Virtual Security Kernel: A Component-Based OS Architecture for Self-Protection

13 years 3 months ago

Download trust.csu.edu.cn

—This paper presents VSK, a lightweight adaptable OS authorization architecture suitable for self-protection of pervasive devices. A “virtual” management plane, separate from execution resources, is deﬁned for full run-time control by applications of their execution environment. This plane also performs non-invasive and yet effective authorization thanks to optimized access request checking. The VSK component-based architecture provides ﬂexibility both in the execution plane (for resource customization) and in the management plane (for run-time reconﬁguration of authorization policies). Policyneutrality is achieved by adopting the attribute-based paradigm for access control enforcement. Evaluation results show that despite such ﬂexibility, the overhead of this kernel architecture remains low.

Ruan He, Marc Lacoste, Jean Leneutre

Real-time Traffic

Authorization | IEEECIT 2010 | Information Technology | Management Plane | VSK Component-based Architecture |

claim paper

Added	26 Jan 2011
Updated	26 Jan 2011
Type	Journal
Year	2010
Where	IEEECIT
Authors	Ruan He, Marc Lacoste, Jean Leneutre

Sciweavers

Virtual Security Kernel: A Component-Based OS Architecture for Self-Protection

Authorization | IEEECIT 2010 | Information Technology | Management Plane | VSK Component-based Architecture |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers