Usually, IT network environments orchestrate direction and control through an operating system installed to coordinate processes; including application software. In other words, an operating system performs most generally accepted management functions for IT processes.

Without an operating system certain functions, such as multiprogramming, simply would not be an available processing option, and many functions like I/O completion testing would have to be performed directly by a programmer. Therefore, operating systems are the primary catalyst sustaining efficient and effective information integrity. If this viewpoint is adopted throughout the entity, IT owners should ensure adequate protection mechanisms are installed with employed operating systems.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Dictionary.com Unabridged (v 1.1). rev. ed. New York, NY: Random House. http://dictionary.reference.com/browse/linkage editor (accessed: August 30, 2008).

Lyon, Lockwood and Kenniston W. Lord. CDP Review Manual: Covering the ICCP, CDP, CSP, and CCP Examinations, 5th ed. New York, NY: Van Nostrand Reinhold, 1991. 130-2

Minasi, Mark. Complete PC Upgrade and Maintenance Guide, 8th ed. San Francisco, CA: SYBEX, 1997. 263-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 239

Silbershatz, Abraham and Peter B. Galvin. Operating System Concepts, 4th ed. Gainesville, FL: Addison-Wesley, 1995. 49-50

“View Part I of the Essential Operating System Protection Mechanisms series here”

Post Note: “Essential Operating System Protection Mechanisms – Part VI” was originally published through Suite101.com under the title “Essential Operating System Protection Mechanisms”

Technically, the user program subroutine integration process is known as linkage editing. Linkage editing poses two risks: the unauthorized use of subroutines and the unauthorized suppression of subroutines that should accept utilization. In the first case, an application program might utilize a job control (script) statement requesting the services of an unauthorized subroutine that performs an illegal task. In the second case, the program might use a script statement that suppresses the services of a required subroutine. Consequently, policies and procedures should be implemented to ensure:

• error messages are displayed or other action taken when reference is made to unauthorized subroutines, or when external references are unsolved
• the operating system maintains a log of program usage
• the linkage editor of the operating system maintains a processing history of each program, including control statements utilized

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Dictionary.com Unabridged (v 1.1). rev. ed. New York, NY: Random House. http://dictionary.reference.com/browse/linkage editor (accessed: August 30, 2008).

Lyon, Lockwood and Kenniston W. Lord. CDP Review Manual: Covering the ICCP, CDP, CSP, and CCP Examinations, 5th ed. New York, NY: Van Nostrand Reinhold, 1991. 130-2

Minasi, Mark. Complete PC Upgrade and Maintenance Guide, 8th ed. San Francisco, CA: SYBEX, 1997. 263-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 239

Silbershatz, Abraham and Peter B. Galvin. Operating System Concepts, 4th ed. Gainesville, FL: Addison-Wesley, 1995. 49-50

“View Part I of the Essential Operating System Protection Mechanisms series here”

Post Note: “Essential Operating System Protection Mechanisms – Part V” was originally published through Suite101.com under the title “Essential Operating System Protection Mechanisms”

Processor protection deters infinite program loops that could affect availability. Inserting a timer prevents programs from being stuck in infinite loops, and never returning control to the operating system. The operating system timer can be fixed or variable. However, the system parameter for the timer should be set at a generally accepted practice range with instructions to interrupt the operating system timer considered a privileged authorization for incident prevention.

Reducing the risk of IT program manipulation

Lastly, user program protection dictates user access to shared user resources. Rather than include all necessary instructions in an application program, many programs simply reference other programs, or subroutines, that may be available in the program library. When a program makes a reference to subroutine, it is the operating system that calls the subroutine in from the library and makes it available to the requesting program.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Dictionary.com Unabridged (v 1.1). rev. ed. New York, NY: Random House. http://dictionary.reference.com/browse/linkage editor (accessed: August 30, 2008).

Lyon, Lockwood and Kenniston W. Lord. CDP Review Manual: Covering the ICCP, CDP, CSP, and CCP Examinations, 5th ed. New York, NY: Van Nostrand Reinhold, 1991. 130-2

Minasi, Mark. Complete PC Upgrade and Maintenance Guide, 8th ed. San Francisco, CA: SYBEX, 1997. 263-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 239

Silbershatz, Abraham and Peter B. Galvin. Operating System Concepts, 4th ed. Gainesville, FL: Addison-Wesley, 1995. 49-50

“View Part I of the Essential Operating System Protection Mechanisms series here”

Post Note: “Essential Operating System Protection Mechanisms – Part IV” was originally published through Suite101.com under the title “Essential Operating System Protection Mechanisms”

Intel Central Processing Unit (CPU)

A potential consequence for a breach in memory protection is a halt in all current processing. Therefore, the operating system should monitor the partitions to ensure that no program coding or data are moved into the wrong partition to prevent information corruption and unauthorized manipulation. Furthermore, operating systems should check to ensure data read into devices from other media are of the correct length. The operating system’s data length check prevents errors, such as blocks of records being too long for the memory buffer storage area.

Controlling privileged instructions

I/O allocation and control dynamically matches and assigns channels and devices with the processes’ particular requirements, monitors the status, and controls operations. Where online features are part of the IT configuration, communication with a terminal control unit (TCU) or front-end processor (FEP) are typically included in operating system duties. I/O protection prevents users from accessing privileged instructions.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Dictionary.com Unabridged (v 1.1). rev. ed. New York, NY: Random House. http://dictionary.reference.com/browse/linkage editor (accessed: August 30, 2008).

