MC68851: paged memory management unit user's manual
MC68851: paged memory management unit user's manual
A programmer's view of the Intel 432 system
A programmer's view of the Intel 432 system
Experiences with the Amoeba distributed operating system
Communications of the ACM
Improving IPC by kernel design
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Performance effects of architectural complexity in the Intel 432
ACM Transactions on Computer Systems (TOCS)
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Microkernels meet recursive virtual machines
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Extensible security architectures for Java
Proceedings of the sixteenth ACM symposium on Operating systems principles
Memory management with explicit regions
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Interface and execution models in the Fluke kernel
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
A note on the confinement problem
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Inside the as/400
Capability-Based Computer Systems
Capability-Based Computer Systems
The KeyKOS Nanokernel Architecture
Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
Data Movement in Kernelized Systems
Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
Object-Oriented Transaction Processing in the KeyKOS Microkernel
USENIX Microkernels and Other Kernel Architectures Symposium
Secure Applications Need Flexible Operating Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Flexible Access Control using IPC Redirection
HOTOS '99 Proceedings of the The Seventh Workshop on Hot Topics in Operating Systems
The measured performance of a fast local IPC
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
User-level checkpointing through exportable kernel state
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
ACM SIGOPS Operating Systems Review
ITS 1.5 Reference Manual
Eros: a capability system
The Cambridge CAP computer and its operating system (Operating and programming systems series)
The Cambridge CAP computer and its operating system (Operating and programming systems series)
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
lmbench: portable tools for performance analysis
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
The development of a distributed capability system for VLOS
CRPIT '02 Proceedings of the seventh Asia-Pacific conference on Computer systems architecture
Distributing processing without DPEs: design considerations for public computing platforms
EW 9 Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system
A survey of customizability in operating systems research
ACM Computing Surveys (CSUR)
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Case Studies in Security and Resource Management for Mobile Object Systems
Autonomous Agents and Multi-Agent Systems
User Interaction Design for Secure Systems
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Design Evolution of the EROS Single-Level Store
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
CPCMS: A Configuration Management System Based on Cryptographic Names
Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference
Access and Integrity Control in a Public-Access, High-Assurance Configuration Management System
Proceedings of the 11th USENIX Security Symposium
An Approach to Implementing Persistent Computations
POS-9 Revised Papers from the 9th International Workshop on Persistent Object Systems
Transparent Orthogonal Checkpointing through User-Level Pagers
POS-9 Revised Papers from the 9th International Workshop on Persistent Object Systems
Vulnerabilities in Synchronous IPC Designs
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Ensuring integrity and service availability in a web-based control laboratory
Real-time system security
Design and Implementation of Virtual Private Services
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Enforce POLA on processes to control viruses
Communications of the ACM - Mobile computing opportunities and challenges
Finding and preventing run-time error handling mistakes
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Using build-integrated static checking to preserve correctness invariants
Proceedings of the 11th ACM conference on Computer and communications security
A high performance Kernel-Less Operating System architecture
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
Privileged operations in the PlanetLab virtualised environment
ACM SIGOPS Operating Systems Review
Application security support in the operating system kernel
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
A design of the persistent operating system with non-volatile memory
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Proceedings of the 3rd workshop on Programming languages and operating systems: linguistic support for modern operating systems
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
HDTrans: an open source, low-level dynamic instrumentation system
Proceedings of the 2nd international conference on Virtual execution environments
Coordination with multicapabilities
Science of Computer Programming
Singularity: rethinking the software stack
ACM SIGOPS Operating Systems Review - Systems work at Microsoft Research
Network subsystems reloaded: a high-performance, defensible network subsystem
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Homeviews: peer-to-peer middleware for personal data sharing applications
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Are virtual machine monitors microkernels done right?
