Global ETD Search

301	Secure Virtualization of Latency-Constrained Systems Lackorzynski, Adam 16 April 2015 (has links) (PDF) Virtualization is a mature technology in server and desktop environments where multiple systems are consolidate onto a single physical hardware platform, increasing the utilization of todays multi-core systems as well as saving resources such as energy, space and costs compared to multiple single systems. Looking at embedded environments reveals that many systems use multiple separate computing systems inside, including requirements for real-time and isolation properties. For example, modern high-comfort cars use up to a hundred embedded computing systems. Consolidating such diverse configurations promises to save resources such as energy and weight. In my work I propose a secure software architecture that allows consolidating multiple embedded software systems with timing constraints. The base of the architecture builds a microkernel-based operating system that supports a variety of different virtualization approaches through a generic interface, supporting hardware-assisted virtualization and paravirtualization as well as multiple architectures. Studying guest systems with latency constraints with regards to virtualization showed that standard techniques such as high-frequency time-slicing are not a viable approach. Generally, guest systems are a combination of best-effort and real-time work and thus form a mixed-criticality system. Further analysis showed that such systems need to export relevant internal scheduling information to the hypervisor to support multiple guests with latency constraints. I propose a mechanism to export those relevant events that is secure, flexible, has good performance and is easy to use. The thesis concludes with an evaluation covering the virtualization approach on the ARM and x86 architectures and two guest operating systems, Linux and FreeRTOS, as well as evaluating the export mechanism. Virtualisierung Betriebssysteme Echtzeit Sicherheit Virtualization Operating Systems Real-time Security ddc:004 rvk:ST 234 rvk:ST 260 rvk:ST 277
302	A Problem Solving Approach to Enterprise FileVault 2 Management and Integration Cobb, Nicholas 01 December 2013 (has links) Consumer technology adoption into large enterprise environments is occurring at an unprecedented rate. Employees require the flexibility and efficiency of using operating systems, computers, and mobility products they are familiar with and that enable their productivity. Due to this industry phenomenon, one large shipping enterprise must work to create solutions to integrate Apple’s OS X operating system into its traditional Windows-based operating environment. This level of integration must take place carefully to enable usability and foster the continued data security of enterprise assets. This paper describes the steps and methodology taken, as well as the rationale used, to accomplish the task of integrating Apple’s FileVault 2 full disk encryption technology into existing McAfee management infrastructure and traditional deployment and support workflows. Using a combination of industry and community solutions and techniques, a low-cost software solution named EscrowToEPO is created to facilitate the secure and user-friendly adoption of FileVault 2 as a full disk encryption solution. This paper also includes the success/failure rate of adoption and implications as to how the adoption of similar solutions can occur to support future operating systems or other environments. Apple Dish Encryption McAfee Computer Software Operating Systems (Computers) Computer Engineering Engineering Technology and Innovation
303	Real-time interactive multiprogramming. Heher, Anthony Douglas. January 1978 (has links) This thesis describes a new method of constructing a real-time interactive software system for a minicomputer to enable the interactive facilities to be extended and improved in a multitasking environment which supports structured programming concepts. A memory management technique called Software Virtual Memory Management, which is implemented entirely in software, is used to extend the concept of hardware virtual memory management. This extension unifies the concepts of memory space allocation and control and of file system management, resulting in a system which is simple and safe for the application oriented user. The memory management structures are also used to provide exceptional protection facilities. A number of users can work interactively, using a high-level structured language in a multi-tasking environ=ment, with very secure access to shared data bases. A system is described which illustrates these concepts. This system is implemented using an interpreter and significant improvements in the performance of interpretive systems are shown to be possible using the structures presented. The system has been implemented on a Varian minicomputer as well as on a microprogrammable micro= processor. The virtual memory technique has been shown to work with a variety of bulk storage devices and should be particularly suitable for use with recent bulk storage developments such as bubble memory and charge coupled devices. A detailed comparison of the performance of the system vis-a-vis that of a FORTRAN based system executing in-line code with swapping has been performed by means of a process control Case study. These measurements show that an interpretive system using this new memory management technique can have a performance which is comparable to or better than a compiler. oriented system. / Thesis (Ph.D.)-University of Natal, 1978. Operating systems (Computers) Real-time data processing. Multiprogramming (Electronic computers) Interactive computer systems. Virtual storage (Computer science) Theses--Electrical engineering.
