Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Multi-OS Approach to Trusted Computer Systems

Published byAbigail Newman Modified over 6 years ago

Similar presentations

Presentation on theme: "A Multi-OS Approach to Trusted Computer Systems"— Presentation transcript:

1 A Multi-OS Approach to Trusted Computer Systems
Based on: H. Yoshiura et. al., “A Multi-OS Approach to Trusted Computer Systems”, Security Protocols, LNCS 2467, pp , 2002. Kenji Sumida COMPSCI 725 FC 2003

2 Summary Aims to find a secure system which can be implemented in the private sector Problems: Efficiency vs. Security, Cost Use two operating systems A “user” OS (insecure) and “monitoring” OS (secure) Multi-OS controller (MOC) switches from the user OS to monitoring OS when required Aims to provide “best of both worlds” Flexibility and usability of user OS, and security of monitoring OS

3 Appreciative/Critical Comments
Easy to comprehend Does not present a real world example Orange book may not be a relevant measure for private sector businesses Considers both online attacks and offline attacks Good that it considers offline attacks But makes many assumptions  (even with online attacks) We will see this in an example in the next two slides

4 An example system: implementing MAC

5 Online attacks To the example system
Attacks to the User OS Assume access requests go through the required processes Attacks to the Monitoring OS Assume it is adequately secure Attacks to the MOC Apparently under research and the paper does not expand on this further No real evidence that the system works

6 Question Is it a reasonable assumption made by the authors that all requests to the file system made by user processes are hooked by the MOC, and control passed to the Monitoring OS?

Download ppt "A Multi-OS Approach to Trusted Computer Systems"

Similar presentations

An Overview Of Virtual Machine Architectures Ross Rosemark.

An Overview Of Virtual Machine Architectures Ross Rosemark.
Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols Tom Chothia CWI.

Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols Tom Chothia CWI.
Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.

Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.
Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.

Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.
Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:

Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:
Extensibility, Safety and Performance in the SPIN Operating System Bershad et al Presentation by norm Slides shamelessly “borrowed” from Stefan Savage’s.

Extensibility, Safety and Performance in the SPIN Operating System Bershad et al Presentation by norm Slides shamelessly “borrowed” from Stefan Savage’s.
IXOS-Archive at MIT ISST, R3-Admin, CAO, ASST December 10, 2003.

IXOS-Archive at MIT ISST, R3-Admin, CAO, ASST December 10, 2003.
Privacy-Preserving Cross-Domain Network Reachability Quantification

Privacy-Preserving Cross-Domain Network Reachability Quantification
Database Security By Bei Yuan. Why do we need DB Security? Make data arranged and secret Secure other’s DB.

Database Security By Bei Yuan. Why do we need DB Security? Make data arranged and secret Secure other’s DB.
A Survey on Interfaces to Network Security

A Survey on Interfaces to Network Security
File Systems (2). Readings r Silbershatz et al: 11.8.

File Systems (2). Readings r Silbershatz et al: 11.8.
WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.
Speeding up Exponentiation using an Untrusted Computational Resource (Part 1) Author: M. Van Dijk, D. Clarke, B. Gassend, G.E. Suh and S. Devadas Source:

Speeding up Exponentiation using an Untrusted Computational Resource (Part 1) Author: M. Van Dijk, D. Clarke, B. Gassend, G.E. Suh and S. Devadas Source:
Mr C Johnston ICT Teacher www.computechedu.co.uk BTEC IT Unit 09 - Lesson 06 Peer-to-Peer VS Client-Server.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 06 Peer-to-Peer VS Client-Server.
An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński

An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński
CS 525 – Network Security Literature Reviews, LaTeX, and Starting a Proposal.

CS 525 – Network Security Literature Reviews, LaTeX, and Starting a Proposal.
October 29, 2015 The University Information Security Policy & InfoSec one year on… Tom Anstey Weatherall Institute of Molecular Medicine & InfoSec

October 29, 2015 The University Information Security Policy & InfoSec one year on… Tom Anstey Weatherall Institute of Molecular Medicine & InfoSec
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Lecture 5.2: Key Distribution: Private Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 5.2: Key Distribution: Private Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
Software Security Seminar - 1 Chapter 10. Using Algorithms 2002. 9. 25. 조미성 Applied Cryptography.

Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography.

Similar presentations

Ads by Google