Issues in kernel design
Considerable activity recently has been devoted to the design and development of operating system kernels, as part of efforts to provide much more reliably secure systems than heretofore available. The resulting kernel architectures differ substantially from more traditional systems of similar function and, in particular, appear superior with respect to reliability, simplicity, and security.
Understanding of the intrinsic characteristics of kernel architectures, including design principles, costs and values, is just now being developed. This paper considers these issues in general, as well as in the context of specific systems.
KeywordsSecurity Policy Reliable Software User Process Timing Channel Kernel Code
Unable to display preview. Download preview PDF.
- Belady, L. and C. Weissman "Experiments with Secure Resource Sharing for Virtual Machines", Proceedings of IRIA International Workshop on Protection in Operating Systems, Rocquencourt, France, August 13–14, 1974, pp 27–34.Google Scholar
- Brinch Hansen, P. Operating System Principles, Prentice Hall 1973, 366 pp.Google Scholar
- Gaines, R. S. and C. Sunshine, "A Secure NCP for Kernel Based Systems", RAND Internal memo, 1976.Google Scholar
- Janson, P. A., "Removing the Dynamic Linker from the Security Kernel of a Computing Utility", MIT, Masters Thesis, June 1974, MAC TR-132, 128 pp.Google Scholar
- Kampe, M., C. Kline, G. Popek, E. Walton, "The UCLA Data Secure Unix Operating System", UCLA Technical Report, 9/76.Google Scholar
- Lampson, B., "A Note on the Confinement Problem", Communications of the ACM, Vol. 16, No. 10, October 1973, pp 613–615.Google Scholar
- Lampson, B. W. and H. Sturgis, "Reflections on an Operating System Design", Communications of the ACM, 1976.Google Scholar
- Millen, J. K., "Security Kernel Validation in Practice", Communications of the ACM, 1976.Google Scholar
- Popek, G. and C. Kline, "Verifiable Secure Operating System Architectures", Proceedings of 1974 NCC, pp 145–151.Google Scholar
- Popek, G., "Protection Structures", IEEE Computer, June 1974, pp 22–33.Google Scholar
- Popek, G. and C. Kline "A Verifiable Protection System", Proceedings of the International Conference on Reliable Software, May 1975, Los Angeles, California.Google Scholar
- Popek G., and C. Kline, "The UCLA Secure Unix Design", Internal memo, unpublished.Google Scholar
- Ritchie, D. and K. Thompson, "The Unix Timesharing System" Communications of the ACM, Vol. 17, No. 7, July 1974, pp 365–375.Google Scholar
- Robinson, et.al., "On Attaining Reliable Software for a Secure Operating System", 1975 International Conference on Reliable Software, April 21–23, 1975, Los Angeles, California.Google Scholar
- Saltzer, J. H. and M. Schroeder, "The Protection of Information in Computer Systems", Proceedings of the IEEE, Vol. 63, No. 9, September 1975, pp 1278–1306.Google Scholar
- Saltzer, G. Private communication, 1976.Google Scholar
- Schell, R., private communication, 1974.Google Scholar
- Wulf, W., et.al., "HYDRA: The Kernel of a Multiprocessor Operating System", Communications of the ACM, Vol. 17, No. 6,June 1974, pp 337–345.Google Scholar