Supporting the secure halting of user sessions and processes in the Linux operating system

Loading...
Thumbnail Image
Authors
Brock, Jerome P.
Subjects
Advisors
Clark, Paul C.
Irvine, Cynthia E.
Date of Issue
2001-06
Date
June 2001
Publisher
Language
Abstract
One feature of a multi-level operating system is a requirement to manage multiple, simultaneous user-sessions at different levels of security. This session management is performed through a trusted path between the user and operating system. Critical to this functionality is the operating system's ability to temporarily halt dormant sessions, thereby ensuring their inability to perform any actions within the system. Only when a session must be reactivated are its processes returned to a runnable state. This thesis presents an approach for adding this "secure halting" functionality to the Linux operating system. A detailed design for modifying the Linux kernel, the core of the operating system, is given. A new module, allowing an entire session to be halted and woken up, is designed. A new process state, the "secure halt" state, is added. Additionally, the kernel's scheduling manager is modified to properly manage processes in the secure halt state. The research has led to the implementation of the design as a proof of concept. This research is meant to be used in combination with other efforts to enhance the security of the Linux operating system
Type
Thesis
Description
Series/Report No
Department
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
x, 62 p. ; 28 cm.
Citation
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections