The Design of a COTS Real-Time Distributed Security Kernel (Extended Version)
| Main Author: | |
|---|---|
| Publication Date: | 2001 |
| Other Authors: | , |
| Format: | Report |
| Language: | por |
| Source: | Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| Download full: | http://hdl.handle.net/10451/14241 |
Summary: | This technical report describes the design of a security kernel called TTCB, which has innovative features. Firstly, it is a distributed subsystem with its own secure network. Secondly, the TTCB is real-time, that is, a synchronous subsystem capable of timely behavior. These two characteristics together are uncommon in security kernels. Thirdly, the TTCB can be implemented using only COTS components. We discuss essentially three things in this paper: (1) The TTCB is a simple component providing a small set of basic secure services. It aims at building a new style of protocols to achieve intrusion tolerance, which for the most part execute in insecure, arbitrary failure environments, and resort to the TTCB only in crucial parts of their operation. (2) Besides, the TTCB is a synchronous device supplying functions that may be an enabler of a new generation of timed secure protocols, until now known to be fragile due to attacks on timing assumptions. (3) Finally, we present a design methodology that establishes our hybrid failure assumptions in a well-founded manner. It helps us to achieve a robust design, despite using exclusively COTS components, with the advantage of allowing the security kernel to be easily deployed on widely used platforms |
| id |
RCAP_f3d28cf60e7fa12ef0b8597eb9b6b3c2 |
|---|---|
| oai_identifier_str |
oai:repositorio.ulisboa.pt:10455/2943 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository_id_str |
https://opendoar.ac.uk/repository/7160 |
| spelling |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version)This technical report describes the design of a security kernel called TTCB, which has innovative features. Firstly, it is a distributed subsystem with its own secure network. Secondly, the TTCB is real-time, that is, a synchronous subsystem capable of timely behavior. These two characteristics together are uncommon in security kernels. Thirdly, the TTCB can be implemented using only COTS components. We discuss essentially three things in this paper: (1) The TTCB is a simple component providing a small set of basic secure services. It aims at building a new style of protocols to achieve intrusion tolerance, which for the most part execute in insecure, arbitrary failure environments, and resort to the TTCB only in crucial parts of their operation. (2) Besides, the TTCB is a synchronous device supplying functions that may be an enabler of a new generation of timed secure protocols, until now known to be fragile due to attacks on timing assumptions. (3) Finally, we present a design methodology that establishes our hybrid failure assumptions in a well-founded manner. It helps us to achieve a robust design, despite using exclusively COTS components, with the advantage of allowing the security kernel to be easily deployed on widely used platformsDepartment of Informatics, University of LisbonRepositório da Universidade de LisboaCorreia, MiguelVeríssimo, PauloNeves, Nuno Ferreira2009-02-10T13:11:46Z2001-122001-12-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/reportapplication/pdfhttp://hdl.handle.net/10451/14241porinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-03-17T13:12:57Zoai:repositorio.ulisboa.pt:10455/2943Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T02:37:38.173786Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse |
| dc.title.none.fl_str_mv |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| title |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| spellingShingle |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) Correia, Miguel |
| title_short |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| title_full |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| title_fullStr |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| title_full_unstemmed |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| title_sort |
The Design of a COTS Real-Time Distributed Security Kernel (Extended Version) |
| author |
Correia, Miguel |
| author_facet |
Correia, Miguel Veríssimo, Paulo Neves, Nuno Ferreira |
| author_role |
author |
| author2 |
Veríssimo, Paulo Neves, Nuno Ferreira |
| author2_role |
author author |
| dc.contributor.none.fl_str_mv |
Repositório da Universidade de Lisboa |
| dc.contributor.author.fl_str_mv |
Correia, Miguel Veríssimo, Paulo Neves, Nuno Ferreira |
| description |
This technical report describes the design of a security kernel called TTCB, which has innovative features. Firstly, it is a distributed subsystem with its own secure network. Secondly, the TTCB is real-time, that is, a synchronous subsystem capable of timely behavior. These two characteristics together are uncommon in security kernels. Thirdly, the TTCB can be implemented using only COTS components. We discuss essentially three things in this paper: (1) The TTCB is a simple component providing a small set of basic secure services. It aims at building a new style of protocols to achieve intrusion tolerance, which for the most part execute in insecure, arbitrary failure environments, and resort to the TTCB only in crucial parts of their operation. (2) Besides, the TTCB is a synchronous device supplying functions that may be an enabler of a new generation of timed secure protocols, until now known to be fragile due to attacks on timing assumptions. (3) Finally, we present a design methodology that establishes our hybrid failure assumptions in a well-founded manner. It helps us to achieve a robust design, despite using exclusively COTS components, with the advantage of allowing the security kernel to be easily deployed on widely used platforms |
| publishDate |
2001 |
| dc.date.none.fl_str_mv |
2001-12 2001-12-01T00:00:00Z 2009-02-10T13:11:46Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/report |
| format |
report |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10451/14241 |
| url |
http://hdl.handle.net/10451/14241 |
| dc.language.iso.fl_str_mv |
por |
| language |
por |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
Department of Informatics, University of Lisbon |
| publisher.none.fl_str_mv |
Department of Informatics, University of Lisbon |
| dc.source.none.fl_str_mv |
reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia instacron:RCAAP |
| instname_str |
FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| collection |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository.name.fl_str_mv |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| repository.mail.fl_str_mv |
info@rcaap.pt |
| _version_ |
1833601432259919872 |