EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
Reflections on an operating system design
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Capability-Based Computer Systems
Capability-Based Computer Systems
The KeyKOS Nanokernel Architecture
Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
ACM SIGOPS Operating Systems Review
Verifying the EROS Confinement Mechanism
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
The Cambridge CAP computer and its operating system (Operating and programming systems series)
The Cambridge CAP computer and its operating system (Operating and programming systems series)
Alliance formation for DDoS defense
Proceedings of the 2003 workshop on New security paradigms
Security architectures revisited
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Secure Bit: Transparent, Hardware Buffer-Overflow Protection
IEEE Transactions on Dependable and Secure Computing
Proceedings of the 3rd workshop on Programming languages and operating systems: linguistic support for modern operating systems
A critique of the GNU hurd multi-server operating system
ACM SIGOPS Operating Systems Review
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
Secure VPNs for Trusted Computing Environments
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Why panic()?: improving reliability with restartable file systems
ACM SIGOPS Operating Systems Review
Membrane: Operating system support for restartable file systems
ACM Transactions on Storage (TOS)
Membrane: operating system support for restartable file systems
FAST'10 Proceedings of the 8th USENIX conference on File and storage technologies
Turning down the LAMP: software specialisation for the cloud
HotCloud'10 Proceedings of the 2nd USENIX conference on Hot topics in cloud computing
On generalizing interrupt handling into a flexible binding model for kernel components
ICESS'04 Proceedings of the First international conference on Embedded Software and Systems
On the correctness of operating system kernels
TPHOLs'05 Proceedings of the 18th international conference on Theorem Proving in Higher Order Logics
Information leakage and capability forgery in a capability-based operating system kernel
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
BottleCap: a credential manager for capability systems
Proceedings of the seventh ACM workshop on Scalable trusted computing
| Hi-index | 0.00 |
Design principles are one of the most advocated ideas in software construction, but they are rarely systematically applied. They are particularly critical in se-cure, reliable systems. EROS, an operating system built from the ground up, provides formally verifiable security, practical reliability, and high performance. This article describes the primary design principles on which EROS is built, the impact these principles had on the design, the application structure that naturally emerged from the resulting system, and the how this affected the system's security and testability.