Chapter 14 Windows Operating Systems - PowerPoint PPT Presentation


PPT – Chapter 14 Windows Operating Systems PowerPoint presentation | free to download - id: 5a99cb-Nzk5Y


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Chapter 14 Windows Operating Systems


... handle-specific attributes each time a process opens a handle File Management ... patch management To combat many viruses and worms that ... – PowerPoint PPT presentation

Number of Views:125
Avg rating:3.0/5.0
Slides: 71
Provided by: unfEdupub
Learn more at:


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Chapter 14 Windows Operating Systems

Chapter 14Windows Operating Systems
  • Understanding Operating Systems, Fourth Edition

  • You will be able to describe
  • The importance of MS-DOS in early Windows
  • The design goals for Windows operating systems
  • The role of the Memory Manager, especially the
    Virtual Memory Manager
  • The use of the Device, Processor, and Network
    Managers in recent versions of Windows
  • The role of the NT file system in file management

Objectives (continued)
  • You will be able to describe
  • The challenges for Windows system security today
  • How the current Windows user interface functions

Windows Development
Early Windows GUI Products ran on top of MS-DOS
Table 14.1 Windows Development
Windows Development (continued)
  • Windows for Workgroups
  • First Windows product to accommodate the needs of
    network users
  • Could easily share directories, disks, and
    printers among several interconnected machines
  • Allowed personal intercommunication through
    e-mail and chat programs
  • Intended for small or mid-sized groups of PCs for
    small businesses or small departments of larger

Operating Systems for Single Users
  • Disadvantages of running Windows on top of
  • Little built-in security
  • Couldnt perform multitasking
  • Had no interprocess communication capability
  • Written to work closely with the microcomputers
  • Making it difficult to move OS to other platforms
  • Microsoft developed and released a succession of
    Windows OSs (not mere GUIs) to appeal to home and
    office users

Operating Systems for Single Users (continued)
Table 14.2 Evolution of key Microsoft Windows
operating systems for home and
professional use
Operating Systems for Networks
  • Development of Windows NT (more powerful
    networking products)
  • Windows NT never relied on MS-DOS for support
  • Primary market requirements include
  • Portability
  • Multiprocessing capabilities
  • Distributed computing support
  • Compliance with government procurement
  • Government security certification
  • The finished product was introduced in 1993

Operating Systems for Networks (continued)
Table 14.3 Evolution of key Microsoft Windows
networking operating systems. All have evolved
from Windows NT
Operating Systems for Networks (continued)
  • Microsoft offered Windows NT in several versions
  • Windows NT Workstation for individuals needing a
    desktop operating system
  • Windows NT Server for small to medium-sized
    offices, Web servers, and off-site locations
  • Windows NT Server Enterprise Edition for larger
    and more complex networks

Operating Systems for Networks (continued)
  • In 1999, Windows NT name was changed to Windows
    2000 and was available in four packages
  • Windows 2000 Professional
  • Windows 2000 Server
  • Windows 2000 Advanced Server
  • Windows 2000 Datacenter Server
  • Designed for large data warehouses and other
    data-intensive business applications
  • Supported up to 64 GB of physical memory
  • Windows Server 2003 was also released with these
    same four packages plus a Web edition

Design Goals
  • To accommodate various needs of its users and to
    optimize resources, the Windows design team
    identified five design goals
  • Extensibility
  • Portability
  • Reliability
  • Compatibility
  • Performance

  • Allows the system to be easily enhanced
  • To ensure the integrity of code, designers
    separated operating system functions into
  • Privileged executive process (kernel mode)
  • Refers to a processors mode of operation in
    which all machine instructions are allowed
  • System memory is accessible
  • Nonprivileged processes protected subsystems
    (user mode)
  • Certain instructions are not allowed
  • System memory isnt accessible

Extensibility (continued)
  • Windows designers also included four more
    features to ensure extensibility
  • Modular structure so new components can be added
    to the executive process
  • Objects, a group of abstract data types
    manipulated by a special set of services
  • Allow system resources to be managed uniformly
  • Drivers for new file systems, devices, and
    networks that can be added to the system at any
  • Remote procedure call
  • Allows an application to call remote services
    regardless of their location on the network

  • Ability to operate on different machines that are
    based on different processors or configurations
    with a minimum amount of recoding
  • To achieve this goal, Windows development
    followed certain guidelines
  • Written in a standardized, high-level language
    available in all machines
  • System accommodated hardware to which it was
    expected to be ported
  • Minimized code that interacted directly with the
    hardware to reduce incompatibility errors

Portability (continued)
  • (continued)
  • Isolation of all hardware-dependent code into
    modules - that could be easily modified whenever
    the operating system was ported
  • Windows NT and successors have the following
  • Modular code
  • Much of Windows is written in C
  • Contains a hardware abstraction layer (HAL)
  • A dynamic-link library that provides isolation
    from hardware dependencies furnished by different

  • Refers to the robustness of a system and its
    ability to protect itself and its users from
    accidental or deliberate damage by user programs
  • Following features strengthen the system
  • Structured exception handling
  • Modular design
  • NTFS File System (NT File System) which can
    recover from all types of errors
  • U.S. government-certifiable security architecture
  • Virtual memory strategy

  • Refers to an operating systems ability to
    execute programs written for other operating
    systems or for earlier versions of the same
  • Use of protected subsystems
  • Provides execution of applications that are
    different from its primary programming interface
  • Provides source-level compatibility with POSIX
  • Recent versions of Windows support
    already-existing file systems, e.g., MS-DOS FAT,
    CDFS, and NTFS
  • Built-in verification of important hardware and

  • Several features that help Windows achieve good
    performance levels include
  • Testing and optimization of system calls, page
    faults, and other crucial processes
  • Incorporation of local procedure call (LPC) to
    guarantee fast communication among the protected
  • Speed of frequently used system services is
  • Critical elements of Windows networking software
    are built into privileged portion of operating

Memory Management
  • Every operating system uses its own view of
    physical memory and makes its application
    programs access memory in specified ways
  • When physical memory becomes full, the Virtual
    Memory Manager pages some of the memory contents
    to disk, freeing physical memory for other
  • Challenge for all Windows OSs To run application
    programs written for Windows, MS-DOS, or POSIX
    without programs crashing into each others memory

Memory Management (continued)
  • Memory layout in recent versions of Windows
  • Operating system resides in high virtual memory
    and the users code and data reside in low
    virtual memory
  • User process cant read or write to system memory
  • All user-accessible memory can be paged to disk,
    as can the segment of system memory labeled paged
  • Segment of system memory labeled nonpaged pool is
    never paged to disk

Memory Management (continued)
Figure 14.1 Layout of Windows memory
User-Mode Features
  • VM Manager allows user-mode subsystems to share
    memory efficiently
  • Provides services that a process can use to
    manage its virtual memory in the following ways
  • Allocate memory in two stages
  • Read and/or write protection for virtual memory
  • Lock virtual pages in physical memory
  • Retrieve information about virtual pages
  • Protect virtual pages
  • Rewrite virtual pages to disk

Virtual Memory Implementation
  • Virtual Memory Manager relies on
  • Address space management
  • Paging techniques
  • Address Space Management
  • Upper half of the virtual address space is
    accessible only to kernel-mode processes
  • Code in the lower part of this section, kernel
    code and data, is never paged out of memory

  • Pager Part of VM manager that transfers pages
    between page frames in memory and disk storage
    and is a complex combination of
  • Software policies
  • Determine when to bring a page into memory and
    where to put it
  • Hardware mechanisms
  • Include the exact manner in which the VM Manager
    translates virtual addresses into physical
  • Pager is not portable
  • Windows keeps this code small and well isolated

Paging (continued)
  • Paging policies dictate how and when paging is
    done and are composed of
  • Fetch policy
  • Determines when the pager copies a page from disk
    to memory
  • Placement policy
  • Determines where the virtual page is loaded in
  • Replacement policy
  • Determines which virtual page must be removed
    from memory to make room for a new page

Processor Management
  • Windows is a preemptive-multitasking,
    multithreaded operating system
  • Process in Windows NT-derived OS requires at
    least one thread of execution. By default, a
    process contains one thread, which is composed
  • A unique identifier
  • Contents of a volatile set of registers
    indicating processors state
  • Two stacks used during the threads execution
  • Private storage area used by subsystems and
    dynamic-link libraries

Processor Management (continued)
  • Threads
  • Thread components are called the threads context
  • Actual data forming this context varies from one
    processor to another
  • Kernel schedules threads for execution on a
  • The thread is what actually executes the code
  • The overhead incurred by a thread is minimal

Processor Management (continued)
Figure 14.2 Unitasking in Windows
Processor Management (continued)
  • Multithreading
  • For systems with multiple processors, a process
    can have as many threads as there are CPUs
  • All threads belonging to one process share its
    global variables, heap, and environment strings
  • Versions of Windows since NT include some
    synchronization mechanisms to avoid problems with
    multiple threads

Processor Management (continued)
Figure 14.3 Multitasking using multithreading
Device Management
  • The I/O system in Windows NT and its networking
    descendents was designed to provide following
  • Multiple installable file systems including FAT,
    CDFS, and NTFS
  • Services to make device-driver development as
    easy as possible yet workable on multiprocessor
  • Ability for system administrators to add drivers
    to the system or remove them from the system
  • Fast I/O processing while allowing drivers to be
    written in high-level language
  • Mapped file I/O capabilities for image
    activation, file caching, and application use

Device Management (continued)
  • The I/O system is packet driven i.e., every I/O
    request is represented by an I/O request packet
  • An IRP is a data structure that controls how the
    I/O operation is processed at each step
  • I/O Manager
  • Creates an IRP that represents each I/O operation
  • Passes the IRP to the appropriate driver
  • Disposes of the packet when the operation is

Device Management (continued)
Table 14.4 Example showing how a device object
is created from an instruction to read a file
Device Management (continued)
  • Tasks of I/O Manager
  • Supplies code, common to different drivers
  • Manages buffers for I/O requests
  • Provides time-out support for drivers
  • Records which installable file systems are loaded
    into the operating system
  • Provides flexible I/O facilities
  • Allow subsystems such as POSIX to implement their
    respective I/O application programming interfaces
  • Allows device drivers and file systems to be
    loaded dynamically based on the needs of the user

Device Management (continued)
  • Windows provides a device-independent model for
    I/O services
  • This model takes advantage of a concept called a
    multilayered device driver
  • Each device driver is made up of a standard set
    of routines including the following
  • Initialization routine, dispatch routine, start
    I/O routine, completion routine, unload routine,
    error logging routine

Device Management (continued)
  • I/O Manager must determine from the file objects
    name which driver should be called to process the
    request of accessing a file. It uses
  • Driver object
  • Represents an individual driver in the system
  • I/O Manager creates it when a driver is loaded
    into the system
  • A driver object may have multiple device objects
    connected to it
  • Device object
  • Represents a physical, logical, or virtual device
    on the system and describes its characteristics

Device Management (continued)
Figure 14.4 The driver object from Table 14.4 is
connected to several device objects. The last
device object points back to the driver object
Device Management (continued)
  • The list of device objects represents the
    physical, logical, and virtual devices that are
    controlled by the driver
  • Advantages to representing devices and drivers
    with different objects
  • Provides portability Frees the I/O manager from
    having to know details about individual drivers
  • It just follows a pointer to locate a driver
  • Allows new drivers to be easily loaded
  • Easier to assign drivers to control additional or
    different devices if system configuration changes

Device Management (continued)
Figure 14.5 Interaction of I/O Manager with a
layered device driver to write data to a file on
a hard disk
Device Management (continued)
  • The I/O Manager knows nothing about the file
  • Overhead involved when the I/O Manager passes
    requests for information back and forth
  • Uses single-layer device driver approach for
    simple devices, e.g., serial and parallel printer
  • Uses multilayered approach for more complicated
    devices, e.g., hard drives
  • Almost all low-level I/O operations are

