Advertisement

Expanding RTEMS to a Multiuser System by Using Security Tags

  • Jia SongEmail author
  • Jim Alves-Foss
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 589)

Abstract

This paper discusses a research project that develops enhanced security protections for operating systems running on security enhanced microprocessors. Security tagging schemes are promising mechanisms for enhancing the security of computer systems. The idea of tagging schemes is to attach metadata tags to memory and registers to carry information about the data being tagged. This paper summarizes the features of these new microprocessors and discusses the use of these features in the design of enhanced operating system security for an exemplary real time operating system.

References

  1. 1.
    Burroughs Corporation, Detroit 32, Michigan. The Operational Characteristics of the Processors for the Burroughs B5000, revision a, 5000–21005 edn. (1962)Google Scholar
  2. 2.
    Dalton, M., Kannan, H., Kozyrakis, C.: Raksha: a flexible information flow architecture for software security. In: Proceedings of the 34th Annual International Symposium on Computer Architecture, vol. 35, pp. 482–493, May 2007Google Scholar
  3. 3.
    Fenton, J.S.: Memoryless subsystems. Comput. J. 17(2), 143–147 (1974)CrossRefMathSciNetzbMATHGoogle Scholar
  4. 4.
    Kannan, H., Dalton, M., Kozyrakis, C.: Decoupling dynamic information flow tracking with a dedicated coprocessor. In: Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 105–114. IEEE, Estoril, Lisbon, Portugal (2009)Google Scholar
  5. 5.
    On-Line Applications Research Corporation. RTEMS C User’s Guide, edition 4.10.1, for rtems 4.10.1 edn., July 2011Google Scholar
  6. 6.
    Qin, F., Wang, C., Li, Z., Kim, H.-S., Zhou, Y., Wu, Y.: LIFT: a low-overhead practical information flow tracking system for detecting security attacks. In: Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO-39 2006), pp. 135–148. IEEE Computer Society (2006)Google Scholar
  7. 7.
    Shioya, R., Kim, D., Horio, K., Goshima, M., Sakai, S.: Low-overhead architecture for security tag. In: Proceedings of the 15th IEEE Pacific Rim International Symposium on Dependable Computing, pp. 135–142. IEEE Computer Society, Shanghai, China (2009)Google Scholar
  8. 8.
    Shriraman, A., Dwarkadas, S.: Sentry: light-weight auxiliary memory access control. In: Proceedings of the 37th International Symposium on Computer Architecture (37th ISCA’10), pp. 407–418. ACM SIGARCH, Saint-Malo, France, June 2010Google Scholar
  9. 9.
    Shrobe, H., DeHon, A., Knight, T.: Trust-management, intrusion tolerance, accountability, and reconstitution architecture (TIARA). Technical report, AFRL Technical Report AFRL-RI-RS-TR-2009-271, December 2009Google Scholar
  10. 10.
    Song, J.: Development and evaluation of a security tagging scheme for a real-time zero operating system kernel. Master thesis, University of Idaho, May 2012Google Scholar
  11. 11.
    Song, J., Alves-Foss, J.: Security tagging for a zero-kernel operating system. In: Proceedings of the 46th Hawaii International Conference on System Sciences (HICSS), pp. 5049–5058, Wailea, HI, USA, January 2013Google Scholar
  12. 12.
    Suh, G.E., Lee, J.W., Zhang, D., Devadas, S.: Secure program execution via dynamic information flow tracking. In: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 85–96, Boston, MA, USA, November 2004Google Scholar
  13. 13.
    Witchel, E., Cates, J., Asanovic, K.: Mondrian memory protection. In: Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 304–316 (2002)Google Scholar
  14. 14.
    Yong, S.H., Horwitz, S.: Protecting C programs from attacks via invalid pointer dereferences. In: Proceedings of the 11th ACM SIGSOFT Symposium on Foundations of Software Engineering 2003 held jointly with 9th European Software Engineering Conference. ACM, pp. 307–316, Helsinki, Finland, September 2003Google Scholar
  15. 15.
    Zeldovich, N., Kannan, H., Dalton, M., Kozyrakis, C.: Hardware enforcement of application security policies using tagged memory. In: Draves, R., van Renesse, R. (eds.) Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation, pp. 225–240. USENIX Association, San Diego (2008)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.University of IdahoMoscowUSA

Personalised recommendations