The SPEEDOS Operating System Security
Kernel
Time: 11am Thursday 18th March
Computer Science & Software Engineering
Seminar Room 1.24
Speaker:
Klaus Espenlaub
Dept. of Computer Structures, University of Ulm
Abstract:
The SPEEDOS kernel is restricted to providing protection
and security mechanisms. All other services (including for example organisation
of the persistent distributed virtual memory) are delegated - in a secure
manner - to the application objects which need such services. However, the
operating system aspects of objects are separately programmed, and this need
not involve the application programmer. This approach offers a high degree
of flexibility, since application objects can more easily be adapted than
the kernel to special needs.
The most important security improvement over other systems
is that access controls can be freely programmed. For this purpose "bracket"
methods are used. These can be applied for example to revoke capabilities
(without the need for locating them) and to control the flow of information
in the system in such a way that the confinement problem is solved.
About the Speaker:
Klaus Espenlaub completed a B.Comp.Sc.(Hons) at the University
of Wollongong in 1996 and the equivaelnt of a Master degree in Computer Science
at the University of Ulm in 1998. He is currently working towards his Ph.D.
in Computer Science in the Department of Computer Structures, where he is
employed as a research assistant. His research interests include secure operating
systems, protection mechanisms and computer architecture. His email address
is espenlaub[at]informatik.uni-ulm.de.
