Layers of an Operating System
Most Operating Systems are designed as a series of layers, expanding
outward from the hardware to the application programs. This is
particularly true of multiprogramming / multiuser systems which need to
be concerned about security and protection of individual tasks from other
tasks running concurrently in the same system.
The Major Layers
- The Hardware
- The Kernel - provides system security and distribution of
shared resources such as processor time and
memory space; typically all service requests
and interrupts are dispatched through the
kernel.
- Physical Services - provides access to devices at the
physical level; for example, access to disk
space at the drive/cylender/surface/sector level
or access to a keyboard at the "scan code"
level.
- Logical Services - provides access to "logical" units of
Input/Output; for example specific records within
a file, or ASCII character codes from
"standard input".
- The Command Processor - provides a method for users to request
execution of utilities or application
programs.
- Applications Programs - designed to satisfy specific user
information processing needs which are (and
should be) quite independant of the underlying
pysical computing resources.
Access Control
Access control is typically achieved by reserving a collection of bits
within the general "Flag Register" to indicate the current "access control
level". Certain instructions are restricted so that they are only legal
if the "access control level" is at least some minimum value; otherwise
the instruction generates an "illegal operation" interrupt.
For example a 2-bit, access control level (levels 0 to 3) would
typically be assigned:
- Level 0 : the Command Processor and Application Programs
- Level 1 : Logical Services
- Level 2 : Physical Services (for example IN and OUT operations
could be restricted to level 2 or above, thus preventing
physical access to ported devices by lower level
software)
- Level 3 : the Kernel; instructions which would modify the interrupt
timer interval or the valid memory address range registers
(for example) would only legal when the access control
level was 3.
Last Updated on 16 May 2003
by Alan T. Pinck