Presentation is loading. Please wait.

Presentation is loading. Please wait.

Can We Make Operating Systems Reliable and Secure? Andrew S. Tanenbaum, Jorrit N. Herder, and Herbert Bos Vrije Universiteit, Amsterdam May 2006 Group.

Published byJuniper Fleming Modified over 8 years ago

Similar presentations

Presentation on theme: "Can We Make Operating Systems Reliable and Secure? Andrew S. Tanenbaum, Jorrit N. Herder, and Herbert Bos Vrije Universiteit, Amsterdam May 2006 Group."— Presentation transcript:

1 Can We Make Operating Systems Reliable and Secure? Andrew S. Tanenbaum, Jorrit N. Herder, and Herbert Bos Vrije Universiteit, Amsterdam May 2006 Group 36 9962224 胡品捷 9962230 江彥勳 1

2 Outline  Introduction  Armored Operating Systems  L4 Microkernel  Multiserver Operating Systems  Language-Based Protection  Conclusion 2

3 Why we need more reliable and secure?  Most computer users are “normal people”  Less problem  More Convenient and Stable 3

4 Unreliable  Huge  Poor fault isolation  Example : 6-16 bugs / 1,000 lines of executable code 2-75 bugs / 1,000 lines of executable code Linux kernel Windows xp kernel 2.5 million lines of code 5 million lines of code Linux kernel Windows xp kernel 15000 bugs totally 30000 bugs totally 4

5 Fault isolation Procedure 1 Procedure 2 Procedure n Kernel Virus Worm ⇧ 5

6 Armored Operating Systems  Nooks – improve the reliability of OS Focus on making device divers less dangerous Goals: Protect the kernel against driver failures. Recover automatically when a driver fails. Do all of this with as few changes as possible to existing drivers and the kernel. 6

7 Isolation  Main tool : virtual memory paging map 7 Driver Running Page 1 Page 2 Page 3 Page 4 Read-only

8 Paravirtual Machines  Allow two or more OS  Good fault isolation  Problems can’t spread from one machine to another 8

9 L4 Microkernel  University of Karlsruhe  Linux -> L 4 Linux  9 Linux -> modify -> Paravirtualization

10 Multiserver Operating Systems  Multiserver architecture 10  Features Separate instruction and data spaces

11 Language-Based Protection  New protect system - Singularity  New type safe language – Sing# Based on C#  Proction : Algol compiler’s “dangerous” code  Idea : Microsoft Research 11

12 Conclusion  Nooks – each driver individually wrapped in software jacket  Paravirtual machine – moves the drivers to one or more machines distinct from the main one  Multiserver – runs each driver and OS component in a separate process  Singularity – uses a type-safe language 12

Download ppt "Can We Make Operating Systems Reliable and Secure? Andrew S. Tanenbaum, Jorrit N. Herder, and Herbert Bos Vrije Universiteit, Amsterdam May 2006 Group."

Similar presentations

Nooks: Safe Device Drivers with Lightweight Kernel Protection Domains Mike Swift, Steve Martin Hank Levy, Susan Eggers, Brian Bershad University of Washington.

Nooks: Safe Device Drivers with Lightweight Kernel Protection Domains Mike Swift, Steve Martin Hank Levy, Susan Eggers, Brian Bershad University of Washington.
Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines J. LeVasseur V. Uhlig J. Stoess S. G¨otz University of Karlsruhe,

Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines J. LeVasseur V. Uhlig J. Stoess S. G¨otz University of Karlsruhe,
Threads, SMP, and Microkernels

Threads, SMP, and Microkernels
Windows XP Operating Systems  COSC513 Operating Systems  Mr. Nut Prommongkonkun  Student ID # 125474.

Windows XP Operating Systems  COSC513 Operating Systems  Mr. Nut Prommongkonkun  Student ID #
EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,

EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,
Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,

Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,
Linux vs. Windows. Linux  Linux was originally built by Linus Torvalds at the University of Helsinki in 1991.  Linux is a Unix-like, Kernal-based, fully.

Linux vs. Windows. Linux  Linux was originally built by Linus Torvalds at the University of Helsinki in  Linux is a Unix-like, Kernal-based, fully.
Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-

Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-
Extensibility, Safety and Performance in the SPIN Operating System Department of Computer Science and Engineering, University of Washington Brian N. Bershad,

Extensibility, Safety and Performance in the SPIN Operating System Department of Computer Science and Engineering, University of Washington Brian N. Bershad,
Nooks: an architecture for safe device drivers Mike Swift, The Wild and Crazy Guy, Hank Levy and Susan Eggers.

Nooks: an architecture for safe device drivers Mike Swift, The Wild and Crazy Guy, Hank Levy and Susan Eggers.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
Introduction Operating Systems’ Concepts and Structure Lecture 1 ~ Spring, 2008 ~ Spring, 2008TUCN. Operating Systems. Lecture 1.

Introduction Operating Systems’ Concepts and Structure Lecture 1 ~ Spring, 2008 ~ Spring, 2008TUCN. Operating Systems. Lecture 1.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.

A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
Operating System Support for Virtual Machines Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan.

Operating System Support for Virtual Machines Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan.
Dr. José M. Reyes Álamo 1.  Course website  Syllabus posted.

Dr. José M. Reyes Álamo 1.  Course website  Syllabus posted.
E Virtual Machines Lecture 4 Device Virtualization

E Virtual Machines Lecture 4 Device Virtualization
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?

Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?
Tanenbaum 8.3 See references

Tanenbaum 8.3 See references
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Similar presentations

Ads by Google