Security Tagging for a Zero-Kernel Operating System

Hardware-based security tagging schemes are promising mechanisms for enhancing the security of computer systems. The idea behind security tagging schemes is to attach labels to memory locations and/or registers to carry security information about the tagged data throughout the system. These tags are then used to protect system and user software from attacks and invalid information access. Researchers have also proposed using a ``zero-kernel operating system'' (ZKOS), a run-time kernel that avoids expensive context switches, by utilizing tags for access control. This paper evaluates key features of RTEMS (Real-Time Executive for Multiprocessor Systems), which is a single user multiple thread executive, and proposes a new hardware-based tagging scheme focused on securing RTEMS as a ZKOS and instantiates the tagging scheme for programs written in 'C'.

[1]  Cheng Wang,et al.  LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).

[2]  Thomas F. Knight,et al.  Trust-Management, Intrusion-Tolerance, Accountability, and Reconstitution Architecture (TIARA) , 2009 .

[3]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[4]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[5]  Shuichi Sakai,et al.  Low-Overhead Architecture for Security Tag , 2009, 2009 15th IEEE Pacific Rim International Symposium on Dependable Computing.

[6]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[7]  Jeffrey S. Fenton Memoryless Subsystems , 1974, Comput. J..

[8]  Christoforos E. Kozyrakis,et al.  Hardware Enforcement of Application Security Policies Using Tagged Memory , 2008, OSDI.

[9]  Howard Shrobe,et al.  TIARA: Trust Management, Intrusion-tolerance, Accountability, and Reconstitution Architecture , 2007 .

[10]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[11]  Susan Horwitz,et al.  Protecting C programs from attacks via invalid pointer dereferences , 2003, ESEC/FSE-11.

[12]  Christoforos E. Kozyrakis,et al.  Decoupling Dynamic Information Flow Tracking with a dedicated coprocessor , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[13]  Krste Asanovic,et al.  Mondrian memory protection , 2002, ASPLOS X.

[14]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[15]  Sandhya Dwarkadas,et al.  Sentry: light-weight auxiliary memory access control , 2010, ISCA.