File Management
  • Current versions of Windows are designed to be
    independent of the file system on which they
  • Windows supports multiple file systems for hard
    disks including
  • MS-DOSs FAT file system
  • 32-bit FAT file system
  • NTFS
  • NTFS extends the capabilities of the FAT and
    FAT32 file systems

File Management (continued)
  • NTFS extends the capabilities of the FAT and
    FAT32 file systems by adding
  • File system recovery
  • Ability to handle large storage media, on the
    order of approximately 17 billion gigabytes in
  • Security features, including execute-only files
  • Unicode filenames
  • Support for the POSIX operating system
  • Features for future extensibility

File Management (continued)
  • Primary file handling concept in current versions
    of Windows is the virtual file
  • Programs perform I/O on virtual files,
    manipulating them by using file handles
  • An executive file object that represents all
    sources and destinations of I/O
  • Processes call native file object services such
    as those to read from or write to a file
  • I/O Manager directs these virtual file requests
    to real files, file directories, physical devices

File Management (continued)
  • File objects
  • Have hierarchical names,
  • Protected by object-based security
  • Support synchronization
  • Handled by object services
  • When opening a file, a process supplies the
    files name and the type of access required

File Management (continued)
  • File objects
  • Help bridge the gap
  • Between the characteristics of physical devices
    and directory structures, file system structures,
    and data formats
  • Provide a memory-based representation of
    shareable physical resources
  • Are created with a new set of handle-specific
    attributes each time a process opens a handle

File Management (continued)
Figure 14.6 Illustration of a file object, its
attributes, and the services that operate on them
File Management (continued)
Table 14.5 Description of the attributes shown
in Figure 14.6
File Management (continued)
  • Mapped file I/O is an important feature of the
    I/O system
  • Achieved through the cooperation of the I/O
    system and the VM Manager
  • Memory-mapped files exploit virtual memory
  • Cache manager uses mapped I/O to manage its
    memory-based cache
  • NTFS supports long filenames that can include
    spaces and special characters
  • Automatically shortens filenames when required

Network Management
  • Networking is an integral part of the Windows
    NT-based operating systems and provides services
    such as
  • User accounts, resource security
  • Mechanisms used to implement communication
    between computers, such as with named pipes and
  • Named pipes provide a high-level interface for
    passing data between two processes regardless of
    their locations
  • Mailslots provide one-to-many and many-to-one
    communication mechanisms

  • Microsoft Networks(MS-NET) was released in 1984
    and became the model for the NT Network Manager
  • Three MS-NET components
  • Redirector
  • Server message block (SMB) protocol
  • Network server
  • MS-NET components were extensively refurbished
    and incorporated into Windows NT and later

MS-NET (continued)
  • Redirector
  • Coded in the C programming language
  • Implemented as a loadable file system driver
  • Not dependent on the systems hardware
  • Function To direct an I/O request from a user or
    application to the remote server that has the
    appropriate file or resource
  • A network can incorporate multiple redirectors

MS-NET (continued)
  • SMB Protocol
  • A high-level specification for formatting
    messages to be sent across the network
  • Correlates to the application layer (layer 7) and
    the presentation layer (layer 6) of the OSI model
  • An API called NetBIOS interface is used to pass
    I/O requests structured in the SMB format to a
    remote computer
  • Both SMB protocols and NetBIOS API were adopted
    in several networking products before appearing
    in Windows

MS-NET (continued)
  • Windows Server operating systems
  • Written in C for complete compatibility with
    existing MS-NET and LAN manager SMB protocols
  • Implemented as loadable file system drivers
  • Have no dependency on the hardware architecture
    on which the operating system is running

MS-NET (continued)
Figure 14.7 Implementation of the seven layers
of the OSI reference model in the Windows Network
Directory Services
  • Active Directory Database that stores all types
    of information so it can be a general-purpose
    directory service for a heterogeneous network
  • Built entirely around DNS and LDAP
  • Groups machines into administrative units called
  • Each domain gets a DNS domain name (e.g.,
  • Each domain must have at least one domain
  • A domain can have more than one domain controller
  • Active Directory clients use standard DNS and
    LDAP protocols to locate objects on the network

Directory Services (continued)
Figure 14.8 Active Directory clients use
standard DNS and LDAP protocols to locate objects
on the network
Security Management
  • Windows network operating systems provide an
    object-based security model
  • A security object can represent any resource in
    the system a file, device, process, program, or
  • Allows administrators to give precise security
    access to specific objects in the system while
    allowing them to monitor and record how objects
    are used
  • Biggest concern in Windows OS Need for
    aggressive patch management
  • To combat many viruses and worms that target
    these systems

Security Basics
  • U.S. Department of Defense has identified and
    categorized OS features into seven levels of
  • To comply with the Class C2 level of security,
    Windows 2000 and above include the following
  • A secure logon facility
  • Discretionary access control
  • Auditing ability
  • Memory protection

Security Basics (continued)
  • Windows strives to prevent access by unauthorized
    users by supporting a multilayered security
  • Password management is the first layer of
  • In NTFS, users encounter a second layer of
    security that deals directly with file access
  • Windows makes distinctions between owners and
  • Users can decide what type of operations a person
    is allowed to perform on a file
  • Gives the user auditing capabilities that
    automatically keep track of who uses files and

Security Terminology
  • Built-in security for recent Windows network OS
    is a necessary element for managers of Web
    servers and networks
  • Requires an authentication mechanism that allows
    a client to prove its identity to a server
  • Client needs to supply authorization information
  • Server uses it to determine which specific access
    rights have been given to client
  • Needs to provide data integrity using a variety
    of methods
  • Windows provide this with Kerberos security

Security Terminology (continued)
  • Kerberos Security
  • Provides authentication, data integrity, data
    privacy, and mutual authentication
  • Each domain has its own Kerberos server
  • Microsoft has implemented the standard Kerberos
  • Microsoft has separated the users of distributed
    security services from their providers
  • Allows support for many options without creating
    unusable complexity

Security Terminology (continued)
Figure 14.9 Requests from an application flow
through a series of security providers, as do the
responses from the network back to application
User Interface
  • Desktop contains the icons for the tools and
    applications one can use to get work done
  • Users can use mouse, light pen, or stylus to move
    around the desktop
  • To start an application, users double-click an
    application icon or select it from the Start menu
  • To quit an application, they can select Exit from
    the File menu or click the x in the top-right
    corner of the window

User Interface (continued)
  • Start Menu divides functions into logical groups
    and from here users access common functions
    including the following
  • All Programs
  • My Documents, My Pictures, My Music, My Computer
  • Control Panel, Help and Support
  • Search, Run, Log Off, Turn Off Computer

User Interface (continued)
Figure 14.10 A typical Windows Start Menu
User Interface (continued)
  • The Windows Task Manager
  • Opened by pressing and holding the Ctrl, Alt, and
    Delete keys
  • Allows user to view running applications and
    processes, and set the priorities of each
  • Allows user to view information about
    performance, networking, and other users logged
    into system
  • Windows Explorer Contains directory and file
    display tools and a file-finding tool
  • Features a series of pull-down menus File, Edit,
    View, Favorites, Tools, Help, etc.

User Interface (continued)
  • My Network Places helps users identify and
    access network resources such as folders,
    printers, and connections to other nodes
  • Command interface that resembles MS-DOS is
    available from most Windows desktops
  • Keyboard shortcuts e.g., CtrlC for copy
  • Built-in input methods and fonts for many
  • e.g., Administrator can select one or several
    languages during installation
  • Windows also offers an on-screen keyboard

  • Current Windows operating systems incorporate
    ease-of-use with the technical power to operate a
    network across several existing platforms
  • Windows systems are designed to evolve modularly
    and consistently over time
  • Portability feature eases the difficulty of
    migrating OS to new hardware platforms
  • Security controls in Windows have helped OS gain
    inroads with organizations requiring consistent
    protection for their data and applications

Summary (continued)
  • Windows authentication models support new user
    interfaces from bank teller machines to
    fingerprint or retinal scanners
  • Allow the implementation of different security
    architectures, further extending the reach of
    Windows into the market
  • Require aggressive patch management to combat
    viruses and worms