Expanding RTEMS to a Multiuser System by Using Security Tags

Song, Jia; Alves-Foss, Jim

doi:10.1007/978-3-319-28313-5_1

Expanding RTEMS to a Multiuser System by Using Security Tags

Jia Song²⁰ &
Jim Alves-Foss²⁰

Conference paper
First Online: 08 January 2016

891 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 589))

Abstract

This paper discusses a research project that develops enhanced security protections for operating systems running on security enhanced microprocessors. Security tagging schemes are promising mechanisms for enhancing the security of computer systems. The idea of tagging schemes is to attach metadata tags to memory and registers to carry information about the data being tagged. This paper summarizes the features of these new microprocessors and discusses the use of these features in the design of enhanced operating system security for an exemplary real time operating system.

This is a preview of subscription content, log in via an institution.

References

Burroughs Corporation, Detroit 32, Michigan. The Operational Characteristics of the Processors for the Burroughs B5000, revision a, 5000–21005 edn. (1962)
Google Scholar
Dalton, M., Kannan, H., Kozyrakis, C.: Raksha: a flexible information flow architecture for software security. In: Proceedings of the 34th Annual International Symposium on Computer Architecture, vol. 35, pp. 482–493, May 2007
Google Scholar
Fenton, J.S.: Memoryless subsystems. Comput. J. 17(2), 143–147 (1974)
Article MathSciNet MATH Google Scholar
Kannan, H., Dalton, M., Kozyrakis, C.: Decoupling dynamic information flow tracking with a dedicated coprocessor. In: Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 105–114. IEEE, Estoril, Lisbon, Portugal (2009)
Google Scholar
On-Line Applications Research Corporation. RTEMS C User’s Guide, edition 4.10.1, for rtems 4.10.1 edn., July 2011
Google Scholar
Qin, F., Wang, C., Li, Z., Kim, H.-S., Zhou, Y., Wu, Y.: LIFT: a low-overhead practical information flow tracking system for detecting security attacks. In: Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO-39 2006), pp. 135–148. IEEE Computer Society (2006)
Google Scholar
Shioya, R., Kim, D., Horio, K., Goshima, M., Sakai, S.: Low-overhead architecture for security tag. In: Proceedings of the 15th IEEE Pacific Rim International Symposium on Dependable Computing, pp. 135–142. IEEE Computer Society, Shanghai, China (2009)
Google Scholar
Shriraman, A., Dwarkadas, S.: Sentry: light-weight auxiliary memory access control. In: Proceedings of the 37th International Symposium on Computer Architecture (37th ISCA’10), pp. 407–418. ACM SIGARCH, Saint-Malo, France, June 2010
Google Scholar
Shrobe, H., DeHon, A., Knight, T.: Trust-management, intrusion tolerance, accountability, and reconstitution architecture (TIARA). Technical report, AFRL Technical Report AFRL-RI-RS-TR-2009-271, December 2009
Google Scholar
Song, J.: Development and evaluation of a security tagging scheme for a real-time zero operating system kernel. Master thesis, University of Idaho, May 2012
Google Scholar
Song, J., Alves-Foss, J.: Security tagging for a zero-kernel operating system. In: Proceedings of the 46th Hawaii International Conference on System Sciences (HICSS), pp. 5049–5058, Wailea, HI, USA, January 2013
Google Scholar
Suh, G.E., Lee, J.W., Zhang, D., Devadas, S.: Secure program execution via dynamic information flow tracking. In: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 85–96, Boston, MA, USA, November 2004
Google Scholar
Witchel, E., Cates, J., Asanovic, K.: Mondrian memory protection. In: Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 304–316 (2002)
Google Scholar
Yong, S.H., Horwitz, S.: Protecting C programs from attacks via invalid pointer dereferences. In: Proceedings of the 11th ACM SIGSOFT Symposium on Foundations of Software Engineering 2003 held jointly with 9th European Software Engineering Conference. ACM, pp. 307–316, Helsinki, Finland, September 2003
Google Scholar
Zeldovich, N., Kannan, H., Dalton, M., Kozyrakis, C.: Hardware enforcement of application security policies using tagged memory. In: Draves, R., van Renesse, R. (eds.) Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation, pp. 225–240. USENIX Association, San Diego (2008)
Google Scholar

Download references

Author information

Authors and Affiliations

University of Idaho, Moscow, ID, 83844, USA
Jia Song & Jim Alves-Foss

Authors

Jia Song
View author publications
You can also search for this author in PubMed Google Scholar
Jim Alves-Foss
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jia Song .

Editor information

Editors and Affiliations

University of Idaho, Moscow, ID, USA
Kristin Haltinner
University of Idaho, Moscow, ID, USA
Dilshani Sarathchandra
University of Idaho, Moscow, ID, USA
Jim Alves-Foss
University of Idaho, Moscow, ID, USA
Kevin Chang
University of Idaho, Moscow, ID, USA
Daniel Conte de Leon
University of Idaho, Moscow, ID, USA
Jia Song

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Song, J., Alves-Foss, J. (2016). Expanding RTEMS to a Multiuser System by Using Security Tags. In: Haltinner, K., Sarathchandra, D., Alves-Foss, J., Chang, K., Conte de Leon, D., Song, J. (eds) Cyber Security. CSS 2015. Communications in Computer and Information Science, vol 589. Springer, Cham. https://doi.org/10.1007/978-3-319-28313-5_1

Download citation

DOI: https://doi.org/10.1007/978-3-319-28313-5_1
Published: 08 January 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-28312-8
Online ISBN: 978-3-319-28313-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics