Prev Next

Multiprogramming and Time-sharing Security Issues

            As we define multiprogramming and time-sharing system individually it results to: Multiprogramming is a rudimentary form of parallel processing in which several programs are run at the same time on a uniprocessor. Since there is only one processor, it can’t be true that there is a simultaneous execution of different programs, but instead the operating system executes part of one program then part of another and so on. That’s why it appears to the user that all programs are executing at the same time. 
            On other hand, time-sharing system is an interactive (or hands-on) computer system that provides direct communication between the user and the system. It allows many users to share the computer simultaneously. Since each action or command in a time-shared system tends to be short, only a little CPU time is needed for each user.
            So, in a multiprogramming and time-sharing environment, several users share the system simultaneously. This situation can result in various security problems. Two of these problems are: 

Copying or Stealing one’s programs or data 

         Today, everyone depend their daily task mostly on computers. They do research; accounting; programs; create, print, delete , and search files; spend their leisure time through gaming and other activities that make computers the major requirements to attain these. In this case, in a multiprogramming and time-sharing environment where several users share the system simultaneously, there will be no assurance that each files, programs and data of each user will have the privacy or be restricted to other users especially when the user does not know how to make his files unexposed to other user. Two good examples of this situation are: when using Team Viewer or the built-in Remote Desktop Service (formerly Terminal Service). Both of them are used in the same way but differ on how they will execute. For instance the Remote Desktop Service, you can specify how many users can connect to your computer and also you can specify their limitations. Then when the user is now connected to your computer, he has the freedom on whatever he will do to your computer, whether he will create, delete or search for files. And worst, can copy and steal confidential information and data and transfer it to his computer. It is an illegal transfer of electronic data. This is possible because in a multiprogramming and time-sharing environment, you can run programs at the same time while doing a specific task. In general speaking, it is a multi-tasking activity. 

Using system resources (CPU, memory, disk space, peripherals) with improper accounting 

                When there are several users using the system simultaneously, it cannot be guaranteed that there will be a specific amount of space or limitations in using system resources. As the time goes by, each user occupies a number of bytes of memory and disk space, and an amount of programs process by the CPU and the amount of time that peripherals are being use. And as the time increases, the system resources will proportionally increase their capability and production. In this case, a great possibility that there will be a shortage in memory and disk  space most especially when it is not use with proper accounting or allocation. When this happens, all users sharing and connected to the system will now be interrupted and worst it will make their programs crashed and their paper works and the likes will not be save. But then there are solutions to ease this scenario. A good example is through virtualization which can make hosting of multiple virtualized environments within a single OS instance possible (VMware software is an example). 

      Now after the two problems discussed, can we ensure the same degree of security in a time-share machine as we have in a dedicated machine? 

      Probably not, why? We cannot ensure the same degree of security in a time-share machine as we have in a dedicated machine because time-share machine allows programs to run at the same time and allows many users to use it simultaneously. In this case, the degree of security is less compared to the security in a dedicated machine. Time-share machine has many programs to execute with and its focus has been divided to the numbers of programs as well as to the number of users using it. On the other hand, dedicated machine focuses for a specific task and programs to be executed and for this, this machine has the higher control compared to time-share in implementing policies regarding users’ accessibility and control to implement the degree of security. In general, any protection scheme devised by humans are expected to be broken also by humans, and as the more complex the scheme is, the more difficult to correct its implementation.