Spelling suggestions: "subject:"betriebssysteme"" "subject:"betriebssystemen""
1 |
Spring: Sun's neuer Kern fuer objektorientierte, verteilte AnwendungenSchoeniger, Frank 16 September 1996 (has links)
In dieser Arbeit werden die neuen objektorientierten
Mechanismen von Sun's neuem Kern ¨Spring¨ vorgestellt. Hier
wurden erstmals die Standards der OMG (Object Managment
Group) umgesetzt. An einem kleinen Beispiel wird das
Programmieren unter Spring erlaeutert.
|
2 |
Ein Ansatz zur Systematisierung von Systemaufrufen als Grundlage zur Erstellung sicherer Profile für containerisierte ProzesseKreyßig, Bruno 26 September 2023 (has links)
Die zunehmende Relevanz containerisierter Infrastrukturen erhöht die Notwendigkeit einer
tiefgründigeren Beschäftigung mit den Sicherheitsmechanismen der zugrundeliegenden Betriebssysteme.
Systemaufrufe, als Schnittstelle zwischen Nutzerprozessen und privilegierten
Operationen des Kernels, sind ein idealer Ausgangspunkt, um Angriffe und deren Auswirkungen
einzuschränken.
Bisherige Arbeiten beschäftigten sich mit Methoden zur statischen oder testbasierten, dynamischen
Extraktion von Systemaufrufen aus Container Images. Beide Ansätze kommen mit
Einschränkungen bezüglich ihrer Vollständigkeit.
In dieser Arbeit wirdein neuer Ansatz zur Erstellung von dedizierten Seccomp-Profilen evaluiert.
Grundlegend können bestimmte Systemaufrufe auf die potenzielle Verwendung anderer
Systemaufrufe hindeuten. Folglich würde die Erarbeitung einer Systematisierungsstruktur
den Testaufwand zur Generierung von sicheren Profilen reduzieren, indem über Gruppen
dieser Struktur weitere Systemaufrufe zugelassen werden.
Es wurde untersucht, inwiefern eine solche Systematisierungsstruktur, basierend auf funktionalen
Kriterien, geeignet ist. Eine dementsprechende Zerlegung des Kernels hat gleichzeitig
einen operativen Nutzen zur verbesserten Kontextualisierung von Ereignismeldungen und
der kritischen Analyse des bestehenden Default Seccomp Profiles für Docker.
Die erarbeiteten Methoden zur Erzeugung und Bewertung des hier vorgestellten Ansatzes
lassen sich auf andere Systematisierungen von Systemaufrufen anwenden. Somit ließ sich experimentell
auch nachweisen, dass die gewählte funktionale Gruppierung von Systemaufrufen
nicht für die Extrapolation weiterer Systemaufrufe geeignet ist.
Dennoch leiten sich aus dieser Erkenntnis Implikationen zur Konzeption einer adäquaten
Systematisierungsstruktur ab.:1 Einleitung und Intension
1.1 Problembeschreibung
1.2 Zielstellung
1.3 Verwandte Arbeiten
2 Stand der Wissenschaft
2.1 Systemaufrufe
2.1.1 Spezifka der x86-64-Architektur
2.1.2 Arten von Systemaufrufen
2.2 Gefährdungen uneingeschränkter Systemaufrufnutzung
2.2.1 Kritische Systemaufrufe
2.2.2 Selten genutzte Systemaufrufe
2.3 Secure Computing Mode
2.4 Zwischenfazit
3 Systematisierungsansatz
3.1 Funktionale Gruppierung
3.2 Labeling kritischer und ungewöhnlicher Systemaufrufe
4 Praktische Evaluierung
4.1 Versuchsaufbau
4.2 Methodik der Beobachtung
4.3 Ergebnis
5 Zusammenfassung
Literatur
Abbildungsverzeichnis
Tabellenverzeichnis
Aufistungsverzeichnis
A Anhang
|
3 |
Provable Protection of Confidential Data in Microkernel-Based SystemsVölp, Marcus 30 March 2011 (has links) (PDF)
Although modern computer systems process increasing amounts of sensitive, private, and valuable information, most of today’s operating systems (OSs) fail to protect confidential data against unauthorized disclosure over covert channels. Securing the large code bases of these OSs and checking the secured code for the absence of covert channels would come at enormous costs. Microkernels significantly reduce the necessarily trusted code. However, cost-efficient,
provable confidential-data protection in microkernel-based systems is still challenging.
