1 / 12

Can We Make Operating Systems Reliable and Secure?

Can We Make Operating Systems Reliable and Secure?. Andrew S. Tanenbaum , Jorrit N. Herder, and Herbert Bos Vrije Universiteit , Amsterdam May 2006. Group 36 9962224 胡 品 捷 9962230 江彥勳. Outline. Introduction Armored Operating Systems L4 Microkernel

evelyn
Download Presentation

Can We Make Operating Systems Reliable and Secure?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Can We Make Operating Systems Reliable and Secure? Andrew S. Tanenbaum, Jorrit N. Herder, and Herbert Bos VrijeUniversiteit, Amsterdam May 2006 Group 36 9962224胡品捷 9962230 江彥勳

  2. Outline • Introduction • Armored Operating Systems • L4Microkernel • Multiserver Operating Systems • Language-Based Protection • Conclusion

  3. Why we need more reliable and secure? • Most computer users are “normal people” • Less problem • More Convenient and Stable

  4. Unreliable 2.5 million lines of code 5 million lines of code • Huge • Poor fault isolation • Example :6-16 bugs / 1,000 lines of executable code2-75bugs / 1,000 lines of executable code 15000 bugs totally 30000 bugs totally

  5. Fault isolation ⇧ • Virus • Worm Kernel

  6. Armored Operating Systems • Nooks – improve the reliability of OSFocus on making device divers less dangerous • Goals: • Protect the kernel against driver failures. • Recover automatically when a driver fails. • Do all of this with as few changes as possible to existing drivers and the kernel.

  7. Isolation • Main tool : virtual memory paging map Page 1 Page 2 Driver Running Page 3 Page 4 Read-only

  8. Paravirtual Machines • Allow two or more OS • Good fault isolation • Problems can’t spread from one machine to another

  9. L4Microkernel • University ofKarlsruhe • Linux -> L4 Linux Linux -> modify -> Paravirtualization

  10. Multiserver Operating Systems • Multiserver architecture • FeaturesSeparate instruction and data spaces

  11. Language-Based Protection • New protectsystem - Singularity • New type safe language – Sing#Based on C# • Proction : Algol compiler’s “dangerous” code • Idea : Microsoft Research

  12. Conclusion • Nooks – each driver individually wrapped in software jacket • Paravirtual machine – moves the drivers to one or more machines distinct from the main one • Multiserver – runs each driver and OS component in a separate process • Singularity – uses a type-safe language

More Related