Lyon, Lockwood and Kenniston W. Lord. CDP Review Manual: Covering the ICCP, CDP, CSP, and CCP Examinations, 5th ed. New York, NY: Van Nostrand Reinhold, 1991. 130-2

Minasi, Mark. Complete PC Upgrade and Maintenance Guide, 8th ed. San Francisco, CA: SYBEX, 1997. 263-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 239

Silbershatz, Abraham and Peter B. Galvin. Operating System Concepts, 4th ed. Gainesville, FL: Addison-Wesley, 1995. 49-50

“View Part I of the Essential Operating System Protection Mechanisms series here”

Post Note: “Essential Operating System Protection Mechanisms – Part III” was originally published through Suite101.com under the title “Essential Operating System Protection Mechanisms”

In most instances, the purpose of operating system protection mechanisms are to prevent programs from interfering with each other during processing and to ensure there are no errors in referencing of subroutines in the program library; as well as ensure no unauthorized changes are made to authorized instructions.

Regarding entity software controls, all of the functions utilizing the Central Processing Unit (CPU) and associated storage as well as connected input and output devices are potential candidates for operating system defense strategies. Tactically, four primary operating system protection mechanisms are deployable: memory, I/O, processor, and user program controls.

Protecting against unauthorized modification

Memory protection restricts unauthorized modification to privileged programs. The operating system can partition associated memory into segments. Under this condition, each application program or program set will be assigned a particular memory partition. This allows several programs to process simultaneously in a multiprogramming environment, without interfering with each other.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Dictionary.com Unabridged (v 1.1). rev. ed. New York, NY: Random House. http://dictionary.reference.com/browse/linkage editor(accessed: August 30, 2008).

Lyon, Lockwood and Kenniston W. Lord. CDP Review Manual: Covering the ICCP, CDP, CSP, and CCP Examinations, 5th ed. New York, NY: Van Nostrand Reinhold, 1991. 130-2

Minasi, Mark. Complete PC Upgrade and Maintenance Guide, 8th ed. San Francisco, CA: SYBEX, 1997. 263-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 239

Silbershatz, Abraham and Peter B. Galvin. Operating System Concepts, 4th ed. Gainesville, FL: Addison-Wesley, 1995. 49-50

“View Part I of the Essential Operating System Protection Mechanisms series here”

Post Note: “Essential Operating System Protection Mechanisms – Part II” was originally published through Suite101.com under the title “Essential Operating System Protection Mechanisms”

Third Generation iPod Nano With Embedded Operating System 1.1.3

From mainframe computers to industrial robots to cellular phones, a variety of operating systems are available for deployment. Nevertheless, reflective of current capabilities, an IT operating system is software that controls the execution of electronically encoded instructions and may provide scheduling, debugging, input/output (I/O) control, accounting, compilation, storage assignment, job management, as well as other related services. Of these other related services, operating system protection mechanisms are crucial to ensuring information integrity.

Operating system processor functionality

Operating system functionality is determined by the lead software manufacture. However, operating systems consist of a kernel and at least one processor; with each operating system processor having specific functions that are executed based on user and/or program interface syntax. Whereby, modern operating system processors commonly perform defined process management, memory management, device management, storage management, as well as application-interface and/or user-interface related tasks.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Dictionary.com Unabridged (v 1.1). rev. ed. New York, NY: Random House. http://dictionary.reference.com/browse/linkage editor(accessed: August 30, 2008).

Lyon, Lockwood and Kenniston W. Lord. CDP Review Manual: Covering the ICCP, CDP, CSP, and CCP Examinations, 5th ed. New York, NY: Van Nostrand Reinhold, 1991. 130-2

Minasi, Mark. Complete PC Upgrade and Maintenance Guide, 8th ed. San Francisco, CA: SYBEX, 1997. 263-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 239

Silbershatz, Abraham and Peter B. Galvin. Operating System Concepts, 4th ed. Gainesville, FL: Addison-Wesley, 1995. 49-50

Post Note: “Essential Operating System Protection Mechanisms – Part I” was originally published through Suite101.com under the title “Essential Operating System Protection Mechanisms”

“View Part I of the Service Level Management of Cloud Computing series here“

Commonly, OLA utilization requires explaining how services will be technically delivered to support the SLA(s) in an optimal manner — with provisions for timely updating related to service quality. Consequently, an OLA should specify technical processes in terms meaningful to the cloud computing provider, and can support several SLAs.

“View Part I of the Service Level Management of Cloud Computing series here“

• Scalability
• Maintainability
• Reliability
• Availability
• Performance
• Security

During the initial cloud computing acquisition phases, an IT architect should define the QoS measurements for each of the SLRs.  Furthermore, an entity’s IT clients should agree on: guidelines for dealing with reported problems that may require extended timeframes to resolve as well as information detailing the impact of problems on business processes, other IT configurations and service users.

“View Part I of the Service Level Management of Cloud Computing series here“

Descriptively, establishing sound SLM necessitates clear service specifications and interfaces defined with customers (Service Level Requirements (SLRs)). Furthermore, internal Operational Level Agreements (OLAs) and contracts with external suppliers will facilitate adherence to negotiated SLAs.

“View Part I of the Service Level Management of Cloud Computing series here“