304	Communication in Microkernel-Based Operating Systems / Kommunikation in Mikrokern-basierten Betriebssystemen Aigner, Ronald 25 May 2011 (has links) (PDF) Communication in microkernel-based systems is much more frequent than system calls known from monolithic kernels. This can be attributed to the placement of system services into their own protection domains. Communication has to be fast to avoid unnecessary overhead. Also, communication channels in microkernel-based systems are used for more than just remote procedure calls. In distributed systems, which also have a componentized design, it is state of the art to use tools to generate stubs for the communication between components. The communication interfaces of components are described in an interface definition language (IDL). In contrast to distributed systems, components of a microkernel-based system run on the same architecture and message delivery is guaranteed. In this Thesis, I explore the different kinds of communication, which can be used in microkernel-based systems, as well as their possible representation in IDL. Specifically, I introduce the syntax to describe kernel objects in IDL. I discuss the complexity of IDL compilers and its relation to the complexity of the IDL. Furthermore, I evaluate the performance of the communication stubs generated by different IDL compilers and discuss techniques to minimize performance overhead in generated stubs. I validated these techniques by implementing the Drops IDL Compiler - Dice. Finally, this Thesis presents a mechanism to measure the frequency and performance of invocations of generated communication code. I used this technique to conduct measurements in highly complex systems and introducing the least possible overhead. Mikrokerne Betriebssyteme IDL IDL Compiler Kommunikation communication operating systems microkernel IDL IDL compiler ddc:004 rvk:ST 260
305	Intelligent medical device integration with real time operating system : a thesis submitted to the School of Engineering in partial fulfilment of the requirements for the degree of Master of Engineering, Department of Electronics and Computer Syetem [i.e. Systems] Engineering at Massey University, [Albany], New Zealand Jan, Zaid January 2009 (has links) Many commercial devices now being produced have the ability to be remotely monitored and controlled. This thesis aims to develop a generic platform that can easily be extended to interface with many different kinds of devices for remote monitoring and control via a TCP/IP connection. The deployment will be concentrated on Medical devices but can be extended to all serial device interfaces. The hardware to be used in the development of this platform is an ARM Cortex M3 based Micro-Controller board which has to be designed to meet the requirement set by the Precept Health the founder of this platform. The design was conducted at Massey University in collaboration with senior engineer from the company. The main task in achieving the aim was the development of the necessary software layers to implement remote monitoring and control. The eCosCentric real-time embedded operating system was used to form a generic base for developing applications to monitor and control specific devices. The majority of the work involved in this project was the deployment of the operating system to the Micro-Controller. During the development process, several hardware issues were discovered with the Ethernet interface and were corrected. Using the generic platform, an application was developed to allow the reading of Bi-Directional pass through a communication protocol from 4 isolated serial input channels, to an Ethernet channel using TCP protocol. Remote monitoring Operating system TCP protocol
306	An initial operating system adaptation heuristic for Swap Cluster Max (SCM) Somanathan, Muthuveer, January 2008 (has links) Thesis (M.S.)--University of Texas at El Paso, 2008. / Title from title screen. Vita. CD-ROM. Includes bibliographical references. Also available online.
307	Microsoft Windows Server 2003 : security enhancements and new features / Montehermoso, Ronald Centeno. January 2004 (has links) (PDF) Thesis (M.S. in Information Technology Management)--Naval Postgraduate School, Sept. 2004. / Thesis Advisor(s): Douglas E. Brinkley. Includes bibliographical references (p. 111-118). Also available online.
