Introduction to security

System architecture (SA) definition

For an operating system to be a useful and convenient interface between the user and the hardware, it must provide certain basic services, such as the ability to read and write files, allocate and manage memory, make access control decisions, and so forth. These services are provided by a number of routines that collectively make up the operating system kernel. Applications invoke these routines through the use of specific system calls. Because the kernel routines exist for the purposes of supplying specific services, the operating system has an underlying structure defined by these services. This underlying structure and its design are called the system architecture. The terms system architecture and system structure are used somewhat synonymously.

Software engineers design and implement the system architecture of an operating system so that its parts work well together. System administrators, system programmers, applications programmers, and users refer to the system architecture to provide a conceptual understanding of the parts of the operating system and the relationships among them.

Sound system architecture is an important aspect of ensuring that the operating system is secure.

UnixWare is based on a philosophy of consistency and simplicity, making it easy to understand and use. UnixWare appears to the user to consist of files, which are places to store information, and processes, which manipulate information and cause it to flow from one location to another. (In security terminology, a file is an object and a process is a subject when the process is writing to or reading from a file.)

The UnixWare system embodies the following characteristics:

The UnixWare operating system must provide services to create, maintain, store, and manipulate files; services to manage the processes that use those files; and services to support other services and make them available. Accordingly, the routines within the UnixWare system architecture are structured into the following seven service subsystems:

``UnixWare system architecture'' graphically depicts the seven service areas and their interactions.

UnixWare system architecture

The solid lines delineate the edges of the seven service subsystems. The dashed lines within the seven subsystems delineate the parts of the subsystems. The arrows represent relationships between subsystems; note that the relationships are typically much more complex than depicted here, depending on the task the operating system is performing at a particular time.

This figure gives a graphic representation of the structure of the seven service subsystems within the system architecture, and it indicates that there exist only well defined and intended ways for them to interact. The remainder of this section describes the structure of these seven service areas and their interactions.

Next topic: File management
Previous topic: The kernel and system architecture

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004