A multi-threading architecture for multilevel secure transaction processing

A TCB and security kernel architecture for supporting multi-threaded, queue-driven transaction processing applications in a multilevel secure environment is presented. Our design exploits hardware security features of the Intel 80/spl times/86 processor family. Intel's CPU architecture provides hardware with two distinct descriptor tables. We use one of these in the usual way for process isolation. For each process, the descriptor table holds the descriptors of "system-low" segments, such as code segments, used by every thread in a process. We use the second table to hold descriptors for segments known to individual threads within the process. This allocation, together with an appropriately designed scheduling policy, permits us to avoid the full cost of process creation when only switching between threads of different security classes in the same process. Where large numbers of transactions are encountered on transaction queues, this approach has benefits over traditional multilevel systems.

[1]  Philip A. Bernstein,et al.  Principles of transaction processing: for the systems professional , 1996 .

[2]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[3]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[4]  Robert Lindell,et al.  The Intel 80/spl times/86 processor architecture: pitfalls for secure systems , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[5]  Jerome H. Saltzer,et al.  The Multics kernel design project , 1977, SOSP '77.

[6]  Haruna R. Isa Utilizing hardware features for secure thread management , 1998 .

[7]  Thorsten von Eicken,et al.  技術解説 IEEE Computer , 1999 .

[8]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[9]  Ted G. Lewis Joe Sixpack, Larry Lemming, and Ralph Nader , 1998, Computer.

[10]  Oliver Costich,et al.  A practical approach to high assurance multilevel secure computing service , 1994, Tenth Annual Computer Security Applications Conference.

[11]  David A. Patterson,et al.  Computer Architecture: A Quantitative Approach , 1969 .

[12]  David P. Reed,et al.  Synchronization with eventcounts and sequencers , 1979, CACM.

[13]  Cynthia E. Irvine A multilevel file system for high assurance , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[14]  Mary Ellen Zurko,et al.  A VMM security kernel for the VAX architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Roger R. Schell,et al.  Designing the GEMSOS security kernel for security and performance , 1985 .