Security Tagging for a Zero-Kernel Operating System

Hardware-based security tagging schemes are promising mechanisms for enhancing the security of computer systems. The idea behind security tagging schemes is to attach labels to memory locations and/or registers to carry security information about the tagged data throughout the system. These tags are then used to protect system and user software from attacks and invalid information access. Researchers have also proposed using a ``zero-kernel operating system´´ (ZKOS), a run-time kernel that avoids expensive context switches, by utilizing tags for access control. This paper evaluates key features of RTEMS (Real-Time Executive for Multiprocessor Systems), which is a single user multiple thread executive, and proposes a new hardware-based tagging scheme focused on securing RTEMS as a ZKOS and instantiates the tagging scheme for programs written in ´C´.