Vulnerabilities in Synchronous IPC Designs

Vulnerabilities in Synchronous IPC Designs (2003)

Cached

Download Links

[www.eros-os.org]

Other Repositories/Bibliography

DBLP

by Jonathan S. Shapiro

Venue:	In Proc. IEEE Symposium on Security and Privacy
Citations:	12 - 0 self

BibTeX

@INPROCEEDINGS{Shapiro03vulnerabilitiesin,
    author = {Jonathan S. Shapiro},
    title = {Vulnerabilities in Synchronous IPC Designs},
    booktitle = {In Proc. IEEE Symposium on Security and Privacy},
    year = {2003},
    pages = {251--262},
    publisher = {IEEE Computer Society Press}
}

Bookmark

OpenURL

Abstract

Recent advances in interprocess communication (IPC) performance have been exclusively based on thread-migrating IPC designs. Thread-migrating designs assume that IPC interactions are synchronous, and that user-level execution will usually resume with the invoked process (modulo preemption). This IPC design approach offers shorter instruction path lengths, requires fewer locks, has smaller instruction and data cache footprints, dramatically reduces TLB overheads, and consequently offers higher performance and lower timing variance than previous IPC designs. With care, it can be performed as an atomic unit of operation. While the performance of...

Citations

435	The bsd packet filter: A new architecture for user-level packet capture - Mccanne, Jacobson
265	The V Distributed System - Cheriton - 1988
251	A new kernel foundation for UNIX development - Mach - 1986
242	Lightweight remote procedure call - Bershad, Anderson, et al. - 1990
209	The packer filter: an efficient mechanism for user-level network code - Mogul, Rashid, et al. - 1987
151	EROS: A fast capability system - Shapiro, Smith, et al.
149	The impact of operating system structure on memory system performance - Chen, Bershad - 1993
145	Improving IPC by Kernel Design - Liedtke - 1993
116	Dpf: fast, flexible message demultiplexing using dynamic code generation. In SIGCOMM ’96: Conference proceedings on Applications, technologies, architectures, and protocols for computer communications - Engler, Kaashoek - 1996
102	HYDRA/C.mmp: An Experimental Computer System - Wulf, Levin, et al. - 1981
84	Evolving Mach 3.0 to a migrating thread model - Ford, Lepreau - 1994
63	Keykos architecture - Hardy - 1985
49	A retrospective on the VAX VMM security kernel - KARGER, ZURKO, et al. - 1991
45	A distributed secure system - Rushby, Randell - 1983
39	Improving Security and Performance for Capability Systems - Karger - 1988
39	An augmented capability architecture to support lattice security and traceability of access - Karger, Herbert - 1984
37	The Pebble component-based operating system - Gabber, Small, et al. - 1999
36	Interface and execution models in the fluke kernel - Ford, Hibler, et al. - 1999
34	Verifying the EROS Confinement Mechanism - Shapiro, Weber - 2000
30	The MULTICS kernel design project - SCHROEDER, SALTZER - 1977
29	Improved address-space switching on Pentium processors by transparently multiplexing user address spaces. Arbeitspapiere der - Liedtke - 1995
27	The SawMill Multiserver Approach - Gefflaut, Jaeger, et al. - 2000
27	Capability-based financial instruments - Miller, Morningstar, et al. - 2000
21	A.: Non-Discretionary Access Control for Decentralized Computing Systems - Karger - 1975
21	Reflections on an operating system design - Lampson, Sturgis - 1976
18	The measured performance of a fast local IPC - Shapiro, Farber, et al. - 1996
11	Flexible access control using IPC redirection - Jaeger, Elphinstone, et al. - 1999
11	Using Registers to Optimize CrossDomain Call Performance - Karger - 1989
6	Synchronous ipc over transparent monitors - Jaeger, Tidswell, et al. - 2000
6	Overview of the Chorus distributed system - Rozier, Abrossimov, et al. - 1991
4	Preventing Denial-of-Service Attacks on a -Kernel for WebOSes - Liedtke, Islam, et al. - 1997
1	Omega0: A portable interface to interrupt hardware for l4 systems - Loser, Hohmuth - 1999