Supporting the Secure Halting of User Sessions and Processes in the Linux Operating System
NAVAL POSTGRADUATE SCHOOL MONTEREY CA DEPT OF COMPUTER SCIENCE
Pagination or Media Count:
One feature of a multi-level operating system is a requirement to manage multiple, simultaneous user-sessions at different levels of security. This session management is performed through a trusted path between the user and operating system. Critical to this functionality is the operating systems ability to temporarily halt dormant sessions, thereby ensuring their inability to perform any actions within the system. Only when a session must be reactivated are its processes returned to a runnable state. This thesis presents an approach for adding this secure halting functionality to the Linux operating system. A detailed design for modifying the Linux kernel, the core of the operating system, is given. A new module, allowing an entire session to be halted and woken up, is designed. A new process state, the secure halt state, is added. Additionally, the kernels scheduling manager is modified to properly manage processes in the secure halt state. The research has led to the implementation of the design as a proof of concept. This research is meant to be used in combination with other efforts to enhance the security of the Linux operating system.
- Computer Programming and Software
- Computer Systems Management and Standards