Operating System Protection Domains
نویسنده
چکیده
One of an operating system's duties is to provide a trustful security architecture to protect user information from threats coming from all aspects the information world. Trojan horses, viruses, and other threats are all aimed at users' personal information. Therefore, the concept of access control has been introduced to system security area years ago. Typically, it guaranties that only processes with proper authorization are allowed to access certain system resources. Access control has become the foundation of system security architecture.
منابع مشابه
The structure of a type safe operating system
The architecture of traditional operating systems relies on address-based memory protection. To achieve flexibility at a low cost operating system research has recently started to explore alternative protection mechanisms, such as type safety. This dissertation presents an operating system architecture that completely replaces address-based protection with type-based protection. Replacing such ...
متن کاملThe Role of IPC in the Component-Based Operating System JX
In currently used operating systems hardware support is used to ensure the memory protection. The communication between protection domains is obviously slower than simple method invocations. Robust component-based services need a flexible system design and fast communication mechanism between different units of protection. We describe the Java operating system JX that uses the type safety of th...
متن کاملProtection in the BirliX Operating System
The user interface level and implementation level protection mechanisms of the BirliX operating system are described and motivated. In BirliX, subject restriction and object protection are provided as complementary mechanisms to enforce security policies by building small domains of protection. Traceability is provided as basis for tracing back violations of policies t o answerable humans.
متن کاملSimple Memory Protection for Embedded Operating System Kernels
This work describes the design and implementation of memory protection in the Roadrunner operating system. The design is portable between various CPUs that provide page-level protection using Memory-Management Unit (MMU) hardware. The approach overlays protection domains on regions of physical memory that are in use by application processes and the operating system kernel. An analysis of code s...
متن کاملThe Pebble Component-Based Operating System
Pebble is a new operating system designed with the goals of flexibility, safety, and performance. Its architecture combines a set of features heretofore not found in a single system, including (a) a minimal privileged mode nucleus, responsible for switching between protection domains, (b) implementation of all system services by replaceable user-level components with minimal privileges (includi...
متن کاملUSENIX Association Proceedings of the 9 th USENIX Security Symposium
The JavaTM Virtual Machine is viewed by many as inherently insecure despite all the efforts to improve its security. In this paper we take a different approach to Java security and describe the design and implementation of a system that provides operating system style protection for Java code. We use hardware protection domains to separate Java classes, provide access control on cross domain me...
متن کامل