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Make least privilege a right (not a privilege)
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Design of the EROS trusted window system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Countering targeted file attacks using locationguard
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Towards trustworthy computing systems: taking microkernels to the next level
ACM SIGOPS Operating Systems Review
The mechanics of in-kernel synchronization for a scalable microkernel
ACM SIGOPS Operating Systems Review
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Splitting interfaces: making trust between applications and operating systems configurable
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
Improving multi-tier security using redundant authentication
Proceedings of the 2007 ACM workshop on Computer security architecture
Non-volatile memory and disks:: avenues for policy architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
Exceptional situations and program reliability
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Organizing and sharing distributed personal web-service data
Proceedings of the 17th international conference on World Wide Web
Applying component-based design to self-protection of ubiquitous systems
Proceedings of the 3rd ACM workshop on Software engineering for pervasive services
Securing distributed systems with information flow control
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Verified Protection Model of the seL4 Microkernel
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
Kernel design for isolation and assurance of physical memory
Proceedings of the 1st workshop on Isolation and integration in embedded systems
Non-delegatable authorities in capability systems
Journal of Computer Security
Sound and Complete Type Inference for a Systems Programming Language
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Taming subsystems: capabilities as universal resource access control in L4
Proceedings of the Second Workshop on Isolation and Integration in Embedded Systems
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Surviving sensor network software faults
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
The cake is a lie: privilege rings as a policy resource
Proceedings of the 1st ACM workshop on Virtual machine security
Achieving information flow security through monadic control of effects
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Towards multilaterally secure computing platforms-with open source and trusted computing
Information Security Tech. Report
seL4: formal verification of an operating-system kernel
Communications of the ACM
NOVA: a microhypervisor-based secure virtualization architecture
Proceedings of the 5th European conference on Computer systems
Fine-grained privilege separation for web applications
Proceedings of the 19th international conference on World wide web
CapaCon: access control mechanism for inter-device communications through TCP connections
Proceedings of the 2010 ACM Symposium on Applied Computing
A compositional multiple policies operating system security model
WISA'07 Proceedings of the 8th international conference on Information security applications
PRISM: platform for remote sensing using smartphones
Proceedings of the 8th international conference on Mobile systems, applications, and services
Sentry: light-weight auxiliary memory access control
Proceedings of the 37th annual international symposium on Computer architecture
Hardware enforcement of application security policies using tagged memory
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Cross-origin javascript capability leaks: detection, exploitation, and defense
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Trust and protection in the Illinois browser operating system
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Capsicum: practical capabilities for UNIX
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Structuring protocol implementations to protect sensitive data
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Diesel: applying privilege separation to database access
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Concurrency among strangers: programming in E as plan coordination
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Experiments with the Fresh Breeze tree-based memory model
Computer Science - Research and Development
Making information flow explicit in HiStar
Communications of the ACM
Vistas: towards behavioural cloud control
Euro-Par 2010 Proceedings of the 2010 conference on Parallel processing
Breaking up is hard to do: security and functionality in a commodity hypervisor
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
A taste of Capsicum: practical capabilities for UNIX
Communications of the ACM
An authorization framework based on constrained delegation
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
The structure of authority: why security is not a separable concern
MOZ'04 Proceedings of the Second international conference on Multiparadigm Programming in Mozart/Oz
Safe and automatic live update for operating systems
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Verifying security invariants in ExpressOS
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Object protection in distributed systems
Journal of Parallel and Distributed Computing
Patterns for building dependable systems with trusted bases
Proceedings of the 17th Conference on Pattern Languages of Programs
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
From L3 to seL4 what have we learnt in 20 years of L4 microkernels?
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Comprehensive formal verification of an OS microkernel
ACM Transactions on Computer Systems (TOCS)
| Hi-index | 0.05 |
EROS is a capability-based operating system for commodity processors which uses a single level storage model. The single level store's persistence is transparent to applications. The performance consequences of support for transparent persistence and capability-based architectures are generally believed to be negative. Surprisingly, the basic operations of EROS (such as IPC) are generally comparable in cost to similar operations in conventional systems. This is demonstrated with a set of microbenchmark measurements of semantically similar operations in Linux.The EROS system achieves its performance by coupling well-chosen abstract objects with caching techniques for those objects. The objects (processes, nodes, and pages) are well-supported by conventional hardware, reducing the overhead of capabilities. Software-managed caching techniques for these objects reduce the cost of persistence. The resulting performance suggests that composing protected subsystems may be less costly than commonly believed.