This thesis makes two central contributions to the provable protection of confidential data against disclosure over covert channels:
• A budget-enforcing, fixed-priority scheduler that provably eliminates covert
timing channels in open microkernel-based systems; and
• A sound control-flow-sensitive security type system for low-level operating-system code.
To prevent scheduling-related timing channels, the proposed scheduler treats possibly leaking, blocked threads as if they were runnable. When it selects such a thread, it runs a higher classified budget consumer.
A characterization of budget-consumer time as a blocking term makes it possible to reuse a large class of existing admission tests to determine whether the proposed scheduler can meet the real-time guarantees of all threads we envisage to run. Compared to contemporary information-flow-secure schedulers, significantly more real-time threads can be admitted for the proposed scheduler.
The role of the proposed security type system is to prove those system components free of security policy violating information flows that simultaneously operate on behalf of differently classified clients. In an open microkernel-based system, these are the microkernel and the necessarily trusted multilevel servers.
To reduce the complexity of the security type system, C++ operating-system code is translated into a corresponding Toy program, which in turn is complemented with calls to Toy procedures describing the side effects of interactions with the underlying hardware. Toy is a non-deterministic intermediate programming language, which I have designed specifically for this purpose. A universal lattice for shared-memory programs enables the type system to check the resulting Toy code for potentially harmful information flows, even if the security policy of the system is not known at the time of the analysis.
I demonstrate the feasibility of the proposed analysis in three case studies: a virtual-memory access, L4 inter-process communication and a secure buffer cache. In addition, I prove Osvik’s countermeasure effective against AES cache side-channel attacks. To my best knowledge, this is the first security-type-system-based proof of such a countermeasure. The ability of a security type system to tolerate temporary breaches of confidentiality in lock-protected shared-memory regions turned out to be fundamental for this proof.
|
4 |
Improving System Security Through TCB ReductionKauer, Bernhard 16 April 2015 (has links) (PDF)
The OS (operating system) is the primary target of todays attacks. A single exploitable defect can be sufficient to break the security of the system and give fully control over all the software on the machine. Because current operating systems are too large to be defect free, the best approach to improve the system security is to reduce their code to more manageable levels. This work shows how the security-critical part of the OS, the so called TCB (Trusted Computing Base), can be reduced from millions to less than hundred thousand lines of code to achieve these security goals. Shrinking the software stack by more than an order of magnitude is an open challenge since no single technique can currently achieve this.
We therefore followed a holistic approach and improved the design as well as implementation of several system layers starting with a new OS called NOVA. NOVA provides a small TCB for both newly written applications but also for legacy code running inside virtual machines. Virtualization is thereby the key technique to ensure that compatibility requirements will not increase the minimal TCB of our system. The main contribution of this work is to show how the virtual machine monitor for NOVA was implemented with significantly less lines of code without affecting the performance of its guest OS. To reduce the overall TCB of our system, other parts had to be improved as well. Additional contributions are the simplification of the OS debugging interface, the reduction of the boot stack and a new programming language called B1 that can be more easily compiled.
|
5 |
Untersuchung der Online-Videoübertragung unter Windows NT über Dual-Video-SystemeFiebig, Matthias 20 October 2017 (has links)
Im Laufe der letzten Jahre haben sich die Anwendungsbereiche von Computern immer stärker erweitert. Am Anfang der Entwicklung stand die Verwendung als reine Rechenmaschine im Vordergrund. In der weiteren Entwicklung erfolgte die Verwendung vornehmlich als Eingabe- und Verwaltungsgerät für umfangreiche Datenmengen bzw. zur Prozeßsteuerung. Seit Anfang der 90er Jahre nimmt jedoch die Nutzung als Kommunikations- und Informationsgerät stark zu. In diesem Zusammenhang hat sich auch die Präsentation der vom Computer verarbeiteten Daten stark gewandelt. Statt alphanumerischen
Textausgaben werden heute die Daten häufig aufwendig grafisch aufbereitet und dargestellt. Diese Entwicklung ist in erster Linie durch die gesteigerte Leistungsfähigkeit der Hard- und Software (Prozessoren, Speicher, Netze, Betriebssysteme usw.) möglich geworden. Aufgrund dieser Steigerung sind heute handelsübliche Computer in der Lage, Datenmengen zu verarbeiten, die bisher nur Spezialmaschinen
vorbehalten waren. Dazu zählen unter anderem Videodaten in einer Qualität, wie sie von Videorecordern aufgezeichnet werden.
