Utilizing hardware features for secure thread management
Loading...
Authors
Isa, Haruna R.
Subjects
Transaction Processing
Multilevel Secure Operating System
Thread Management
Intel Pentium Microprocessor
Multilevel Secure Operating System
Thread Management
Intel Pentium Microprocessor
Advisors
Irvine, Cynthia E.
Date of Issue
1998-12
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
en_US
Abstract
Transaction processing (TP) applications are of use when solving a wide variety of data processing problems. Current commercial TP systems do not possess the ability to manage information at multiple security levels with high assurance. Department of Defense and Department of Navy Command, Control, Communication, Computers and Intelligence (C4I) applications handle information over a wide variety of classifications and compartments. The existence of TP applications that can securely process information of different classifications (with assurance) would save the DoD the need to create separate single level systems to process all necessary information. A trusted computing base (TCB) and security kernel architecture for supporting multi-threaded, queue-driven transaction processing applications in a multilevel secure environment has been designed. Intel's Pentium CPU architecture provides hardware with two distinct descriptor tables. One is used in the usual way for process isolation while the other is used for thread isolation. This allocation, together with an appropriately designed scheduling policy, permits us to avoid the full cost of process creation when only switching between threads of different security classes in the same process. where large numbers of transactions are encountered on transaction queues, this approach has benefits over traditional multilevel systems.
Type
Thesis
Description
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
x, 146 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.