Unix File Management System

Implementing an effective file access or protection scheme system for users in an organization is a critical step for the protection of files and their uses. With an effective file access or protection scheme, one is able to minimize the number of users who have access, thereby increasing security. Without the use of a file access or protection scheme, file accuracy and information may suffer as a result of unauthorized users. This paper addresses how one might implement a protection scheme using UNIX to support file access for 4990 users in an organization of 5000.

UNIX File Management System

Implementing a system to support file access for 4990 of 5000 users can be done with the UNIX operating system; however, in order to implement this type of protection scheme, it is important to understand file management within the UNIX operating system. UNIX operating systems are designed on a file access control scheme. This is done so that each user is given a user ID and password to log into the system. Every user that is assigned is given an access name and group name by the systems administrator into. Each given group name is allowed or denied access to each file name.

For the given requirement, I would use a file permission scheme which allows for setting up all 4990 accounts with access to files and directories in a UNIX operating system using the three sets of file permissions to determine how the file may be accessed, and by whom. The owner permissions will specify the account that is responsible for the file, the group permissions for those who may access, the user permissions, and file and permissions that apply to all other accounts. Each set may have none or one of the following permissions i.e. read, write or execute on the item. The ten users of the 5000 without access would have no permissions. A user may only run a program file if they belong to a set that has executed permission. For directories, the execute permission indicates that users in the relevant set may see the files within it, but cannot actually read, write or execute a file unless permissions of that file permit it.

Each group ID would have assigned privileges according to the groups they are placed under by administration. An example would be staff01 has permission to read, write, and execute files, which is assigned under the administrative team, whereas, staff2 group would be possibly limited to or may only be able to read, and write to the file. Staff3 would only be able to read the file, and staff4 will not have any privileges

...