Multi threading model are of three types.

Many to many model.

Many to one model.
one to one model.

Many to Many Model

In this model, we have multiple user threads multiplex to same or lesser
number of kernel level threads. Number of kernel level threads are specific
to the machine, advantage of this model is if a user thread is blocked we
can schedule others user thread to other kernel thread. Thus, System
doesn’t block if a particular thread is blocked.
img
Many to One Model
In this model, we have multiple user threads mapped to one kernel thread.
In this model when a user thread makes a blocking system call entire
process blocks. As we have only one kernel thread and only one user thread
can access kernel at a time, so multiple threads are not able access
multiprocessor at the same time.
img
One to One Model
In this model, one to one relationship between kernel and user thread. In
this model multiple thread can run on multiple processor. Problem with
this model is that creating a user thread requires the corresponding kernel
thread.

Multithreading Issues
Below we have mentioned a few issues related to multithreading. Well, it's
an old saying, All good things, come at a price.
Thread Cancellation
Thread cancellation means terminating a thread before it has finished
working. There can be two approaches for this, one is Asynchronous
cancellation, which terminates the target thread immediately. The other is
Deferred cancellation allows the target thread to periodically check if it
should be cancelled.
Signal Handling
Signals are used in UNIX systems to notify a process that a particular event
has occurred. Now in when a Multithreaded process receives a signal, to
which thread it must be delivered? It can be delivered to all, or a single
thread.
fork() System Call
fork() is a system call executed in the kernel through which a process
creates a copy of itself. Now the problem in Multithreaded process is, if one
thread forks, will the entire process be copied or not?
Security Issues
Yes, there can be security issues because of extensive sharing of resources
between multiple threads.
There are many other issues that you might face in a multithreaded
process, but there are appropriate solutions available for them. Pointing
out some issues here was just to study both sides of the coin.

POSIX Threads, usually referred to as pthreads, is an execution model that

exists independently from a language, as well as a parallel execution model.
It allows a program to control multiple different flows of work that overlap
in time. Each flow of work is referred to as a thread, and creation and
control over these flows is achieved by making calls to the POSIX Threads
API. POSIX Threads is an API defined by the standard POSIX.1c, Threads
extensions (IEEE Std 1003.1c-1995).
Light Weight: Efficient Communications/Data Exchange:
Goals of Protection
„
Operating system consists of a collection of objects, hardware or software
„
Each object has a unique name and can be accessed through a well-
defined set of operations.
z
The operations that are possible may depend on the object (read ,
write, rewind, open,...etc)
„
Protection problem - ensure that each
object is accessed correctly and only
by those processes that are allowed to do so.
„
Protection:
z
control access to a system by limiting the types of file access permitted
to users.
z
Ensure that only processes that have gained proper authorization from
the operating system can operate on memory segments, the CPU, and
other resources.
„
The O.S. provides protection mechanism
s, which are described, so that an
application designer can use them in
designing her or his own protection
software.
6
14.11
Silberschatz, Galvin and Gagne ©2005
Operating System Concepts – 7
th
Edition, Apr 11, 2005
Domain of Protection
„
A process operates within a protection domain, which
specifies the resources that the process may access.
„
Each domain defines a set of objects and the types of
operations that may be invoked on each object.
„
The ability to execute an operation on an object is an access right
A domain is a collection of access rights, each of which is an ordered pair:
<object-name, rights-set>
„
Example: If domain D has the access right:
<file F, {read, write}>,then a process executing in domain D can only read
and write file F.

http://www.just.edu.jo/~tawalbeh/nyit/csci620/slides/ch14.pdf
https://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/14_Protecti
on.html

https://www.wiley.com/college/silberschatz6e/0471417432/slides/pdf2/mo
d19.2.pdf

Security refers to providing a protection system to computer system

resources such as CPU, memory, disk, software programs and most
importantly data/information stored in the computer system. If a
computer program is run by an unauthorized user, then he/she may cause
severe damage to computer or data stored in it. So a computer system must
be protected against unauthorized access, malicious access to system
memory, viruses, worms etc. We're going to discuss following topics in this
chapter.

