Major Trends in Operating Systems Development

Operating systems have changed in nature in response to demands of users, and in response to advances in hardware and software technology. The purpose of this paper is to trace the development of major themes in operating system design from their beginnings through the present. This is not an exhaustive history of operating systems, but instead is intended to give the reader the flavor of the dif ferent periods in operating systems\u27 development. To this end, the paper will be organized by topic in approximate order of development. Each chapter will start with an introduction to the factors behind the rise of the period. This will be fol lowed by a survey of the state-of-the-art systems, and the conditions influencing them. The chapters close with a summation of the significant hardware and software contributions from the period

Construction of a support tool for the design of the activity structures based computer system architectures

This thesis was submitted for the degree of Doctor of Philosophy and was awarded by Brunel University.This thesis is a reapproachment of diverse design concepts, brought to bear upon the computer system engineering problem of identification and control of highly constrained multiprocessing (HCM) computer machines. It contributes to the area of meta/general systems methodology, and brings a new insight into the design formalisms, and results afforded by bringing together various design concepts that can be used for the construction of highly constrained computer system architectures. A unique point of view is taken by assuming the process of identification and control of HCM computer systems to be the process generated by the Activity Structures Methodology (ASM). The research in ASM has emerged from the Neuroscience research, aiming at providing the techniques for combining the diverse knowledge sources that capture the 'deep knowledge' of this application field in an effective formal and computer representable form. To apply the ASM design guidelines in the realm of the distributed computer system design, we provide new design definitions for the identification and control of such machines in terms of realisations. These realisation definitions characterise the various classes of the identification and control problem. The classes covered consist of: 1. the identification of the designer activities, 2. the identification and control of the machine's distributed structures of behaviour, 3. the identification and control of the conversational environment activities (i.e. the randomised/ adaptive activities and interactions of both the user and the machine environments), 4. the identification and control of the substrata needed for the realisation of the machine, and 5. the identification of the admissible design data, both user-oriented and machineoriented, that can force the conversational environment to act in a self-regulating manner. All extent results are considered in this context, allowing the development of both necessary conditions for machine identification in terms of their distributed behaviours as well as the substrata structures of the unknown machine and sufficient conditions in terms of experiments on the unknown machine to achieve the self-regulation behaviour. We provide a detailed description of the design and implementation of the support software tool which can be used for aiding the process of constructing effective, HCM computer systems, based on various classes of identification and control. The design data of a highly constrained system, the NUKE, are used to verify the tool logic as well as the various identification and control procedures. Possible extensions as well as future work implied by the results are considered.Government of Ira

Hierarchical Single-key-lock Access Control Using the Chinese Remainder Theorem�

The key-Jock-pair mechanism based on the Chinese remainder theorem was modified and implemented on the single-key-lock system. The singlekey- Jock system associates each subJect<i.e., user) with a key and each obJect( i.e., file) with a Jock. The modification is inspired by Chang�s method of key-Jock-paJr mechanism using the Chinese Remainder Theorem. In addition to using the key-Jock-pair (KLP) mechanism based on the Chinese remainder theorem, we introduce a hierarchical key storage structure which not only implies the relationship between the subJects, but decreases the number of recalculations of keys substantially when obJects are added or deleted. This hierarchical key storage structure also requ1res fewer files or lock numbers to be involved in the key calculation. It also reduces the verit" icat JOn time to Q( log2n), instead of OUog2N) which the old SKL system needs. Morever, during the calculation of keys for the subJects, faster computation speed 1s achJeved by using the modulus congruence of a Di, n where Dj =II Li for i = J and j = 1, 2, ... , n i=l where Li denotes the Jock on the t"i Je i for i= 1, 2, 3, ... , n. A simulation of the single-key-lock access control was perfomed on a Vax/Unix machine and time complexity of the key calculation was discussed.Computer Scienc

Protection in commodity monolithic operating systems

This dissertation suggests and partially demonstrates that it is feasible to retrofit real privilege separation within commodity operating systems by "nesting" a small memory management protection domain inside a monolithic kernel's single-address space: all the while allowing both domains to operate at the same hardware privilege level. This dissertation also demonstrates a microarchitectural return-integrity protection domain that efficiently asserts dynamic "return-to-sender" semantics for all operating system return control-flow operations. Employing these protection domains, we provide mitigations to large classes of kernel attacks such as code injection and return-oriented programming and deploy information protection policies that are not feasible with existing systems. Operating systems form the foundation of information protection in multiprogramming environments. Unfortunately, today's commodity operating systems employ monolithic kernel design, where any single exploit in the vast code base undermines all information protection in the system because all kernel code operates with full supervisor privileges, meaning that even perfectly secure applications are vulnerable. This dissertation explores an approach that retrofits fundamental information protection design principles into commodity monolithic operating systems, the aim of which is a micro-evolution of commodity system design that incrementally decomposes monolithic operating systems from the ground up, thereby applying microkernel-like security properties for billions of users worldwide. The key contribution is the creation of a new operating system organization, the Nested Kernel Architecture, which "nests" a new, efficient intra-kernel memory isolation mechanism into a traditional monolithic operating system design. Using the Nested Kernel Architecture we introduce write-protection services for kernel developers to deploy security policies in ways not possible in current systems—while greatly reducing the trusted computing base—and demonstrate the value of these services by deploying three special data protection policies. Overall, the Nested Kernel Architecture demonstrates practical in-place protections that require only minor code modifications with minimal run- time overheads

Le projet HOP!: vers un enseignement de la programmation pour tous

Parce que, dans une large mesure, la programmation fait intervenir de nombreuses compétences implicites, qui ne peuvent s'acquérir que par la pratique, l'enseignement de l'informatique nous paraît aujourd'hui encore insatisfaisant. Dans cet article, nous présentons le système HOP! (aka. Hands-On-Programming!), qui est un environnement de programmation interactif destiné à être utilisé pour enseigner la programmation au moyen d'exemples développés de façon incrémentale, en partant de projets simples pour aller petit à petit vers des réalisations plus compliquées. La philosophie et la conception du système HOP! s'appuient sur un certain nombre de développements récents dans les domaines des sciences du langage, de la psychologie, et de la pédagogie, ainsi que sur une analyse de l'activité de résolution de problèmes en informatique

A microprogrammed operating system kernel

The subject of the thesis is the design and implementation of an operating system kernel for the Cambridge Capability Computer (CAP). The kernel of an operating syst em is its most primitive level of facilities and forms the foundation stone a round which t he rest of the system is structured. The particular emphasis of the CAP kernel is concerned with protection - the control of access to information. The kernel uses the notion of capabilities to provide a flexible and controlled mechanism for the sharing of information within a computer system. The protection mechanisms include provision for the efficient control of access to memory as well as facilities for handling abstract resources like files and virtual peripherals. The kernel allows the introduction of new types of resources in addition to the basic set of hardware resourcee to permit user extension of the system. Attention is given to the problem of recall of privilege or revocation in capability systems and the kernel includes operations for both permanent and temporary revocation of particular access rights to information in a selective manner. In the past many of these functions have only been found in kernels implemented in user-level software which arc frequently cumbersome and inefficient. An examination is made of why this should be and·how efficiency and simplicity can be gained by a microprogrammed implementation. The thesis draws on the experience of a number of soft.ware kernels to discover the various design decisions that have to be made and the techniques that may be used to implement a successful kernel. The feasibility of the design arrived at by considering these issues is demonstratec1 by describinq its implementation on the Cambridge Capability Computer in terms of the primitives provided and the internal organisation of the proposed kernel. In an evaluation, the kernel is examined in the light of the analysis of other kernels to point out its strength s and weaknesses and to gain insights into the utility of the deign as a practical operating system kernel.Digitisation of this thesis was sponsored by Arcadia Fund, a charitable fund of Lisbet Rausing and Peter Baldwin

On the comparison of protection systems

PhD ThesisA methodology is presented for performing quantitative cost-benefit comparisons of protection systems. Protection systems in both programming languages and machine architectures can be understood and described in terms of the concept of a domain, an abstract entity which defines the access privileges of an executing program to objects in a system. Though the issues of protection and addressing can be treated separately, the realisation of the close relationship between protection and addressing can assist in the implementation of domains using addressing techniques and provides a basis for the comparison of protection systems. Current formal models of protection are seen to aid qualitative comparisons but do not provide an effective yardstick with which to compare protection systems. Based on the ideas of protection through addressing, a protection model is developed from which cost and benefit measures of protection are derived in order to achieve the quantitative comparison methodology. Two detailed examples of the application of the methodology are presented. The first concerns the protection implemented in various Algol W run-time systems, and the second compares the protection system of IBM's 370 DOS/VS operating system with a proposed alternative protection system. Finally, the comparison of protection systems which exploit structure to achieve protection is discussed. The notion of a structured domain is introduced and used in an assessment of the protection afforded by programmer defined types and a supporting architecture.The Science Research Council: The Computing Laboratory, Newcastle University

Computer and data security: a comprehensive annotated bibliography.

Massachusetts Institute of Technology, Alfred P. Sloan School of Management. Thesis. 1973. M.S.MICROFICHE COPY ALSO AVAILABLE IN DEWEY LIBRARY.M.S