Title :
Countering IPC Threats in Multiserver Operating Systems (A Fundamental Requirement for Dependability)
Author :
Herder, Jorrit N. ; Bos, Herbert ; Gras, Ben ; Homburg, Philip ; Tanenbaum, Andrew S.
Author_Institution :
FEW/CS, VU Univ. Amsterdam, Amsterdam, Netherlands
Abstract :
Multiserver operating systems have great potential to improve dependability, but, paradoxically, are paired with inherently more complex interprocess communication (IPC). Several projects have attempted to run drivers and extensions in isolated protection domains, but a systematic way to deal with IPC threats posed by untrusted parties is not yet available in the literature. IPC is fundamental to the dependability of multiserver systems.In this paper, we present a classification of IPC threats in multiserver systems with unreliable and hostile senders and receivers, such as resource exhaustion, spoofing, and unauthorized access. We also introduce an extended asymmetric trust model, describing two new IPC vulnerabilities relating to caller blockage. Based on our classification of IPC threats we present the IPC defense mechanisms and architecture of MINIX 3.
Keywords :
authorisation; computer debugging; operating systems (computers); pattern classification; MINIX 3 architecture; buggy component; caller blockage; extended asymmetric trust model; hostile receiver; hostile sender; interprocess communication threat classification; isolated protection domain; multiserver operating system dependability; Computer bugs; Debugging; Entropy; File servers; File systems; Kernel; Linux; Operating systems; Protection; Runtime; Classification of IPC Threats; Dependable IPC Architecture; Multiserver Operating Systems;
Conference_Titel :
Dependable Computing, 2008. PRDC '08. 14th IEEE Pacific Rim International Symposium on
Conference_Location :
Taipei
Print_ISBN :
978-0-7695-3448-0
Electronic_ISBN :
978-0-7695-3448-0
DOI :
10.1109/PRDC.2008.25