|
6 |
Spring: Sun's neuer Kern fuer objektorientierte, verteilte AnwendungenSchoeniger, Frank 16 September 1996 (has links)
In dieser Arbeit werden die neuen objektorientierten
Mechanismen von Sun's neuem Kern ¨Spring¨ vorgestellt. Hier
wurden erstmals die Standards der OMG (Object Managment
Group) umgesetzt. An einem kleinen Beispiel wird das
Programmieren unter Spring erlaeutert.
|
7 |
Implementierung von Datenbanksystemen 2Rahm, Erhard 01 November 2018 (has links)
No description available.
|
8 |
Proceedings of the 9th Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS '10)January 2010 (has links)
Aspect-oriented programming, component models, and design patterns are modern and actively evolving techniques for improving the modularization of complex software. In particular, these techniques hold great promise for the development of "systems infrastructure" software, e.g., application servers, middleware, virtual machines, compilers, operating systems, and other software that provides general services for higher-level applications. The developers of infrastructure software are faced with increasing demands from application programmers needing higher-level support for application development. Meeting these demands requires careful use of software modularization techniques, since infrastructural concerns are notoriously hard to modularize.
Aspects, components, and patterns provide very different means to deal with infrastructure software, but despite their differences, they have much in common. For instance, component models try to free the developer from the need to deal directly with services like security or transactions. These are primary examples of crosscutting concerns, and modularizing such concerns are the main target of aspect-oriented languages. Similarly, design patterns like Visitor and Interceptor facilitate the clean modularization of otherwise tangled concerns.
Building on the ACP4IS meetings at AOSD 2002-2009, this workshop aims to provide a highly interactive forum for researchers and developers to discuss the application of and relationships between aspects, components, and patterns within modern infrastructure software. The goal is to put aspects, components, and patterns into a common reference frame and to build connections between the software engineering and systems communities.
|
9 |
PrefaceJanuary 2010 (has links)
Aspect-oriented programming, component models, and design patterns are modern and actively evolving techniques for improving the modularization of complex software. In particular, these techniques hold great promise for the development of "systems infrastructure" software, e.g., application servers, middleware, virtual machines, compilers, operating systems, and other software that provides general services for higher-level applications. The developers of infrastructure software are faced with increasing demands from application programmers needing higher-level support for application development. Meeting these demands requires careful use of software modularization techniques, since infrastructural concerns are notoriously hard to modularize.
Aspects, components, and patterns provide very different means to deal with infrastructure software, but despite their differences, they have much in common. For instance, component models try to free the developer from the need to deal directly with services like security or transactions. These are primary examples of crosscutting concerns, and modularizing such concerns are the main target of aspect-oriented languages. Similarly, design patterns like Visitor and Interceptor facilitate the clean modularization of otherwise tangled concerns.
Building on the ACP4IS meetings at AOSD 2002-2009, this workshop aims to provide a highly interactive forum for researchers and developers to discuss the application of and relationships between aspects, components, and patterns within modern infrastructure software. The goal is to put aspects, components, and patterns into a common reference frame and to build connections between the software engineering and systems communities.
|
10 |
Secure Virtualization of Latency-Constrained SystemsLackorzynski, Adam 16 April 2015 (has links) (PDF)
Virtualization is a mature technology in server and desktop environments where multiple systems are consolidate onto a single physical hardware platform, increasing the utilization of todays multi-core systems as well as saving resources such as energy, space and costs compared to multiple single systems. Looking at embedded environments reveals that many systems use multiple separate computing systems inside, including requirements for real-time and isolation properties. For example, modern high-comfort cars use up to a hundred embedded computing systems. Consolidating such diverse configurations promises to save resources such as energy and weight.
In my work I propose a secure software architecture that allows consolidating multiple embedded software systems with timing constraints. The base of the architecture builds a microkernel-based operating system that supports a variety of different virtualization approaches through a generic interface, supporting hardware-assisted virtualization and paravirtualization as well as multiple architectures. Studying guest systems with latency constraints with regards to virtualization showed that standard techniques such as high-frequency time-slicing are not a viable approach.
Generally, guest systems are a combination of best-effort and real-time work and thus form a mixed-criticality system. Further analysis showed that such systems need to export relevant internal scheduling information to the hypervisor to support multiple guests with latency constraints. I propose a mechanism to export those relevant events that is secure, flexible, has good performance and is easy to use. The thesis concludes with an evaluation covering the virtualization approach on the ARM and x86 architectures and two guest operating systems, Linux and FreeRTOS, as well as evaluating the export mechanism.
|
Page generated in 0.0499 seconds