Skip to main content
SpringerLink
Log in

Die PERSEUS Systemarchitektur

  • Chapter
Verlässliche IT-Systeme 2001

Part of the book series: DuD-Fachbeiträge ((DUD))

Zusammenfassung

Sichere Anwendungen sind ohne ein sicheres Betriebssystem unmöglich. Wir zeigen auf, wie bestehende Sicherheitsmechanismen wie kryptographische Protokolle oder Smartcards umgangen werden können und präsentieren eine Systemarchitektur für eine allgemeine Sicherheitsplattform, die es Nutzern ermöglicht, ihre vorhandenen Anwendungen bequem weiterzubenutzen. Das Design enthält alle nötigen Dienste, um auch sichere Softwareinstallationen durch den Endbenutzer durchführen zu lassen. Um eine verbreitete Applikationsschnittstelle zur Verfügung zu stellen, arbeitet das Perseus System als Host, der als eine Clientapplikation ein existierendes Betriebssystem (Client OS) ausführt. Da das Client OS alle nicht sicherheitskritischen Aufgaben übernimmt, können wir den Sicherheitskern klein und überschaubar halten und legen damit den Grundstein für eine spätere Evaluation nach den Common Criteria oder ITSEC.

Zum Schluss werden ein allgemeines Design und ein bestehender Prototyp des Perseus Systems vorgestellt. Er basiert auf dem L4 Mikrokern-Interface und führt Linux als Client OS aus.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literatur

  1. J. Adams: The Future of War. In World Markets Research Centre (ed.): Business Briefing: Global Info Security. London 2000, S. 19–24.

    Google Scholar 

  2. W.A. Arbaugh, D. J. Farber, J. M. Smith: A Secure and Reliable Bootstrap Architecture. In Proceedings of the IEEE Symposium on Security and Privacy, 1997, S. 65–71.

    Google Scholar 

  3. Baur, Plasa, Kejwal, Drexel, Reif, Stephan, Wolpers, Hutter, Sengler und Canver: The Verification Support Environment VSE. In IFA Symposium on Safety, Security and Reliability of Computers 1992.

    Google Scholar 

  4. Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, David Becker, Marc Fiuczynski, Craig Chambers und Susan Eggers: Extensibility, safety and performance in the SPIN operating system. Proceedings of the 15th ACM Symposium on Operating System Principles (SOSP-15), 1996, S. 267–284.

    Google Scholar 

  5. P. C. Clark: BITS: A Smartcard Protected Operating System. PhD thesis, George Washington University, 1994.

    Google Scholar 

  6. Judy Crow, Sam Owre, John Rushby, Natarajan Shankar und Mandayam Srivas: A tutorial introduction to PUS. Workshop on Industrial-Strength Formal Specification Techniques (WIFT’95) 1995.

    Google Scholar 

  7. F. J. Corbato und V. A. Vyssotsky: Introduction and overview of the Multics system, Joint Computer Conference 1965.

    Google Scholar 

  8. Lester J. Fraim: Scomp: A Solution to the Multilivel Security Problem. IEEE Computer 16:7 1983, S.26–34.

    Article  Google Scholar 

  9. M. Gasser: Building a Secure Operating System Van Nostrand Reinold Company 1988.

    Google Scholar 

  10. Alain Gefflaut, Trent Jaeger, Yoonho Park, Jochen Liedke, Kevin J. Elphistone, Volkmar Uhlig, Jonathon E. Tidswell, Luke Deller und Lars Reuter: The SawMill multiverver approach ACM SIGOPS European Woorkshop 2000.

    Google Scholar 

  11. Hermann Härtig, Michael Hohmuth und Jean Wolter: Taming Linux Proc. 5th Australian Conference on Parallel and Real-Time Systems (PART) 1998.

    Google Scholar 

  12. Michael Hohmuth: Linux Emulation auf einem Mikrokern Diplomarbeit Dresden University of Technology 1996.

    Google Scholar 

  13. Michael Hohmuth: The Fiasco kernel, requirements definition Technical Report ISSN 1430–211X, Dresden University of Technology 1998.

    Google Scholar 

  14. Hermann Härtig, O. Kowalski und W. E. Kühnhauser: The Birlix Security Architecture Journal of Computer Security 2:1 1993 S. 5–21.

    Google Scholar 

  15. Christian Jacobi und Daniel Kröning: Proving the correctness of a complete microprocessor Proceedings of the 30. Jahrestagung der Gesellschaft für Informatik 2000.

    Google Scholar 

  16. T. Jaeger, A. Prakash, J. Liedke und N. Islam: Flexible control of downloaded executable content ACM Transactions on Information and System Security 1999 S. 177–228.

    Google Scholar 

  17. Trent Jaeger, Kevin Elphinstone, Jochen Liedke, Vsevolod Panteleenko and Yoonho Park: Flexible access control using IPC redirection IEEE HotOS 1999.

    Google Scholar 

  18. Jochen Liedke: Clans and Chiefs 12. GI/ITG Fachtagung 1992.

    Google Scholar 

  19. Jochen Liedke: L4 Reference Manual GMD/IBM Watson Technical Report 1996.

    Google Scholar 

  20. Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner and John F. Farrel: The inevitability of failure: The flawed assumption of security in modern computer environments Technical Report National Security Agency 1998.

    Google Scholar 

  21. Common Criteria Sponsoring Organisation: Common Criteria for Information Technology Security Evaluation 1999.

    Google Scholar 

  22. Amon Ott: Rule Set Based Access Control as proposed in the “Generalized Framework for Access Control” approach in Linux Master’s thesis University Hamburg 1997.

    Google Scholar 

  23. Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter und Michael Waidner: Trusting mobile user devices and security modules IEEE Computer 30(2) 1997 S. 61–68.

    Article  Google Scholar 

  24. Jonathan S. Shapiro und Samuel Weber: Verifying the EROS confinement mechanism Proceedings of the IEEE Symposium on Research in Security and Privacy 2000 S. 166–176.

    Google Scholar 

  25. Jonathan Strauss Shapiro: EROS: A Capability System PhD thesis University of Pensylvania 1999.

    Google Scholar 

  26. Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, David Andersen und Jay Lepreau: The Flask security architecture: System support for diverse security policies Proceedings of the 8th USENIX Security Sympositum 1999 S. 123–139.

    Google Scholar 

  27. Christian Stöble: Development of a prototype of a security platform for mobile devices Master’s thesis University of Dortmund 2000.

    Google Scholar 

  28. Hendrik Tews: Case study in coalgebraic specification: Memory management in the Fiasco microkernel Technical Report TPG2/1/2000 Dresden University of Technology 2000.

    Google Scholar 

  29. Patrick Tullmann, Jeff Turner, John McCorquodale, Jay Lepreau, Ajay Chitturi und Godmar Back: Formal methods: A procatical tool for OS implementors Proceedings of the 6th IEEE Workshop on Hot Topics in Operating Systems 1997.

    Google Scholar 

  30. J. D. Tygar und Alma Whitten: WWW electronic commerce and Java trojan horses 2nd USENIX Workshop on Electronic Commerce 1996 S. 243–250.

    Google Scholar 

  31. W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson und F. Pollack: Hydra: The kernel of a microprocessor operating system Communications of the ACM 17:6 1974 S. 337–345.

    Article  Google Scholar 

  32. B. Yee: Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Universität des Saarlandes, Deutschland

    Birgit Pfitzmann & Christian Stüble

  2. IBM Zurich Research Laboratory, Deutschland

    James Riordan & Michael Waidner

  3. Forschungszentrum Karlsruhe, Deutschland

    Arnd Weber

Authors
  1. Birgit Pfitzmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. James Riordan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christian Stüble
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michael Waidner
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Arnd Weber
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Dirk Fox Marit Köhntopp Andreas Pfitzmann

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer Fachmedien Wiesbaden

About this chapter

Cite this chapter

Pfitzmann, B., Riordan, J., Stüble, C., Waidner, M., Weber, A. (2001). Die PERSEUS Systemarchitektur. In: Fox, D., Köhntopp, M., Pfitzmann, A. (eds) Verlässliche IT-Systeme 2001. DuD-Fachbeiträge. Vieweg+Teubner Verlag, Wiesbaden. https://doi.org/10.1007/978-3-663-05918-9_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-663-05918-9_1

  • Publisher Name: Vieweg+Teubner Verlag, Wiesbaden

  • Print ISBN: 978-3-663-05919-6

  • Online ISBN: 978-3-663-05918-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation