Store architecture in a persistant operating system / David Hulse.

Hulse, David, 1971-

January 1998

Bibliography: leaves 207-214. / viii, 214 leaves : ill. ; 30 cm. / Title page, contents and abstract only. The complete thesis in print form is available from the University Library. / Thesis (Ph.D.)--University of Adelaide, Dept. of Computer Science, 1998

Operating systems (Computers)

Execution objects : flexible composition and efficient interaction /

Yu, Wing-ka.

January 1996

Thesis (M. Phil.)--University of Hong Kong, 1996. / Includes bibliographical references.

Operating systems (Computers)

Improving operating systems security two case studies /

Wei, Jinpeng.

January 2009

Thesis (Ph.D)--Computing, Georgia Institute of Technology, 2010. / Committee Chair: Pu, Calton; Committee Member: Ahamad, Mustaque; Committee Member: Blough, Douglas; Committee Member: Giffin, Jonathon; Committee Member: Li, Kang. Part of the SMARTech Electronic Thesis and Dissertation Collection.

Operating systems (Computers)

Operating system support for quality of service

Hyden, Eoin A.

January 1900

Thesis (Ph. D.)--University of Cambridge, 1994. / Cover title. "June 1994." Includes bibliographical references.

Operating systems (Computers)

A method for adaptive performance improvement of operating systems

Reiner, David Stephen.

January 1980

Thesis (Ph. D.)--University of Wisconsin--Madison, 1980. / Typescript. Vita. eContent provider-neutral record in process. Description based on print version record. Bibliography: leaves 162-176.

Operating systems (Computers)

An alternative peripheral executive for the data general AOS/VS operating system

Tennant, Robert Satchwell

January 1990

No description available.

Operating systems (Computers)

Computers

A study of real-time operating systems for microcomputers

Wells, George Clifford

January 1990

This thesis describes the evaluation of four operating systems for microcomputers. The emphasis of the study is on the suitability of the operating systems for use in real-time applications, such as process control. The evaluation was performed in two sections. The first section was a quantitative assessment of the performance of the real-time features of the operating system. This was performed using benchmarks. The criteria for the benchmarks and their design are discussed. The second section was a qualitative assessment of the suitability of the operating systems for the development and implementation of real-time systems. This was assessed through the implementation of a small simulation of a manufacturing process and its associated control system. The simulation was designed using the Ward and Mellor real-time design method which was extended to handle the special case of a real-time simulation. The operating systems which were selected for the study covered a spectrum from general purpose operating systems to small, specialised real-time operating systems. From the quantitative assessment it emerged that QNX (from Quantum Software Systems) had the best overall performance. Qualitatively, UNIX was found to offer the best system development environment, but it does not have the performance and the characteristics required for real-time applications. This suggests that versions of UNIX that are adapted for real-time applications are worth careful consideration for use both as development systems and implementation systems.

Operating systems (Computers)

Microcomputers

On secure, dynamic customizing of a meta-space-based operating system

Horie, Michael

30 October 2017

Continuing advances in hardware and in software applications are pushing traditional operating systems beyond their limits. This is largely due to the fact that these advances, and their associated requirements, were not foreseen at operating system design time. This becomes particularly apparent with multimedia applications, whose demands for guaranteed quality of service differ considerably from those of most traditional applications. To ensure that many future requirements will be met, along with many existing demands, one solution is to allow applications to customize their operating system throughout its life-time. However, opening up an operating system to application-initiated changes can compromise the integrity of the system, suggesting the need for a security model. Like any other aspect of a customizable system, such a security model should be securely customizable, too. Therefore, this dissertation introduces MetaOS, a securely- and dynamically-customizable operating system which has a securely- and dynamically-customizable security model. MetaOS employs four types of building blocks: meta-levels, meta-spaces, meta-objects, and meta-interfaces. Meta-levels localize customizable system services. Meta-spaces act as firewalls which prevent custom alterations from affecting unrelated meta-spaces and their applications. Meta-objects help to modularize meta-spaces into smaller, easier-to-maintain components. Finally, meta-interfaces provide the heart of the secure customizing model. MetaOS meta-interfaces are strictly divided into declarative and imperative interfaces, providing a basis on which to distinguish between calls which only affect the invoking application (i.e., local-effect calls), and calls which could affect other applications as well (i.e., meta-space-wide-effect calls). By giving free access to the former, but limiting access to the latter, a basic balance between flexibility and security can be struck. Additional flexibility is achieved by allowing new local and meta-space-wide-effect calls to be added dynamically, by permitting untrusted applications to negotiate changes with trusted meta-space managers, and by allowing untrusted applications to migrate to cloned meta-spaces and alter them as necessary. / Graduate

