Removing the Dynamic Linker from the Security Kernel of a Computing Utility
MASSACHUSETTS INST OF TECH CAMBRIDGE PROJECT MAC
Pagination or Media Count:
In order to enforce the security of the information stored in a computing utility, it is necessary to certify the correctness of the protection mechanism. Certification requires that the security kernel of the system be much smaller and simpler than the supervisor of present general purpose operating systems. The report explores one aspect of simplifying the kernel of a system by designing a dynamic linker that runs outside the kernel domain. The linker is designed to run in any user domain of the computing utility. It is shown that it never needs the privileges of the security kernel to properly operate. In particular the thesis demonstrates the ability of the linker to link modules together across domain boundaries, without violating the protection of either domain involved in the operation.
- Computer Programming and Software
- Computer Hardware
- Computer Systems
- Computer Systems Management and Standards