The first step in a protection system is to authenticate all users. This is usually done with a login process and typically requires a password. A user process can only use the software resources provided by the system. The software(or virtual) resources can only be accessed through system calls. So it is necessary to add a processing step to each system call that verifies that the process making the system call is allowed to perform this operation on this object. The hardware protection ensures that all accesses to resources must go through these software checks.
Parts of a protection system:-
To provide protection, we need to do four things.
1. First, we have to be able to know for certain which user each process represents.
2. Second, we need to be sure that a process can not affect any physical resource except by a system call that requests an operation on a logical object that is the logical version of that physical resource.
3. Third, we need to keep information about what operations each user can perform on each logical object.
4. Fourth, we need to be sure that the operating system code implementing each system call checks to be sure that the requested operation is an allowed operation on that object by that user.
User authentication:-
Passwords:- passwords are by far the most common method of user authentication.
If someone else finds out your password. There are two ways someone could find out your password; either they could discover it by some means, or they could guess it. One partial solution is to make the passwords pronounceable, i.e, to form them according to the ways that regular English words are formed.
The second way a password could be obtained is to guess it by trying lots of different passwords until you guess the right one.
In unix, all the passwords in encrypted form.
System authentication:-
Other methods of authentication:-
Verify that a person knows some piece of information(such as a password).
Verify that a person has some objects(such as a badge).
Verify that a person has some physical characteristics(such as fingerprints).
We can base authentication on any of these methods or a combination of two or three.
Password variants:-the password is a simple mathematical formula. For example(3*x-12).
Another password variant is one-time passwords. These are safer because they are only used once. One-time passwords normally involve “smart cards”.
Mechanisms for protecting hardware resources
Hardware mechanisms built into processors allow the operating system to keep control of and protect all of the hardware resources of the system.The processor mode is the basic hardware protection. In addition, there are other mechanisms that protect specific hardware resources.1.Processor protection:- user processes are given direct access to the processor for executing instructions. If a user process goes into infinite loop, then it will never release the processor back to the o.s.o.s uses timer to prevent this. Before the o.s gives the processor to a user process it will set the hardware timer for the time out period. If the user process has not given up the processor during that period then the timer will interrupt it and the interrupt will give control of the processor back to the o.s.2.memory protection:-Memory is protected by the protection bits in the page table entries. When the o.s sets up the page table for a process, it only allows it access to its own memory, instructions are marked as execute only and
some data as read only. This is done to help the process find internal errors. If the process agrees, then the o.s can set up this page table so that they share some of their memory.The page table themselves must be in the o.s memory and not writable by any user process. This will prevent the user process from changing the memory protection for itself or another process. The hardware register that points to the page table must be protected or a user process could change its page table and get access to memory, it should not have access to. If there are instructions that change TLB, these have to be protected also, since they could be used.
3. Device protection:- user process should not be able to access any device they want. If the hardware has special I/O instructions, then these are privileged. More commonly, the devices are accessed through the device registers which are in the physical address space. The o.s will not normally provide any process access to the device registers, but instead will allow indirect access through system calls. For maximum speed, it may be desirable to allow a userprocess access to a device. This can be done by mapping the
device register of that one device into address space of the process. This allows the user process to do anything it wants with that one device.
Disk protection:- the disks are devices and are protected like all other devices. Access to the device registers of disks that have user file system should never be given to a user process.Representation of protection information:-In o.s, we have collection of objects(resources). For each object, there will be set of operations that can be performed on those objects. The subjects are the active entities that attempt to perform the operations on objects and in order to perform a specific operation on a specific object, a subject must have a right(also called a privilege or a permission) to perform that operation on that object.Object types:- there are several kind of objects in o.s.1.processes (and threads) 2. Message queue 3. Area of memory(physical and virtual) 4. Devices (physical and logical) and files and directories.Operations on objects:-
1. Processes Create a process Terminate Read from process’s memory
Write a process’s memory Send message or control the process.
2. Message queue:-
Create msg queue
Destroy msg queue
Send a message to queue
Receive a message from queue
3. Area of memory: allocate an area of memoryfree an area of memoryread from an area of memoryexecute codewrite to an area of memory
4. Devices:Read & write to a deviceControl the device(power down, rewind etc).
5. Files:- Create a file Destroy a file Read, write & append to a file. Execute a file.The protection database:- the o.s must maintain data about what rights a subject should have that is what operations each subject should be performed on each object and it is called as the protection database. This information will be showed in pieces around the system. The two important places are information with subject or with object. Each subject has its own list of objects and what kind of operation to be performed, it is called as capability list.(OR)
each object could have an list of all subjects related to that object and operations also it is called as access control list.
Access control list and capability list: The most popular method of keeping protection information is the access control list. An access control list is the list of access control entries that is attached to an object. Each access control entry specifies a particular user by group of users and the operations they can perform on the object. Access control list technique consists of associating with each object and list containing the user name and the types of access allowed for each user. When a user request access to particular file,THE O.S checks the access list associated with that file. If that user is for the requested access, the access is allowed. Otherwise a protection violation occurs and the user job is denied access to the file.
Capability list:
A capability list contains some or all of the rights a process has. When a process wants to perform an operation, it will present a capability along with the operation request. We can think of capability as a ticket. Suppose we have given a free pass to an amusement park. The ticket allow us to go to the park any time we want. Similarly a
capability allow the user to perform any of a set of operations on a specific object.
Where as access control list are kept with object and record who can access the object, capabilities are kept with the subject and record which object the subject can access. In this method associated with each process is a list of objects that may be accessed along with an indication of which operation are permitted on each.
Protection domain:-
Each user has a specific set of thing that is allowed to do and this does not change rapidly. All processes run by a user will inherit this set of capabilities. this set of capabilities is known as protection domains. In these terms each user has a protection domain, And all process initiated by user will have same protection domains. It might be too expensive to control separate domain for each process, but there certainly will be need for multiple protection domain in any case. For example sometimes we would like to run a program. We do not fully trust. This might be a program you obtained over the internet and you do not have the source code. The program supports to do something useful but it is possible that it was written by someone who wanted to
do mischief and will try to delete all our files. The ideal solution is to run the program in control protection domain that only has capabilities related to advertised functions of the program this way, the program could not delete all our files even if it wanted because the protection domain it runs will not allow the deleting of any file it did not create itself. Protection domains give an operating system a lot of flexibility in setting up protection for processes. They can be used with a user’s own programs for error checking.
Protection domain in capabilities list:-
In capability system protection domain would be easy. It is only necessary to change the system so that the set of capabilities can exists independent of a process and a process can run in a protection domain. there would be a capability to enter each protection domain, and only processes holding that capability would be allowed to enter. Actually we might to have some capability still associated with the process and some with the protection domain it is running in.
Protection domain in Access control list:-
For access control lists, we could implement subject objects that are not associated with any user. The subject would be a protection domain
and would have all the privileges that subject has in the access control lists. An operation on the subject object would be to allow the process to become that subject. Being that subject would be equivalent to being in that protection domain.
Mechanism for software protection:-
Hardware protection mechanism ensure that a user process can not access a hardware resource directly. Instead the o.s provides virtual resources that provide indirect access to the h/w resources.
Virtual resources are accessed through system calls. To prevent unauthorized operations on virtual resources, the o.s must check every system call to be ensure the operation is allowed. The mechanism that does these checks is called a protection monitor. There must be a protection monitor on the path to every operation on every resource.
File protection example:- let’s take reading a file as an example. When a user opens a file, a protection monitor for the file is invoked. It checks an access control list and finds that the user has read only access to the file. The information is stored in the entry for this file in the open file table. When the user makes a specific input/output request to read the file, another protection monitor checks the access.
It looks at the protection data in the open file table entry to be sure the read access is allowed. This look up is done once when file is opened and the protection data is copied into the open file table. Then file table is also a capability list which is checked each time a read is performed. If the user attempts to write the file using that open file entry, the protection monitor will prevent the operation.
Implementation of protection:-
The basic principle of protection is that each operation on a resource is checked for validity by a protection monitor that is, in every path from a process to a resource, there is agent that checks the access. A system call is handled by the o.s by first dispatching it to the proper handler i.e what kind of system call is it. Then the specific handler performs the operations. Before it does this, it checks to be sure that the calling process has the right to perform the requested operation on
specified object. This involves looking some information in a database. The protection information has to be stored with the process and passed to protection manager, or it can be stored with the object. No matter, where it is stored; the protection database itself is an o.s.
Protection mechanism & security policies:-
A security policy is a specific way of using a protection mechanism. For example one policy might be to allow ourselves read and write access to all our files and allow everyone else read-only access to all our files.
Protection mechanisms in an OS
A good protection mechanism will allow the user to implement any security policy he wants, but the best protection mechanisms will not protect the user data unless his security policy tells it to.
Examples of protection attacks:-
• Browsing for information
• Wiretapping
• Trial and error password attacks
• Password guessing
• Searching trash
• Trap doors in programs
Running other peoples program:-
When a user runs a program, it is typical for that program to inherit all the privileges of the user running the program. There may not be too much of problem if it is the users own program, because it will not harm.
The problem comes when you run a program that you have got from another person that you do not necessarily trust. It might be a program you get from the Internet or bulletin board. There are 2 problems that occur in these situation.
1. Trojan horse problem :- one way to penetrate security in a system is to get a
person run our program with their privileges. one way to do this is to create useful program that people want to use but hide extra code inside it to do something else like send a copy of all files to us or to delete all the files. Such a program is called a Trojan horse problem and Trojan horse problem is now to prevent these programs from breaking our security system. the solution to the Trojan horse problem is to run all external programs in a protection domain that only allows the program to do exactly what they are supposed to do.
2. Confinement problem :- suppose we are running a program in a limited protection domain. We have limited it so that the program can not communicate outside of the domain. Ie it can not write any files that are readable by other users, it can not connect to network etc. we have attempted to confine the program and limit its ability to communicate with other programs, we might do this because the program is calculating our income tax and we do not want the information revealed by someone else. This is called confinement problems.Protection examples:Protection in unix:-
Authentication:- logging on and passwords:in order to use a unix system we first have to log on. We provide the system with a user name and a password, both of which are character strings in unix checks to see if we have given right user name and password.The Usernames are public in that it is not hard to find out the valid usernames in a system and users make no attempt to keep other people from finding them out. In fact the username is the part of the email address, so we generally want it to be widely known.We protect the password however and do not allow any one else to see it.Unix keeps the user password in the password file, which is readable by any one using the system. This is not the obvious security problem we might think, how ever, since the password in the password file areEncoded with one way function. So that it is very hard to determine the password from the encoded form. Once we have logged on our username is converted to an internal user number that is associated with all processes that we create. It is not possible to change our user name so it acts as a
reliable proof of our identity. Unix implements this by keeping our user number in its memory that users can not access. In addition to having a username and corresponding number each user can belong to any number of groups at any one time. We are associated with only one group and have a corresponding group number. We can move from group to group as we are working, but we are always in exactly one group.Fileaccess:-Each file has an associated owner and group which are recorded as a user number and group number. when we try to open a file, we are placed in one of three categories. if our user number is the same as the user number of the owner of the file, we put it in the owner category. If we are not the owner but our group number is the same as the group number of the file, then we are place in group category. If we are not the owner and not in the same group, then we are placed in other category.Our access to the file can differ according to which category we are in and the way we want to open the file. The three ways to open a file are for execution for reading and
for writing. Each file has nine bits of protection information. These consists of read, write and execute permission for the owner, members of the same group and all others. The system will check whether users in our category have permission to perform the requested open on the file.Once a file is opened, the system gives us an open file identifier which it keeps in a place that is accessible only to the o.s. this open file identifier allows us to use the file in the way we request. A file access is checked once and gives the process a token which shows the process has permission to read and write the file.Memory protection:-Each process has a private section of virtual memory that it can access and that no other process can access. It is possible by mutual consent for two processes to set up an area of shared memory that can do both read and write.other than this,no process may read or write the memory of another process. The memory management hardware enforces this constraint.Protection of processes:-Processes in UNIX can interact with each other using the ‘signal’ mechanism. A signal
