Lightweight kernel isolation with virtualization and VM functions
Commodity operating systems execute core kernel subsystems in a single address space
along with hundreds of dynamically loaded extensions and device drivers. Lack of isolation …
along with hundreds of dynamically loaded extensions and device drivers. Lack of isolation …
{LXDs}: Towards isolation of kernel subsystems
V Narayanan, A Balasubramanian… - 2019 USENIX Annual …, 2019 - usenix.org
Modern operating systems are monolithic. Today, however, lack of isolation is one of the
main factors undermining security of the kernel. Inherent complexity of the kernel code and …
main factors undermining security of the kernel. Inherent complexity of the kernel code and …
Understanding the overheads of hardware and language-based ipc mechanisms
A recent surge of security attacks has triggered a renewed interest in hardware support for
isolation. Extended page table switching with VMFUNC, memory protection keys (MPK), and …
isolation. Extended page table switching with VMFUNC, memory protection keys (MPK), and …
Methods, systems, and apparatus for object invocation across protection domain boundaries
BH Kelley, KS Urquhart, R Chandrasekhar… - US Patent …, 2012 - Google Patents
Methods, apparatus, Systems, and computer program prod ucts for invoking remote process
calls and facilitating inter process communications in a protected memory system employ a …
calls and facilitating inter process communications in a protected memory system employ a …
[PDF][PDF] Building a dependable operating system: fault tolerance in MINIX 3
JN Herder - 2010 - research.vu.nl
This thesis marks the end of a remarkable period in my life for which I am indebted to many
people. First and foremost, I would like to thank my mentors, Andy Tanenbaum and Herbert …
people. First and foremost, I would like to thank my mentors, Andy Tanenbaum and Herbert …
A type system for high performance communication and computation
The manner in which data is represented, accessed and transmitted has an affect upon the
efficiency of any computing system. In the domain of high performance computing, traditional …
efficiency of any computing system. In the domain of high performance computing, traditional …
[图书][B] Simplifying cyber foraging
RK Balan - 2006 - search.proquest.com
The rapid proliferation of mobile handheld computing devices, such as cellphones and
PDAs, has led to an unfortunate conflict. On one hand, we have light mobile computing …
PDAs, has led to an unfortunate conflict. On one hand, we have light mobile computing …
A case study on the cost and benefit of dynamic RPC marshalling for low-level system components
N Feske - ACM SIGOPS Operating Systems Review, 2007 - dl.acm.org
Interface definition languages are omnipresent in microkernel-based operating systems for
providing a time-tested solution for realizing communication between user-level …
providing a time-tested solution for realizing communication between user-level …
[PDF][PDF] Security considerations of commodity x86 virtualization
S Vaarala - Helsinki University of Technology, Telecommunications …, 2006 - Citeseer
We present a literature survey of commodity x86 hardware virtualization. We also consider
virtualization security from two viewpoints: we first develop a security model for virtualization …
virtualization security from two viewpoints: we first develop a security model for virtualization …
Components+ security= OS extensibility
A Edwards, G Heiser - Proceedings 6th Australasian Computer …, 2001 - ieeexplore.ieee.org
Component-based programming systems have shown themselves to be a natural way of
constructing extensible software. Well-defined interfaces, encapsulation, late binding and …
constructing extensible software. Well-defined interfaces, encapsulation, late binding and …