The Operating System Kernel as a Secure Programmable Machine

Get BibTex-formatted data

Author

D. Engler,M.F. Kaashoek,J.W. O\'Toole Jr

Entry type

techreport

Abstract

To provide modularity and performance, operating system kernels should have only minimal embedded fucntionality. Today\'s operating systems are so large , inefficient and , most importantly, inflexible. In our view, most operating system performance and flexibility problems can be eliminated by pushing the operating system interface lower. Our goal is to put abstractions traditionally implemented by the kernel out into user-space, where user-level libraries and servers abstract the exposed hardware resources. To achieve this goal, we have define a new operating system structure, exokernel, that safely exports the resources defined by the underlying hardware. TO enable applications to benefit from full hardware functionality and performance, they are allowed to download additions to the supervisor-mode execution environment. To guarantee that these extensions are safe, techniques such as code inspection, inlined cross-domain procedure calls, and secure languages are used. To test and eveluate exokernels and their customization techniques a prototype exokernel, Aegis, is being developed.

Address

Cambridge, MA 02139

Institution

MIT Laboratory for Computer Science

Publication Date

0000-00-00

Location

A hard-copy of this is in the Papers Cabinet

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ ,
	title = "The Operating System Kernel as a Secure Programmable Machine",
	author = "D. Engler,M.F. Kaashoek,J.W. O\'Toole Jr",
	address = "Cambridge, MA 02139",
	institution = "MIT Laboratory for Computer Science",
	abstract = "To provide modularity and performance, operating system kernels should have
only minimal embedded fucntionality. Today\'s operating systems are so large
, inefficient and , most importantly, inflexible. In our view, most
operating system performance and flexibility problems can be eliminated by
pushing the operating system interface lower. Our goal is to put
abstractions traditionally implemented by the kernel out into user-space,
where user-level libraries and servers abstract the exposed hardware
resources. To achieve this goal, we have define a new operating system
structure, exokernel, that safely exports the resources defined by the
underlying hardware. TO enable applications to benefit from full hardware
functionality and performance, they are allowed to download additions to the
supervisor-mode execution environment. To guarantee that these extensions
are safe, techniques such as code inspection, inlined cross-domain procedure
calls, and secure languages are used. To test and eveluate exokernels and
their customization techniques a prototype exokernel, Aegis, is being
developed.",
}