Graphical user interfaces for high-assurance systems must fulfill a range of security requirements such as protected and reliable presentation, prevention of unauthorized cross-domain talk, and prevention of user-input eavesdropping. Additionally, it is desirable to support legacy applications running in confined compartments. Standard isolation methods such as virtual-machine monitors provide one frame buffer per security domain, where each frame buffer is managed by one legacy window system. This raises the question of how to safely integrate multiple (legacy) window systems and protect the displayed data while preserving the usability of modern user interfaces.
Our paper describes the OverlayWindow System, a general mechanism for multiplexing windows of multiple distinct window systems into the host frame buffer. Thus, each legacy window appears to the user as one corresponding host window that can be moved and resized. To achieve this, only slight modifications of the legacy window system are required whereby, the source code does not have to be available. Our implementation of an Overlay Window System successfully multiplexes Linux, GEM and native L4 applications.
| Identifer | oai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:26247 |
| Date | 14 November 2012 |
| Creators | Feske, Norman, Helmuth, Christian |
| Publisher | Technische Universität Dresden |
| Source Sets | Hochschulschriftenserver (HSSS) der SLUB Dresden |
| Language | English, German |
| Detected Language | English |
| Type | doc-type:workingPaper, info:eu-repo/semantics/workingPaper, doc-type:Text |
| Rights | info:eu-repo/semantics/openAccess |
| Relation | urn:nbn:de:bsz:14-qucosa-79344, qucosa:24841 |
Page generated in 0.0071 seconds