Compare security of normal OS and Fiasco.oc with L4re

Adam Lackorzynski adam at os.inf.tu-dresden.de
Mon Jan 19 23:34:59 CET 2015


On Wed Jan 14, 2015 at 12:06:56 +0530, Gayathri Nagarajan wrote:
> How to show that an application running on l4re with fiasco.oc is more
> secure than running the same application on normal operating system?

There is no easy way to do that. One common approach is to look at the
amount of source code required for an application, and all the code this
application requires to run. Given that most software written by humans
contains bugs one can assume that the amount of bugs is bigger with a
larger software base than with a smaller one.
So having a small software base is generally considered to be a good
thing security wise (small trusted computing base (TCB)).

> Which application can be chosen for proving the security aspects of l4re?
> Some of which that I know are
> 1. DMS - Denial of mitigation system
> 2. IDS - Intrusion Detection system
> 3. Firewall
> etc...
> 
> But I want a very basic and simple application to demonstrate the security
> when compared with running the same on normal os.

One of the key aspects here is that applications can be split into
security-critical parts and non-critical parts. Typically the first part
is much smaller than the other. This smaller part can then be put into a
microkernel application and separated from the big application or even
from the whole guest OS. This tremendously reduces the TCB for the
security-critical part. Please look at
http://os.inf.tu-dresden.de/papers_ps/eurosys2006.pdf for a far more
elaborate explanation.



Adam
-- 
Adam                 adam at os.inf.tu-dresden.de
  Lackorzynski         http://os.inf.tu-dresden.de/~adam/



More information about the l4-hackers mailing list