is a special kind of message sent to another processes. A process can exercise a fair amount of control over child processes. In particular it can send signal to its child processes. We can use signal to terminate a child process. We can also go in and change the memory of a child process.A process can not send signals to any process that is not a child process, a child of a child of child and so on. That is protection is based on memory of a child process.A process can not send signals to any process that is not a child process, a child of a child of a child and so on. i.e protection is based on the process creation tree.Protection of inter process communication:-Pipes form a main method in IPC in unix.Use of cryptography in computer science:-Cryprography comes from the Greek word means”secret writing”. It is the study of secret codes i.e way to encode messages . so that only the sender and the receiver can decode them. The term modern cryptography is used for the computer-based cryptography that have been developed over last 40 years. Modern cryptography has given encoding system
that are for all intents, purpose and unbreakable.A message M is a sequence of bits. Often, these bits are ASCII characters, allowing the message to be a textual document. The message is also called the plain text, meaning that is not encoded but readable by only one. The encryption function , E. takes a message and an encryption key KE
and produces an encrypted version of message C called cipher text.E(M,KE) =CThe decryption function , D, reverses the process using a decryption key KD.D(C, KD)=MThese can be put together asD(E(M, KE), KD)=MPrivate key cryptosystem:- it is a system of encoding where the encoding key and the decoding key are the same. Or are easily computable from each other. In the private key cryptosystem both the encoding and decoding key must be kept private or the code will be compromised.Public key cryptosystem: it is a system of encoding where the encoding key and decoding key are different and these
decoding key is not easily computable from the encoding key.In a public key cryptosystem only the decoding key must be kept private and the encoding key is public and can be widely used.Using cryptosystem for authentication.Cryptosystem play an important role in method of authentication. This is based on the idea of digital signature. Signature are used to authenticate documents because it is very hard to duplicate how a person signs their name but it is hard to see how we can sign a digital document. Signatures depend on how we use dozens of muscles in your hand and arms and they are difficult to duplicate even with the help of the computer.On the other hand it is very easy to change the bits of the document. So we could digitally sign a document.The trick is to make all the bits in the document related to each other so that we can not change just one or a few of them. We can do this with encryption. These encryption takes the bits of a message and mixes all up in related ways.
Suppose we have a public key cryptosystem and we have 2 people A & B. A sends a message to B and B wants to be certain a that has A sent the message. Person A has a public key PuA that is widelyknown and private key PrA that only A knows. similarly B has public keyPuB and private key PrB.A sends the message D(M,PrA) to B. when B receives this message, he “encrypts” it with A’s public key to getE(D(M,PrA),PuA)=M. B can be certain that A sent message M because only A knows PrA and so only A could decrypt M with PrA. Authentication of public keys
Micro-kernel operating system:-In the simple o.s all system services were provided by the o.s. whenever a user process needed a service it would make a system call to request the service from the o.s. in the o.s a user process sends a message to o.s to request service, but not all services are provided by the o.s. disk i/o services are provided by disk I/o system process.
SOS with system processes
Communication with a server
moving most of the functions out of o.s reduces the size of o.s because of this. The organization is often called micro-kernel approach. The
system process that much of the work for the kernel are called servers and this type of system structure is also called client-server model. Such system consists of number of servers. Processes which provides various services and collection of client processes that requires services.The above fig shows the internal structure of a server and the
communication between the server and its clients. In client server o.s the communication is indirect since the service request go first to the o.s and then redirected to the server. Sometimes the services have to defer calls unit they can request service of other services. This makes it convenient to structure server with threads.Distributed o.s:- it is an o.s that runs on a network of computers but gives the user the illusion that they are running on single large system with one o.s. the users of a distributed system do not read to know where the processes are.Distributed o.s, the users access remote resources in the same manner as they do local resources. Data & process migration from one site to another is under the control of distributed o.s.Data migration:-
suppose that a user on site A wants to access data(file) that resides at site B. there are 2 basic methods for the system to transfer the data. One approach is to transfer the entire file to site A. from that point on, all access to the file is local. When the user to longer needs access to the file, a copy of the file is sent back to site B. even if only a modest change has been made to a large file, all the data must be transferred. This mechanism can be thought of an automated FTP system.The other approach is to transfer to site A only those portions of the file that are actually necessary for the immediate task. If another portion is required later, another transfer will take place. When the user no longer wants to access the file, any part of it that has been modified must be sent back to site B.network o.s:
it is an o.s that is aware of the network it is on and can cooperate with other network o.s on the network to pass messages and provide for a distributed file system.
A network o.s provides an environment where users, who are aware of the multiplicity of machines can access remote resources by either logging in to the appropriate remote machine or transferring data from the remote machine to their own machine.
Remote logic:-
An important function of network o.s is to allow users to log in remotely on another computer. The internet provides the telnet facility for this purpose. To illustrate this facility, let us suppose that a user at Brown university wishes to compute on “CS.uteras.edu “ a computer located at the university of Texas. To do so, the user must have a valid account on the machine. To login remotely, the user issued the command.
telnet cs.utexas.edu.
this command results in a connection being formed between the local machine at Brown university and the “CS.utexas.edu” computer. After this connection has been established, the networking software creates a transparent bidirection link such that all characters entered by the user
are sent to the process on. “CS.utexas.edu” and all the output from that process is sent back to the user. The process on the remote machine asks the user for a login name and password. Once the correct information has been received, the process acts as a proxy for the user, who can compute on the remote machine just as any local user can.
Remote file transfer:-
Another major activity of network o.s is to provide a mechanism for file transfer from one machine to another. In such an environment, each computer maintains its own system. If a user at one site(say “CS.brown.edu”) wants to access a file located on another computer(say CS.utexas.edu”) then the file must be copied explicitly from the computer at texas to the computer at Brown.
The internet provides a mechanism for such a transfer with the file transfer protocol(FTP) program. Suppose that user on CS.brown.edu wants to copy a file paper.txt that resides on CS.utexas.edu into a local file my paper.txt. the user must first invoke the FTP program, by executing ftp cs.utexas.edu.
The program then asks the user for the login name and password. Once the correct information has been received, the user must connect to the
subdirectory where the file paper.txt resides, and then copy the file by executing get paper.txt my_paper.txt
Client-server model:-
It consist of number of server processes which provides various services and a collection of client processes that requires services.
Figure shows the internal structure of a server and the communication between the server and its clients. In the client server o.s, the communication is indirect since the service requests go first to the o.s and then are redirected to the server processes.
Sometimes these servers will have to defer calls until they can request services of other servers. This makes it convenient to structure servers with threads.
The processes are forced to use the o.s. there can be only one o.s on the machine, because the o.s controls all the resources of the machine. Thus, the processes have no choice about which o.s to use. If we want to test a new part of an o.s we have to build new o.s. stop the old o.s and start the new o.s . normal processes can not run while a new o.s is being tested, unless they want to take a chance on the operating system failing and damaging their data.
The client-server model can improve these problems. It is possible to have several server processes providing similar services in different ways. A process is free to deal with any of the servers and can choose the one most compatible with its needs. For example, there might be a unix file system server and an MS DOS file system server available.
Advantages:-
Suppose we want to test a new file system server. We can leave the existing server running and start a new file system server. We can send messages to new server and test it while. Other processes continue to use the old server, if there is an error , only the file system server process will fail and other users are unaffected.
Another advantage of client-server model is that it fits in with a network or distributed environment. If the o.s is one big program it is not obvious how to distribute it over a number of machines. But if the o.s services are provided by a collection of five processes, we can easily distribute them over five machines. We can also have duplicate servers
for some or all services and have a system that is resistant to machine failure.
Another advantage of the client-server model is modularity. The o.s is in several smaller pieces instead of one large piece. This makes it easier to develop the modules, and makes it easier to test them and be confident of their correctness.
Disadvantages:-
1. Speed:- it is slower to send a message to another process and switch address spaces to that process than it is to make a procedure call on another module in the kernel.
2. We move some o.s services out of the o.s and into processes.