Authentication

Authentication refers to identifying each user of the system and

associating the executing programs with those users. It is the responsibility
of the Operating System to create a protection system which ensures that a
user who is running a particular program is authentic. Operating Systems
generally identifies/authenticates users using following three ways −

• Username / Password − User need to enter a registered username and

password with Operating system to login into the system.

• User card/key − User need to punch card in card slot, or enter key
generated by key generator in option provided by operating system
to login into the system.

• User attribute - fingerprint/ eye retina pattern/ signature − User need to

pass his/her attribute via designated input device used by operating
system to login into the system.

Program Threats

Operating system's processes and kernel do the designated task as

instructed. If a user program made these process do malicious tasks, then it
is known as Program Threats. One of the common example of program
threat is a program installed in a computer which can store and send user
credentials via network to some hacker. Following is the list of some well-
known program threats.

• Trojan Horse − Such program traps user login credentials and stores
them to send to malicious user who can later on login to computer
 and can access system resources.

• Trap Door − If a program which is designed to work as required, have a

security hole in its code and perform illegal action without
knowledge of user then it is called to have a trap door.

• Logic Bomb − Logic bomb is a situation when a program misbehaves only

when certain conditions met otherwise it works as a genuine
program. It is harder to detect.

• Virus − Virus as name suggest can replicate themselves on computer

system. They are highly dangerous and can modify/delete user files,
crash systems. A virus is generatlly a small code embedded in a
program. As user accesses the program, the virus starts getting
embedded in other files/ programs and can make system unusable
for user

System Threats

System threats refers to misuse of system services and network connections

to put user in trouble. System threats can be used to launch program
threats on a complete network called as program attack. System threats
creates such an environment that operating system resources/ user files are
misused. Following is the list of some well-known system threats.

• Worm − Worm is a process which can choked down a system

performance by using system resources to extreme levels. A Worm
process generates its multiple copies where each copy uses system
resources, prevents all other processes to get required resources.
Worms processes can even shut down an entire network.

• Port Scanning − Port scanning is a mechanism or means by which a

hacker can detects system vulnerabilities to make an attack on the
system.

• Denial of Service − Denial of service attacks normally prevents user to

make legitimate use of the system. For example, a user may not be
able to use internet if denial of service attacks browser's content
settings.

• A security policy is a statement of the security we expect the system

 to enforce
• A system can be trusted only in relation to its security policy
• that is, to the security needs the system is expected to satisfy
•

We have different standards organizations that decide and approve certain

standards. Groups like ISO, IEEE, ITU-T, FCC etc are such organization and
they release standards for machines, operation procedures, devices and
software systems.

Similarly, there is a set of standards that are made by government bodies to

describe the best security standard for a operating system. One of them is
the Common Criteria (it is usually combined with few other profiles such
as Labeled Security Protection Profile and Mandatory access control)
which is a very broad and generalized list of requirements that an
operating system must have in order to be fit to be marked as Trusted
Operating System.

There is no perfect definition for a trusted operating system other than that
it is an operating system that meet these standards. These standards may
also vary from country to country. Some countries may due to political or
technical reasons consider the standards prescribed by another group to be
insecure and may have their own standards to call an OS tursted.

Software is trusted software if we know that the code has been rigorously

developed and analyzed, giving us reason to trust that the code does what

it is expected to do and nothing more.

Certain key characteristics: Functional correctness. Enforcement of

integrity. Limited privilege:

Appropriate confidence level.

An operating system is trusted if we have confidence that it provides these

four services consistently and effectively

 Policy - every system can be described by its requirements: statements of

what the system should do and how it should do it.

Model - designers must be confident that the proposed system will meet its

requirements while protecting appropriate objects and relationships.

Design - designers choose a means to implement it.

Trust - trust in the system is rooted in two aspects:FEATURES - the

operating system has all the necessary functionality needed

to enforce the expected security policy.ASSURANCE - the operating system

has been implemented in such a way that

we have confidence it will enforce the security policy correctly and

effectively.

Secure Trusted

Either-or: Something either is or is Graded: There are degrees of

not secure. "trustworthiness."

Property of presenter Property of receiver

Asserted based on product Judged based on evidence and

characteristics analysis

Absolute: not qualified as to how Relative: viewed in context of use

used, where, when, or by whom

A goal A characteristic