Countering IPC Threats in Multiserver Operating Systems (A Fundamental Requirement for Dependability)
| Autor: | Ben Gras, Herbert Bos, Philip Homburg, Andrew S. Tanenbaum, Jorrit N. Herder |
|---|---|
| Rok vydání: | 2008 |
| Předmět: |
Spoofing attack
business.industry Computer science Authorization 020206 networking & telecommunications 020207 software engineering 02 engineering and technology Computer security computer.software_genre Inter-process communication Resource (project management) Server 0202 electrical engineering electronic engineering information engineering Operating system Dependability business computer Computer network |
| Zdroj: | PRDC |
| Popis: | Multiserver operating systems have great potential to improve dependability, but, paradoxically, are paired with inherently more complex interprocess communication (IPC). Several projects have attempted to run drivers and extensions in isolated protection domains, but a systematic way to deal with IPC threats posed by untrusted parties is not yet available in the literature. IPC is fundamental to the dependability of multiserver systems.In this paper, we present a classification of IPC threats in multiserver systems with unreliable and hostile senders and receivers, such as resource exhaustion, spoofing, and unauthorized access. We also introduce an extended asymmetric trust model, describing two new IPC vulnerabilities relating to caller blockage. Based on our classification of IPC threats we present the IPC defense mechanisms and architecture of MINIX 3. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|