308	PI-MT: método para a criação de transformações de modelos no contexto da MDA Agner, Luciane Telinski Wiedermann 14 December 2012 (has links) Esta tese aborda o problema de prover a independência de plataforma em transformações de modelos no contexto da MDA (Model Driven Architecture). A MDA é uma abordagem de desenvolvimento de software baseada na criação e na transformação de modelos. Assim, em MDA os modelos são os principais artefatos ao longo do ciclo de vida de desenvolvimento de software e as transformações desempenham um papel fundamental. No entanto, a maioria das iniciativas MDA são dedicadas, isto é, as características da plataforma são implicitamente especificadas nas regras de transformação. À medida que os aspectos ligados à plataforma não são separados das regras de transformação, para cada plataforma selecionada deve haver uma transformação de modelos correspondente. Por um lado, isto facilita o desenvolvimento de transformações de modelo. Por outro lado, a transformação torna-se limitada a uma plataforma específica, uma vez que os recursos da plataforma estão fortemente associados com as regras de transformação. Um dos desafios consiste em criar regras de transformação independentes das características da plataforma de implementação de sistemas de software. Esta tese propõe um método para a criação de transformações de modelo chamado PI-MT (Platform Independent - Model Transformations). O PI-MT é voltado ao desenvolvimento de software embarcado baseado em Sistemas Operacionais em Tempo-Real (RTOS - Real-Time Operating System). Além disso, o método permite a adaptação de transformações de modelos para diferentes plataformas baseadas em RTOS, por meio de modelos de plataforma explicitamente definidos. Como resultado, o método de PI-MT oferece independência entre as regras de transformação e as características da plataforma. / This thesis deals with the platform-independence matter in the Model Driven Architecture (MDA) context. MDA is an approach to software development based on the design and transformation of models. In the MDA approach models are the core artifacts throughout the entire software development lifecycle, and thus a key role is played by model transformations. Nevertheless, most MDA initiatives are dedicated, i.e., the platform features are implicitly employed in the transformation rules. As the aspects associated with the platform are not separated from the transformation rules, for each selected platform there must be a corresponding model transformation. On the one hand, this makes the model transformation development easier. On the other hand, model transformation becomes limited to a specific platform, once the platform features are strongly associated with the transformation rules. An open challenge consists of how to create transformation rules independently of the deployment platform features of software systems. This thesis proposes a method for creating model transformations, called PI-MT (Platform Independent - Model Transformations). The PI-MT is particularly applied to embedded software development based on Real-Time Operating Systems (RTOS). In addition, it allows the adaptation of the model transformation process to different RTOS-based platforms by means of Platform Models explicitly defined. As a result, the PI-MT method provides independence between the model transformation rules and the platform features. Software - Desenvolvimento Sistemas operacionais (Computadores) Sistemas embarcados (Computadores) Computer software - Development Operating systems (Computers) Embedded computer systems
309	Aplikace softwarových komponent pro návrh operačního systému / Application of Software Components in Operating System Design Děcký, Martin January 2015 (has links) This thesis describes the primary goal of the HelenOS microkernel multiserver operating system. The primary goal of the HelenOS project is to create a comprehensive research and development platform in the domain of general-purpose operating systems that would support state-of-the-art approaches and methods (such as verification of correctness) while at the same time focusing on practical relevance. The text of the thesis describes what specific means in terms of design (based on software components), implementation, development process and verification are used to achieve the primary goal. The thesis also evaluates the current state of HelenOS. Powered by TCPDF (www.tcpdf.org)
