Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Research Issues in No-Futz Computing
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
STRIDER: A Black-box, State-based Approach to Change and Configuration Management and Support
LISA '03 Proceedings of the 17th USENIX conference on System administration
Slinky: static linking reloaded
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Using computers to diagnose computer problems
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Broad new OS research: challenges and opportunities
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Solving the starting problem: device drivers as self-describing artifacts
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Broad new OS research: challenges and opportunities
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Purely functional system configuration management
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
NixOS: a purely functional Linux distribution
Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
SQCK: a declarative file system checker
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
A control point for reducing root abuse of file-system privileges
Proceedings of the 17th ACM conference on Computer and communications security
Nixos: A purely functional linux distribution
Journal of Functional Programming
Towards reliable storage systems
Towards reliable storage systems
Hi-index | 0.00 |
System administration can be difficult and painstaking work, yet individual users must typically administer their own personal systems. These personal systems are therefore likely to be misconfigured, undependable, brittle, and insecure, which restricts their wider adoption. Because updating the configuration of today's systems involve imperative updates in place, a system's correctness ultimately depends on the correctness of every install and uninstall it has ever performed; because these updates are local in scope, there is no easy way to specify or check desired properties for the whole system. We present a more checkable declarative approach to system configuration that should improve system integrity and make systems more dependable. As in the earlier Vesta system, we define a system model as a function that we can apply to a collection of system parameters to produce a statically typed, fully configured system instance; models can reference and thereby incorporate submodels, including submodels exported by each program in the system. We further check each system instance against established system policies that can express a variety of additional ad hoc rules defining which system instances are acceptable. Some system policies are expressible using additional type rules, while others must operate outside the type system. A preliminary design and implementation of this approach are under way for the Singularity OS, and we hope to specify and check a number of ad hoc system properties for Singularity-based personal systems.