Title :
An Ultra-kernel Model for Dedicated Security Systems
Author :
Wang, Jing ; Xia, Luning ; Jing, Jiwu
Author_Institution :
Dept. of Electron. Eng. & Inf. Sci., Univ. of Sci. & Technol. of China, Hefei, China
Abstract :
Security, simplicity, efficiency, are three important aspects of system architecture design, especially for dedicated security systems. The legacy horizontal-layered architectures (e.g., microkernel model) suffer from lacking of many desired features, such as flexibility, security and deployability. In this paper, we propose a new kernel model with vertical architecture, called ultra-kernel model, to make kernel smaller and provide application programmers with direct hardware access. We show that this model has visible advantages over the microkernel architecture, among them, fault-code tolerance and application isolation. To test and evaluate our proposed model, we have implemented a prototype firewall system based on our ultra-kernel design in a developing environment. The ultra-kernel with message exchange contains only 870 lines of C/C++ source code. Measurements show that the performances of the prototype firewall is significantly improved, comparing with an optimized Linux system on the same hardware platform.
Keywords :
Linux; operating system kernels; security of data; dedicated security system; fault-code tolerance; firewall system; hardware platform; legacy horizontal layered architecture; message exchange; microkernel architecture; microkernel model; optimized Linux system; system architecture design; ultra kernel design; ultra kernel model; Communication system security; Computer architecture; Computer science education; Control systems; Educational technology; Guidelines; Hardware; Information security; Kernel; Prototypes; dedicated system; system architecture; ultra-kernel;
Conference_Titel :
Education Technology and Computer, 2009. ICETC '09. International Conference on
Conference_Location :
Singapore
Print_ISBN :
978-0-7695-3609-5
DOI :
10.1109/ICETC.2009.18
