least privilege separation kernel (lpsk )
DESCRIPTION
Least Privilege Separation Kernel (LPSK ). Accomplishments and Current Work. Outline. Why are we talking about this here? What is a separation kernel? What is the LPSK? Progress with the LPSK Future work Demo. Digression…. I think PowerPoint (and its ilk) are greatly misused. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/1.jpg)
Least Privilege Separation Kernel
(LPSK)Accomplishments andCurrent Work
![Page 2: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/2.jpg)
2
Outline Why are we talking about this
here? What is a separation kernel? What is the LPSK? Progress with the LPSK Future work Demo
![Page 3: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/3.jpg)
3
Digression… I think PowerPoint (and its ilk)
are greatly misused. Therefore…
![Page 4: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/4.jpg)
4
What is the relevance?
![Page 5: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/5.jpg)
5
What is a Separation Kernel?
OSSecurityKernel
SeparationKernel
![Page 6: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/6.jpg)
6
Partition Flow
![Page 7: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/7.jpg)
7
As a VMM
Separation Kernel
OS #1 OS #2 OS #3 OS #4
![Page 8: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/8.jpg)
8
Separation Kernel Protection Profile (SKPP)
![Page 9: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/9.jpg)
9
Least Privilege Separation Kernel (LPSK)
![Page 10: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/10.jpg)
10
Phase 1 LPSK Architecture
![Page 11: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/11.jpg)
11
LPSK Config (1) Audit
Enabled? Size of internal audit buffer Action when audit is full
Run-time LPSK How shall kernel use the
screen? Reserved memory locations
![Page 12: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/12.jpg)
12
LPSK Config (2) Partitions
Round robin duration for all partitions
For each partition Active? Percent of round robin duration Percent of system RAM
Partition with initial I/O focus Partition to handle SAK
![Page 13: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/13.jpg)
13
LPSK Config (3) Partition flow rules
Processes in Partition ‘x’ can access Partition ‘y’ (RO or RW)
Acyclic flow rules
![Page 14: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/14.jpg)
14
LPSK Config (4) Imported files from disk
Location on disk Home partition Assigned PL Audited events
![Page 15: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/15.jpg)
15
LPSK Config (5) RAM segments
Size Home partition Assigned PL Audited events
![Page 16: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/16.jpg)
16
LPSK Config (6) Devices
Data channel or control channel Home partition Multiplexed or dedicated Device specific attributes
(e.g., keyboard buffer size) Audited events
![Page 17: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/17.jpg)
17
LPSK Config (7) Processes
Home partition % of partition time slice Subject defintions
Code location and PL assignment Kernel APIs allowed to use Subject-to-resource flows allowed (e.g., subject x can access device y) Audited events
![Page 18: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/18.jpg)
18
Funded Objective
![Page 19: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/19.jpg)
19
Progress Report
![Page 20: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/20.jpg)
20
Kernel config options
Multitasking processes
Segmented memory Device drivers for:
Disk drives (PATA/SATA)
Hardware clock Software clock (low
res) Video (text mode) Keyboard (PS/2)
Configuration security policies
Inter-process communication using: Eventcounts Sequencers Signals Shared memory
Kernel event auditing
I/O focus switching between processes
What the Prototype has now
![Page 21: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/21.jpg)
21
Outside the LPSK
![Page 22: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/22.jpg)
22
Future Work
![Page 23: Least Privilege Separation Kernel (LPSK )](https://reader036.vdocuments.us/reader036/viewer/2022062400/56816932550346895de0837d/html5/thumbnails/23.jpg)
23
Demo