Operating systems (Computers)

A real-time microprocessor-based laboratory system /

Shizgal, Irvin.

January 1982

No description available.

Operating systems (Computers)

Linux Kernel Module Continuous Address Space Re-Randomization

Nadeem, Muhammad Hassan

28 February 2020

Address space layout randomization (ASLR) is a technique employed to prevent exploitation of memory corruption vulnerabilities in user-space programs. While this technique is widely studied, its kernel space counterpart known as kernel address space layout randomization (KASLR) has received less attention in the research community. KASLR, as it is implemented today is limited in entropy of randomization. Specifically, the kernel image and its modules can only be randomized within a narrow 1GB range. Moreover, KASLR does not protect against memory disclosure vulnerabilities, the presence of which reduces or completely eliminates the benefits of KASLR. In this thesis, we make two major contributions. First, we add support for position-independent kernel modules to Linux so that the modules can be placed anywhere in the 64-bit virtual address space and at any distance apart from each other. Second, we enable continuous KASLR re-randomization for Linux kernel modules by leveraging the position-independent model. Both contributions increase the entropy and reduce the chance of successful ROP attacks. Since prior art tackles only user-space programs, we also solve a number of challenges unique to the kernel code. Our experimental evaluation shows that the overhead of position-independent code is very low. Likewise, the cost of re-randomization is also small even at very high re-randomization frequencies. / Master of Science / Address space layout randomization (ASLR) is a computer security technique used to prevent attacks that exploit memory disclosure and corruption vulnerabilities. ASLR works by randomly arranging the locations of key areas of a process such as the stack, heap, shared libraries and base address of the executable in the address space. This prevents an attacker from jumping to vulnerable code in memory and thus making it hard to launch control flow hijacking and code reuse attacks. ASLR makes it impossible for the attacker to leverage return-oriented programming (ROP) by pre-computing the location of code gadgets. Unfortunately, ASLR can be defeated by using memory disclosure vulnerabilities to unravel static randomization in an attack known as Just-In-Time ROP (JIT-ROP) attack. There exist techniques that extend the idea of ASLR by continually re-randomizing the program at run-time. With re-randomization, any leaked memory location is quickly obsoleted by rapidly and continuously rearranging memory. If the period of re-randomization is kept shorter than the time it takes for an attacker to create and launch their attack, then JIT-ROP attacks can be prevented. Unfortunately, there exists no continuous re-randomization implementation for the Linux kernel. To make matters worse, the ASLR implementation for the Linux kernel (KASLR) is limited. Specifically, for x86-64 CPUs, due to architectural restrictions, the Linux kernel is loaded in a narrow 1GB region of the memory. Likewise, all the kernel modules are loaded within the 1GB range of the kernel image. Due to this relatively low entropy, the Linux kernel is vulnerable to brute-force ROP attacks. In this thesis, we make two major contributions. First, we add support for position-independent kernel modules to Linux so that the modules can be placed anywhere in the 64-bit virtual address space and at any distance apart from each other. Second, we enable continuous KASLR re-randomization for Linux kernel modules by leveraging the position-independent model. Both contributions increase the entropy and reduce the chance of successful ROP attacks. Since prior art tackles only user-space programs, we also solve a number of challenges unique to the kernel code. We demonstrate the mechanism and the generality of our proposed re-randomization technique using several different, widely used device drivers, compiled as re-randomizable modules. Our experimental evaluation shows that the overhead of position-independent code is very low. Likewise, the cost of re-randomization is also small even at very high re-randomization frequencies.

Operating systems

security