 |
|
|
|
| HAL: hal-00310148, version 1 |
| Detailed view |  Export this paper |
|
|
| 7th CaberNet Radicals workshop, Bertinoro : Italy (2002) |
|
|
|
|
| Component isolation in the Think architecture. |
|
|
| Christophe Rippert 1, 2, 3 |
|
|
| (2002-10-13) |
|
|
|
| We present in this paper the security features of Think, an ob ject-oriented architecture dedicated to build customized operating system kernels. The Think architecture is composed of an object- oriented software framework including a trader, and a library of system abstractions programmed as components. We show how to use this architecture to build secure and efficient kernels. Policy-neutral security is achieved by providing elementary tools that can be used by the system programmer to build a system resistant to security hazards, and a security manager that uses these tools to enforce a given security policy. An example of such a secure system is given by detailing how to ensure component isolation with a elementary software-based memory isolation tool. |
|
|
|
|
|
|
|
|
|
|
|
| 1: | VERIMAG (VERIMAG - IMAG) |
|
|
|
CNRS : UMR5104 – Université Joseph Fourier - Grenoble I – Institut National Polytechnique de Grenoble - INPG |
|
|
| 2: | SARDES (INRIA Rhône-Alpes / IMAG) |
|
|
|
CNRS : FR71 – INRIA |
|
|
| 3: | POPS (INRIA Lille - Nord Europe) |
|
|
|
INRIA – CNRS : UMR8022 – Université des Sciences et Technologies de Lille - Lille I – IRCICA |
|
|
|
|
|
|
|
|
|
| Subject | : | Computer Science/Embedded Systems |
|
|
| Attached file list to this document: | |||||
|
|||||
|
|
|
| hal-00310148, version 1 | |
| http://hal.archives-ouvertes.fr/hal-00310148 | |
| oai:hal.archives-ouvertes.fr:hal-00310148 | |
| From: Christophe Rippert | |
| Submitted on: Friday, 8 August 2008 02:11:26 | |
| Updated on: Friday, 8 August 2008 18:32:59 | |