310	Projeto do núcleo de um sistema operacional distribuído / Project of the kernel of a distributed operating system Stein, Benhur de Oliveira January 1992 (has links) Uma das tendências para o aumento do desempenho dos sistemas de computação atuais tem sido a distribuição do processamento em uma rede de computadores. Já foram pesquisados diversos modelos para obter essa distribuição, e um dos que tem se mostrado mais promissor é aquele no qual o controle da distribuição é efetuado diretamente pelo sistema operacional. Um sistema operacional desse tipo é chamado de sistema operacional distribuído[TAN85], e seu principal objetivo e fornecer a seus usuários a ilusão de uma maquina uniprocessadora constituída pela soma dos recursos oferecidos pelos componentes da rede. A forma de realizar tal ilusão é o sistema operacional controlar a utilização dos recursos distribuídos para o usuário, independentemente de onde estejam localizados, a medida que sejam requisitados e estejam disponíveis. Esta sendo desenvolvido no CPGCC da UFRGS o projeto DIX, cujo objetivo é o desenvolvimento de um Sistema Operacional Distribuído. Para o desenvolvimento desse projeto, foi tornado como base o sistema operacional MINIX. As principais razoes dessa opção foram: o alto grau de modularidade do MINIX, a utilização do paradigma de troca de mensagens para comunicação entre processos e a sua disponibilidade. A plataforma de hardware inicial para o desenvolvimento do projeto é um grupo de estações de trabalho Proceda. Tais estações caracterizam-se por possuir internamente dois elementos processadores distintos. O projeto DIX teve inicio com o porte do sistema operacional MINIX para o ambiente multiprocessador heterogêneo das estações. Devido a necessidade de comunicação entre as estações e a indisponibilidade de hardware adequado para tal, foi desenvolvida uma forma alternativa de comunicação, baseada na utilização da interface paralela existente nas estações. Este trabalho descreve o núcleo do sistema operacional. A filosofia adotada foi torná-lo o mais simples possível, colocando em processos servidores, externos ao núcleo, grande parte das tarefas. Outro objetivo foi alterar o mínimo possível a interface original do MINIX, para que as camadas superiores do sistema continuassem em funcionamento. Dessa forma, a principal função do núcleo é fornecer aos processos mecanismos para troca de mensagens e transferência de dados entre processos. Foi desenvolvido um método para a identificação global dos processos, que permite identificar cada processo do sistema de forma unívoca e um mecanismo de comunicação entre processos que suporta transparência de localidade, migração de processos e falhas em nodos da rede. / One of the modern trends in Computer Science has been the use of distribution to improve system performance. Many models of distribution have been proposed, and the most promising one is that in which the distribution is directly controlled by the operating system. Such type of system is called a distributed operating system[TAN85], and its main goal is to provide its users an illusion of an uniprocessor system more powerful than its components. The operating system controls the utilization of the distributed resources in a transparent way, in order to present such illusion to its users. There is a project, named DIX, under development at CPGCC/UFRGS, whose goal is to gather experience in the field while developing a distributed operating system. The MINIX operating system has been chosen as a software basis for the project, because of its high degree of modularity, its message passing IPC paradigm and the availability of its source code. The initial hardware configuration is a set of Proceda workstations. Those workstations have two distincts processors that can run in parallel. The project was started with the porting of MINIX to the workstations' heterogeneous multiprocessor environment. Due to the need of information exchange among the workstations and to the unavailability of suitable communication hardware, an alternative communication scheme was developed. This work describes the kernel of the operating system. The adopted methodology was to keep it as simple as possible, putting a great number of tasks in server processes outside the kernel. Another goal was to preserve the MINIX original interface, so that the upper layers of the system could remain functional. So, the main purpose of the kernel is to supply an efficient message exchange mechanism. That mechanism supports locality transparency: the sender of a message is not aware of the destination location, and it is even possible that processes migrate. A method has been developed for the global unique identification of processes. Sistemas operacionais Sistemas operacionais distribuidos Redes : Comunicacao : Dados Minix Comunicacao : Processos Operating systems Distributed systems Computer networks Inter- process communication

Search results