Sciweavers

PRDC
2008
IEEE

Countering IPC Threats in Multiserver Operating Systems (A Fundamental Requirement for Dependability)

13 years 10 months ago
Countering IPC Threats in Multiserver Operating Systems (A Fundamental Requirement for Dependability)
Multiserver operating systems have great potential to improve dependability, but, paradoxically, are paired with inherently more complex interprocess communication (IPC). Several projects have attempted to run drivers and extensions in isolated protection domains, but a systematic way to deal with IPC threats posed by untrusted parties is not yet available in the literature. IPC is fundamental to the dependability of multiserver systems. In this paper, we present a classification of IPC threats in multiserver systems with unreliable and hostile senders and receivers, such as resource exhaustion, spoofing, and unauthorized access. We also introduce an extended asymmetric trust model, describing two new IPC vulnerabilities relating to caller blockage. Based on our classification of IPC threats we present the IPC defense mechanisms and architecture of MINIX 3.
Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Ho
Added 01 Jun 2010
Updated 01 Jun 2010
Type Conference
Year 2008
Where PRDC
Authors Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Homburg, Andrew S. Tanenbaum
Comments (0)