ABSTRACT
The embedded and mobile computing market with its wide range of innovations is expected to remain growing in the foreseeable future. Recent developments in the embedded computing technology offer more performance thereby facilitating applications of unprecedented utility. Open systems, such as Linux, provide access to a huge software base. Nevertheless, these systems have to coexist with critical device infrastructure that insists on stringent timing and security properties. In this paper, we will present a capability-based software architecture, featuring enforceable security policies. The architecture aims to support current and future requirements of embedded computing systems, such as running versatile third-party applications on general purpose and open operating systems side by side with security sensitive programs.
- Fiasco website. URL: http://os.inf.tu-dresden.de/fiasco/.Google Scholar
- L4 Environment website. URL: http://os.inf.tu-dresden.de/14env/.Google Scholar
- L4Linux website. URL: http://os.inf.tu-dresden.de/L4/LinuxOnL4/.Google Scholar
- M. J. Accetta, R. V. Baron, W. Bolosky, D. B. Golub, R. F. Rashid, A. Tevanian, and M. W. Young. Mach: A new kernel foundation for unix development. In USENIX Summer Conference, pages 93--113, Atlanta, GA, June 1986.Google Scholar
- J. Brakensiek, A. Dröge, H. Härtig, A. Lackorzynski, and M. Botteck. Virtualization as an enabler for security in mobile devices. In Proceedings of the First Workshop on Isolation and Integration in Embedded Systems (IIES 2008), EuroSys 2008 Affiliated Workshop, pages 17--22, Glasgow, Scotland, UK, April 2008. Google ScholarDigital Library
- A. Chou, J. Yang, B. Chelf, S. Hallem, and D. Engler. An empirical study of operating systems errors. In SOSP '01: Proceedings of the eighteenth ACM symposium on Operating systems principles, pages 73--88, New York, NY, USA, 2001. ACM. Google ScholarDigital Library
- U. Dannowski, J. LeVasseur, E. Skoglund, and V. Uhlig. L4 experimental kernel reference manual, version x.2. Technical report, University of Karlsruhe, 2004. Latest version available from: http://14hq.org/docs/manuals/.Google Scholar
- Dhammika Elkaduwe, Kevin Elphinstone and Philip Derrin. Kernel design for isolation and assurance of physical memory. In Proceedings of the First Workshop on Isolation and Integration in Embedded Systems (IIES 2008), EuroSys 2008 Affiliated Workshop, Glasgow, Scotland, UK, April 2008. Google ScholarDigital Library
- D. Elkaduwe, P. Derrin, and K. Elphinstone. Kernel data -- first class citizens of the system. In Proceedings of the 2nd International Workshop on Object Systems and Software Architectures, pages 39--43, Victor Harbor, South Australia, Australia, Jan 2006.Google Scholar
- N. Feske and H. Härtig. Demonstration of DOpE --- a Window Server for Real-Time and Embedded Systems. In 24th IEEE Real-Time Systems Symposium (RTSS), pages 74--77, Cancun, Mexico, Dec. 2003. Google ScholarDigital Library
- B. Kauer. L4.sec Implementation - Kernel Memory Managment. Master's thesis, TU Dresden, May 2005.Google Scholar
- J. Liedtke. On μ-kernel construction. In Proceedings of the 15th ACM Symposium on Operating System Principles (SOSP), pages 237--250, Copper Mountain Resort, CO, Dec. 1995. Google ScholarDigital Library
- J. Liedtke. L4 reference manual (486, Pentium, PPro). Arbeitspapiere der GMD No. 1021, GMD --- German National Research Center for Information Technology, Sankt Augustin, Sept. 1996. Also Research Report RC 20549, IBM T. J. Watson Research Center, Yorktown Heights, NY, September 1996.Google Scholar
- J. Liedtke. L4 nucleus version x reference manual (x86). Technical report, University of Karlsruhe, Sept. 1999.Google Scholar
- J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: an execution infrastructure for tcb minimization. In Eurosys '08: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, pages 315--328, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- M. S. Miller, K.-P. Yee, and J. Shapiro. Capability Myths Demolished. Technical report, 2003.Google Scholar
- J. S. Shapiro, J. M. Smith, and D. J. Farber. Eros: a fast capability system. In In Symposium on Operating Systems Principles, pages 170--185, 1999. Google ScholarDigital Library
- L. Singaravelu, C. Pu, H. Härtig, and C. Helmuth. Reducing TCB complexity for security-sensitive applications: three case studies. SIGOPS Oper. Syst. Rev., 40(4):161--174, 2006. Google ScholarDigital Library
- C. Weinhold and H. Härtig. VPFS: building a virtual private file system with a small trusted computing base. SIGOPS Oper. Syst. Rev., 42(4):81--93, 2008. Google ScholarDigital Library
Index Terms
- Taming subsystems: capabilities as universal resource access control in L4
Recommendations
HCAP: A History-Based Capability System for IoT Devices
SACMAT '18: Proceedings of the 23nd ACM on Symposium on Access Control Models and TechnologiesPermissions are highly sensitive in Internet-of-Things (IoT) applications, as IoT devices collect our personal data and control the safety of our environment. Rather than simply granting permissions, further constraints shall be imposed on permission ...
A Six-View Perspective Framework for System Security: Issues, Risks, and Requirements
To secure information systems, the security risks and requirements must be clearly understood before the proper security mechanisms can be identified and designed. Today ¢â TMs security requirement specifications are generally incomplete and narrowly ...
Virtual machines jailed: virtualization in systems with small trusted computing bases
VDTS '09: Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable SystemsThe trusted computing base of legacy applications can be reduced significantly by separating their security-critical parts into dedicated protection domains. As yet, paravirtualization has been used to host the non-secure portion. The applicability of ...
Comments