Abstract
We present an operating system-level security model for controlling fine-grained programs, such as downloaded executable content, and compare this security model's implementation to that of language-based security models. Language-based security has well-known limitations, such as the lack of complete mediation (e.g., for compiled programs or race condition attacks) and faulty self-protection (effective security is unproven). Operating system-level models are capable of complete mediation and self-protection, but some researchers argue that operating system-level security models are unlikely to supplant such language-based models because they lack portability and performance. In this paper, we detail an operating system-level security model built on the Lava Nucleus, a minimal, fast μ-kernel operating system. We show how it can enforce security requirements for fine-grained programs and show that its performance overhead (with the additional security) can be virtually negligible when compared to language-based models. Given the sufficient performance and security, the portability issue should become moot because other vendors will have to meet the higher security and performance expectations of their customers.
| Original language | English (US) |
|---|---|
| State | Published - Jan 1 1998 |
| Event | 7th USENIX Security Symposium - San Antonio, United States Duration: Jan 26 1998 → Jan 29 1998 |
Conference
| Conference | 7th USENIX Security Symposium |
|---|---|
| Country/Territory | United States |
| City | San Antonio |
| Period | 1/26/98 → 1/29/98 |
All Science Journal Classification (ASJC) codes
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
- Information Systems