Sciweavers

OSDI
2006
ACM

Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable

14 years 11 months ago
Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable
In current commodity systems, applications have no way of limiting their trust in the underlying operating system (OS), leaving them at the complete mercy of an attacker who gains control over the OS. In this work, we describe the design and implementation of Proxos, a system that allows applications to configure their trust in the OS by partitioning the system call interface into trusted and untrusted components. System call routing rules that indicate which system calls are to be handled by the untrusted commodity OS, and which are to be handled by a trusted private OS, are specified by the application developer. We find that rather than defining a new system call interface, routing system calls of an existing interface allows applications currently targeted towards commodity operating systems to isolate their most sensitive components from the commodity OS with only minor source code modifications. We have built a prototype of our system on top of the Xen Virtual Machine Monitor wi...
Richard Ta-Min, Lionel Litty, David Lie
Added 03 Dec 2009
Updated 03 Dec 2009
Type Conference
Year 2006
Where OSDI
Authors Richard Ta-Min, Lionel Litty, David Lie
Comments (0)