Paper by Engler, Kaashoek, O’Toole Presentation by Charles Haiber.

Slides:



Advertisements
Similar presentations
Northwestern University 2007 Winter – EECS 443 Advanced Operating Systems Exokernel: An Operating System Architecture for Application-Level Resource Management.
Advertisements

CS533 Concepts of Operating Systems Class 14 Virtualization and Exokernels.
EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
Chorus Vs Unix Operating Systems Overview Introduction Design Principles Programmer Interface User Interface Process Management Memory Management File.
Lightweight Remote Procedure Call Brian N. Bershad, Thomas E. Anderson, Edward D. Lazowska, and Henry M. Levy Presented by Alana Sweat.
Exokernel: An Opertion System Architecture for Application-Level Resource Management SIGCOMM ’ 96, PDOS-MIT Presented by Ahn Seunghoon Dawson R. Engler,
Extensibility, Safety and Performance in the SPIN Operating System Department of Computer Science and Engineering, University of Washington Brian N. Bershad,
Extensible Kernels: Exokernel and SPIN Presented by Hakim Weatherspoon (Based on slides from Edgar Velázquez-Armendáriz and Ken Birman)
Extensible Kernels Edgar Velázquez-Armendáriz September 24 th 2009.
G Robert Grimm New York University Extensibility: SPIN and exokernels.
CS533 Concepts of Operating Systems Class 20 Summary.
CS533 Concepts of Operating Systems Class 7 Virtualization and Exokernels.
Extensibility, Safety and Performance in the SPIN Operating System Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr.
Dawson R. Engler, M. Frans Kaashoek, and James O'Tool Jr.
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
G Robert Grimm New York University Extensibility: SPIN and exokernels.
Extensibility, Safety and Performance in the SPIN Operating System Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
1 Extensible Kernels Ken, with slides by Amar Phanishayee.
Extensibility, Safety and Performance in the SPIN Operating System Dave Camarillo.
Figure 1.1 Interaction between applications and the operating system.
Dawson Engler, Frans Kaashoek, James O’Toole
Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.
Extensible Kernels Mingsheng Hong. OS Kernel Types Monolithic Kernels Microkernels – Flexible (?) – Module Design – Reliable – Secure Extensible Kernels.
CS533 Concepts of OS Class 16 ExoKernel by Constantia Tryman.
1 Extensible Kernels Amar Phanishayee. 2 Traditional OS services – Management and Protection Provides a set of abstractions Processes, Threads, Virtual.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
M. Frans Kaashoek, Dawson R. Engler, Gregory R. Ganger, Hector M. Bricefio, Russell Hunt, David Mazikres, Thomas Pinckney, Robert Grimm, John Jannotti.
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
A PPLICATION P ERFORMANCE AND F LEXIBILITY ON E XOKERNEL S YSTEMS CS5204 – Operating Systems Md Hasanuzzaman Bhuiyan Kaashoek et al. MIT Laboratory.
Operating System Architectures
APPLICATION PERFORMANCE AND FLEXIBILITY ON EXOKERNEL SYSTEMS M. F. Kaashoek, D. R. Engler, G. R. Ganger H. M. Briceño, R. Hunt, D. Mazières, T. Pinckney,
CS533 Concepts of Operating Systems Jonathan Walpole.
Operating System Architectures
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Kernel, processes and threads Windows and Linux. Windows Architecture Operating system design Modified microkernel Layered Components HAL Interacts with.
Exokernel: An Operating System Architecture for Application-Level Resource Management" by Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr. Chris.
Computers Operating System Essentials. Operating Systems PROGRAM HARDWARE OPERATING SYSTEM.
MIT’s Exokernel Presented by Victoria Barrow Kyle Safford Sean Sommers.
CS533 - Concepts of Operating Systems 1 The Mach System Presented by Catherine Vilhauer.
4-Dec-15CSE 60641: Operating Systems1 -Exokernel: an operating system architecture for application-level resource management. Dawson R. Engler, M. Frans.
Operating Systems Engineering Based on MIT (2012, lec3) Recitation 2: OS Organization.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
1.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Lecture 2: OS Structures (Chapter 2.7)
The Mach System Silberschatz et al Presented By Anjana Venkat.
Overview of the MIT Exokernel Operating System James Madison University CS 450 Abzug MWF 10:10-11:00 12/2/02 Steven Petzinger Billy Lehner.
Advanced Operating Systems (CS 202) Extensible Operating Systems Jan, 11, 2016.
Virtualizing a Multiprocessor Machine on a Network of Computers Easy & efficient utilization of distributed resources Goal Kenji KanedaYoshihiro OyamaAkinori.
Advanced Operating Systems (CS 202) Extensible Operating Systems (II) Jan, 13, 2016.
Exokernel: An Operating System Architecture for Application-Level Resource Management By Dawson R. Engler, M. Frans Kaashoek, James O’Toole Jr. Presented.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
1.3 Operating system services An operating system provide services to programs and to the users of the program. It provides an environment for the execution.
Exokernel Operating System: An Introduction Liming Shu COSC 513, Summer 2002.
Exokernel: An Operating System Architecture for Application-Level Resource Management by Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr. Presented.
Operating System Structure
The Mach System Sri Ramkrishna.
Extensible OSes Exokernel and SPIN (Lecture 9, cs262a)
Operating System Structure
KERNEL ARCHITECTURE.
Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr [SOSP’97]
Modern Systems: Extensible KERNELS AND containers
Extensible OSes Exokernel and SPIN Lecture 19, cs262a
EXOKERNEL Gabriel Beltran John Blackman David Martin Kurt Rohrbacher
Operating Systems: A Modern Perspective, Chapter 3
Operating Systems Structure
Modern systems: Extensible Kernels and Containers
Presentation transcript:

Paper by Engler, Kaashoek, O’Toole Presentation by Charles Haiber

 Exokernels Overview vs. traditional kernels Library Operating Systems Design Principals  Secure Bindings  Visible Resource Revocation  Abort Protocol  Testing Hypothesizes Results/Conclusion  Is it secure?

 The main goal of an exokernel: The separation of protection from management  Instead of emulating hardware resources, it exports them directly to the applications  In addition to the exokernel, a “Library OS” can act as an abstraction layer between hardware and application

 Fixed, high-level abstractions, provided by kernels to enable as many types of applications to run on the system, tend to have a very high cost in system resources Hurts the performance of applications Hides information from applications Limits the functionality of applications

 Exokernels exist as a thin layer on top of the hardware that multiplexes and exports physical resources securely  The idea is that an application will better know how it wants to manage it’s resources than a monolithic kernel or microkernel

 Multiple Library Operating Systems can exist  Exist to provide specialized abstractions One OS might cater specifically to networking  Library OS are not trusted by the exokernel They are free to trust the applications They run on the application level themselves  Allow applications to be ran on any hardware

 Securely expose hardware Avoid hardware management, except when required for the protection of the system  Expose allocation to Library OS  Expose names of physical resources  Expose revocation protocol

 Secure Bindings Allows applications to securely bind themselves to resources  Visible Resource Revocation Applications participate in a resource revocation protocol  Abort Protocol The exokernel can forcibly break secure bindings of uncooperative applications

 Protection mechanism that separates authorization from the use of a resource Authorization only checked at bind time Applications responsible for resources with complex hardware semantics (networks, file systems, etc.) This frees up the exokernel to perform access checks at access time  Allows the kernel to protect hardware resources without needing to understand them

 Traditionally, resource revocation is invisible to applications in monolithic and micro-kernels  By exposing resource revocation, the exokernel allows applications and Library OSs to monitor resource usage and act accordingly

 Allows the exokernel to retrieve resources from a Library OS that is not responding to revocation requests Revocation request – “Please return a memory page” Revocation imperative – “Return a memory page within 50 microseconds”  Secure binding is broken, and the Library OS sent a repossession exception

 Aegis – an experimental exokernel Exports the processor, physical memory, exceptions, interrupts, and network resources  ExOS – an experimental Library OS Provides processes, virtual memory, user-level exceptions, interprocess abstractions, and several network protocols  Ultrix is a mature monolithic Unix-based OS

 Exokernels are very efficient  Low-level, secure multiplexing can be efficient  Traditional OS abstractions can be implemented efficiently at application level  Applications can create special-purpose implementations of these abstractions

Both Aegis and Ultrix ran on the same hardware  No overhead added to procedure calls  Exception dispatch about 100x faster in Aegis  ExOS’s implementation of pipes about 100x faster

 All four hypothesizes were proven to be correct when compared to Ultrix  Results show that the exokernel design is well suited as a high-performance, extensible OS. Additionally, previous research found that applications benefit greatly from specialized abstractions, and ExOS backed those conclusions up as well

 Total mediation: NO OS does very little resource management and only authorizes resource usage at bind time  Trustworthy: YES Only the exokernel is part of the TCB, with the Library OSs being ran at application level  Verifiable: YES Kernel is extremely small, with only two goals:  Present hardware resources  Do so securely

 Exokernel: An Operating System Architecture for Application-Level Resource Management Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr., M.I.T. Laboratory for Computer Science  The Operating System Kernel as a Secure Programmable Machine The Operating System Kernel as a Secure Programmable Machine Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr., M.I.T. Laboratory for Computer Science  The case for application-specific operating systems. The case for application-specific operating systems. Thomas E. Anderson, Division of Computer Science, University of California at Berkeley

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.