FU Berlin, Fachbereich Mathematik und Informatik, Institut für Informatik
SPEEDOS: An Experimental Operating System
Prof. Dr. Leslie Keedy, Universität Ulm
SPEEDOS (Secure Persistent Execution Environment for Distributed Object Systems) is a new operating system project which has recently started at
the University of Ulm. The main aim of SPEEDOS is to provide an operating system which is capable of supporting powerful security and
software engineering features. The concepts are in principle simple (but difficult to implement on conventional hardware).
Memory management is based on the concept of a persistent paged virtual memory (i.e. without a separate file system). A single distributed
persistent virtual memory is shared by all SPEEDOS systems, which can be networked world-wide using paging over the Internet.
The kernel supports a single information-hiding structure for all the major system and user software resources in a system (e.g.
programs, subroutines libraries, files (!) and operating system modules). These
resources, known as "modules", are protected by means of module capabilities, which identify all SPEEDOS modules uniquely in the
distributed persistent memory and include access rights based on the semantic operations of the modules.
Processes are persistent (i.e. they exist even while a user is logged out). These are efficient and convenient for users and they create an
environment which allows users easily to authenticate themselves using their own authentication algorithms rather than relying on a central
vulnerable system usch as password checking.
A particularly novel and interesting feature of the kernel is dynamic support for "bracket routines". This new technique provides a
general mechanism for allowing a module to be bracketed by user written code. This can be used for many purposes (e.g. synchronisation) but in
the SPEEDOS context its main purpose is to support rule-based security checks. This allows the basic capability based system to be extended for
example by capability revocation lists, access control lists and any
other rule based model, such as Bell-LaPadula.
Finally an unusual use of the Pentium hardware together with bracket routines and/or capabilities allows the confinement problem(s) to be
solved in a simple and elegant manner.
[ home ] [ search ] [ up ] | webmaster@inf.fu-berlin.de |