1 / 17

Secure Kernel Architecture for Microkernel Operating System: Design and Implementation Guide

This comprehensive guide outlines the design and implementation of a secure microkernel operating system architecture, focusing on key subsystems such as Cryptographic, Logging, I/O, and Communication. It covers aspects like election/authentication, symmetric/asymmetric encryption, resource control, and contract management.

newman
Télécharger la présentation

Secure Kernel Architecture for Microkernel Operating System: Design and Implementation Guide

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ebola OR The Abolition of Root

  2. Ebola Equality Based Operating LAir (suggestions welcome)

  3. Traditional Security Architectture

  4. Ebola Architecture

  5. Kernel Requirements • Microkernel • Security • Flexibility • Scheduling • Reliability

  6. Subsystems • Cryptographic • Logging • I/O • Communication • Election/Authentication

  7. Cryptographic Subsystem • Symmetric • Assymetric • Threshold • Digital Signature

  8. Logging Subsystem • Local • Remote • Cached in file until full • Hashed, Encrypted, sent to random user • Receipt • Hash, UID recordedand encrypted

  9. Input/Ouput Subsystem • Mostly controls TCP Ports • Resource control • Protection from covert analysis

  10. Communication Subsystem • Interfaces • Text • Email/S-MIME • HTTPS • Presently controls Scheduling • Voting Functionality • Posts Contracts • Public Record

  11. Election Subsystem • Allocates Resources • Creates new UID's • Centerpoint for threshold keys

  12. Initial Configuration • Defines Startup Contracts • User Addition/Deletion • Resources Allocation • Initial Groups • Change Thresholds

  13. User Addition • Voted in • Private filesystem • Resource allocation(decided at initial) • Private key never exists on system. • User posseses inviolate filesystem • No UID except user allowed • Encrypted

  14. Group Creation • Control resides within communication subsystem • Group is a unique UID • Can be threshold or single user controlled • Resources allocated from users • Voting parameters

  15. Contracts • Contract resides in communication subsystem • Shell script • Signed by group

  16. Configuration Issues • De-allocation of resources • Accountability vs. Logging Privacy • Controls for system shutdown

  17. Design Issues • Reboot • Hierarchical groups • Resource alocation algorithms • Contiuity assurance • Contract "language" • Power limitation of groups • Re-Keying for user addition

More Related