Integrity management in GUARDS

We present an approach for the management of highly critical tasks coexisting with non-critical tasks in a single processor or multiprocessor architecture. To prevent error propagation from non-critical to critical tasks, an integrity level is assigned to groups of tasks according to their trustworthiness. Multiple levels of integrity are implemented using spatial and temporal isolation, and mediation via an integrity policy. The integrity policy defines the rules for data flow between integrity levels and resource utilisation by the tasks at different levels. Since the GUARDS project aims to provide generic solutions for a variety of application domains, the described integrity management can be implemented either in a middleware, the operating system or both. In this paper, we show a CORBA-compliant implementation of the integrity policy.

[1]  Shigeru Chiba,et al.  A metaobject protocol for C++ , 1995, OOPSLA.

[2]  Brian Randell,et al.  The newcastle connection or unixes of the world unite , 2001 .

[3]  Sushil Jajodia,et al.  Integrating an object-oriented data model with multilevel security , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[5]  Corporate Ieee,et al.  Information Technology-Portable Operating System Interface , 1990 .

[6]  Yves Deswarte,et al.  Supporting multiple levels of criticality , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[7]  Hermann Kopetz Component-based design of large distributed real-time systems , 1998 .

[8]  Ieee Standards Board System application program interface (API) (C language) , 1990 .

[9]  Jean-Charles Fabre,et al.  A Metaobject Architecture for Fault-Tolerant Distributed Systems: The FRIENDS Approach , 1998, IEEE Trans. Computers.

[10]  Daniel G. Bobrow,et al.  Book review: The Art of the MetaObject Protocol By Gregor Kiczales, Jim des Rivieres, Daniel G. and Bobrow(MIT Press, 1991) , 1991, SGAR.

[11]  Andy Wellings,et al.  TIME-RELATED DEPENDABILITY MECHANISMS IN GUARDS , 1999 .

[12]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[13]  Brian Randell,et al.  The newcastle connection or UNIXes of the world unite! , 1982, Softw. Pract. Exp..