Popis: |
In an environment with valuable information assets, the threat of subversion is real. Thus, systems must be built from the ground up to counter the level of sophistication and capital that is pitted against them. To build such systems, rigorous assurance criteria must be met. Currently for high assurance systems there is no publicly available example of their design and construction. The Trusted Computing Exemplar (TCX) Project is intended to make publicly available a high assurance component and its evaluation evidence. This work is to build a working prototype of selected TCX kernel functionality. The prototype is constructed and based on OSKit, and restricts information flow between memory partitions and resource accesses made by processes. Pages are statically allocated on a per-partition basis and page faults are handled by the kernel. The prototype demonstrates a least privilege-based approach to exported resource management. It uses a separation kernel with preloaded configuration data to allocate memory resources to processes. |