University of Illinois Urbana-Champaign

Protection in commodity monolithic operating systems

Dautenhahn, Nathan D

Content Files
DAUTENHAHN-DISSERTATION-2016.pdf

Permalink

https://hdl.handle.net/2142/92699

Description

Title
Protection in commodity monolithic operating systems
Author(s)
Dautenhahn, Nathan D
Issue Date
2016-05-16
Director of Research (if dissertation) or Advisor (if thesis)
Adve, Vikram
Doctoral Committee Chair(s)
Adve, Vikram
Committee Member(s)
  • Nahrstedt, Klara
  • Gunter, Carl A.
  • Bugnion, Edouard
  • King, Samuel T.
Department of Study
Computer Science
Discipline
Computer Science
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
Ph.D.
Degree Level
Dissertation
Date of Ingest
2016-11-10T17:49:25Z
Keyword(s)
  • intra-kernel isolation
  • operating system architecture
  • malicious operating systems
  • virtual memory
  • nested kernel
  • security kernel
  • security monitor
Abstract
"This dissertation suggests and partially demonstrates that it is feasible to retrofit real privilege separation within commodity operating systems by ""nesting"" a small memory management protection domain inside a monolithic kernel's single-address space: all the while allowing both domains to operate at the same hardware privilege level. This dissertation also demonstrates a microarchitectural return-integrity protection domain that efficiently asserts dynamic ""return-to-sender"" semantics for all operating system return control-flow operations. Employing these protection domains, we provide mitigations to large classes of kernel attacks such as code injection and return-oriented programming and deploy information protection policies that are not feasible with existing systems. Operating systems form the foundation of information protection in multiprogramming environments. Unfortunately, today's commodity operating systems employ monolithic kernel design, where any single exploit in the vast code base undermines all information protection in the system because all kernel code operates with full supervisor privileges, meaning that even perfectly secure applications are vulnerable. This dissertation explores an approach that retrofits fundamental information protection design principles into commodity monolithic operating systems, the aim of which is a micro-evolution of commodity system design that incrementally decomposes monolithic operating systems from the ground up, thereby applying microkernel-like security properties for billions of users worldwide. The key contribution is the creation of a new operating system organization, the Nested Kernel Architecture, which ""nests"" a new, efficient intra-kernel memory isolation mechanism into a traditional monolithic operating system design. Using the Nested Kernel Architecture we introduce write-protection services for kernel developers to deploy security policies in ways not possible in current systems—while greatly reducing the trusted computing base—and demonstrate the value of these services by deploying three special data protection policies. Overall, the Nested Kernel Architecture demonstrates practical in-place protections that require only minor code modifications with minimal run- time overheads."
Graduation Semester
2016-08
Type of Resource
text
Permalink
http://hdl.handle.net/2142/92699
Copyright and License Information
Copyright 2016 by Nathan Daniel Dautenhahn. All rights reserved.

Owning Collections

Dissertations and Theses - Computer Science
Dissertations and Theses from the Siebel School of Computer Science
Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at Illinois