ACM Computing Surveys (CSUR)
On the criteria to be used in decomposing systems into modules
Communications of the ACM
A note on the confinement problem
Communications of the ACM
A policy-driven scheduler for a time-sharing system
Communications of the ACM
The working set model for program behavior
Communications of the ACM
HYDRA: the kernel of a multiprocessor operating system
Communications of the ACM
Overview of the Hydra Operating System development
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
High-performance operating system primitives for robotics and real-time control systems
ACM Transactions on Computer Systems (TOCS)
Experimental Evaluation of a Real-Time Scheduler for a Multiprocessor System
IEEE Transactions on Software Engineering
The Apertos reflective operating system: the concept and its implementation
OOPSLA '92 conference proceedings on Object-oriented programming systems, languages, and applications
An analysis of wide-area name server traffic: a study of the Internet Domain Name System
SIGCOMM '92 Conference proceedings on Communications architectures & protocols
Design and implementation of a distributed virtual machine for networked computers
Proceedings of the seventeenth ACM symposium on Operating systems principles
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Interprocess communication and processor dispatching on the Intel 432
ACM Transactions on Computer Systems (TOCS)
The operating system kernel as a secure programmable machine
EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Tussle in cyberspace: defining tomorrow's internet
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
An extensible file system for hydra
ICSE '78 Proceedings of the 3rd international conference on Software engineering
An operating systems implementation project for an undergraduate course
SIGCSE '77 Proceedings of the seventh SIGCSE technical symposium on Computer science education
ACM '76 Proceedings of the 1976 annual conference
Overview of the Hydra Operating System development
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
UIDs as internal names in a distributed file system
PODC '82 Proceedings of the first ACM SIGACT-SIGOPS symposium on Principles of distributed computing
An implementation of capabilities on the PDP-11/45
ACM SIGOPS Operating Systems Review
An approach to distributed software systems
ACM SIGOPS Operating Systems Review
Design and Implementation of Virtual Private Services
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Transforming policies into mechanisms with infokernel
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
On the benefits of decomposing policy engines into components
ARM '04 Proceedings of the 3rd workshop on Adaptive and reflective middleware
Science of Continuous Media Application Design in Wireless Networks of Mobile Devices
BROADNETS '04 Proceedings of the First International Conference on Broadband Networks
Tussle in cyberspace: defining tomorrow's internet
IEEE/ACM Transactions on Networking (TON)
Optimization aspects in network simulation
Proceedings of the 5th international conference on Aspect-oriented software development
Markets are dead, long live markets
ACM SIGecom Exchanges
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Running the manual: an approach to high-assurance microkernel development
Proceedings of the 2006 ACM SIGPLAN workshop on Haskell
Heap protection for Java virtual machines
PPPJ '06 Proceedings of the 4th international symposium on Principles and practice of programming in Java
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Providing policy control over object operations in a mach based system
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Experience distributing objects in an SMMP OS
ACM Transactions on Computer Systems (TOCS)
Towards trustworthy computing systems: taking microkernels to the next level
ACM SIGOPS Operating Systems Review
Java heap protection for debugging native methods
Science of Computer Programming
CVM - A communication virtual machine
Journal of Systems and Software
A communication mechanism for resource isolation
Proceedings of the Second Workshop on Isolation and Integration in Embedded Systems
The OKL4 microvisor: convergence point of microkernels and hypervisors
Proceedings of the first ACM asia-pacific workshop on Workshop on systems
Group-centric models for secure and agile information sharing
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
PREFAIL: a programmable tool for multiple-failure injection
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
From L3 to seL4 what have we learnt in 20 years of L4 microkernels?
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Hi-index | 0.00 |
The extent to which resource allocation policies are entrusted to user-level software determines in large part the degree of flexibility present in an operating system. In Hydra the determination to separate mechanism and policy is established as a basic design principle and is implemented by the construction of a kernel composed (almost) entirely of mechanisms. This paper presents three such mechanisms (scheduling, paging, protection) and examines how external policies which manipulate them may be constructed. It is shown that the policy decisions which remain embedded in the kernel exist for the sole purpose of arbitrating conflicting requests for physical resources, and then only to the extent of guaranteeing fairness.