Information Technology Reference
In-Depth Information
environment of the secure OS. Since the popular OS now becomes an ordinary
process within the framework of the secure OS, then from the standpoint of
security this option looks like the preferred one.
Let us discuss what the hybrid OS technology consists in, and how it can be used
for the construction of secure systems compatible with the applications of popular OS.
4 The Technology of Hybrid Operating Systems
The essence of the hybrid operating systems technology consists in the fact that
within the framework of one operating system (called “host”) an environment is
created where another operating system (called “guest”) can function, which makes it
possible to start several different operating systems on the computer simultaneously
and switch between them without rebooting the computer. The essence of the hybrid
system technology is that there are one or several virtual machines set up on the
computer running under the control of the basic ('host”) operating system, and each
of those makes it possible to run a (“guest”) system of its own.
The virtual machine(VM) includes all the devices required for the operation of the
guest OS: the processor, RAM, disc drives, network devices, I/O devices. These
devices are emulated by the VM using the resources of the actual computer system
through addressing the services offered by the host OS. The resources to be used by
the VM are either delivered for the monopolist use by the VM and excluded from the
main pool of resources (like RAM), or used by the host and the guest systems
together — like it is with the processor, drives and the network. It is obvious that
these opportunities can be offered at the expense of sharing the resources of the actual
computer, so the requirements to the hardware will be higher.
In the hybrid system the host OS controls the hardware of the computer system,
while the guest OS has no access to the hardware, interacting only with the VM. This
way the host OS will be in full control of the operation of the guest OS, at the same
time remaining fully transparent for the user of the guest OS.
The main purpose of the VM is to isolate the guest OS from the hardware and to
create for it an appropriate computing environment on the basis of the application
programming interface of the host OS. At that the VM will be able to set up various
hardware configurations — for instance, it can be predetermined how much of RAM
this or that VM will get and whether it will have access to the network.
5 Related Works
The central mechanism in our work is the VM, which allows secure OS to take
control over the common OS and its applications. Extensive discussion of VMs and
their properties is found in seminal work by Goldberg [2, 3] and more contemporary
work on Disco [4] and VMware [5, 6]. More recently, Chen [7] argues for routine and
extensive use of VMs for security purposes.
A more general argument about the inherently limiting nature of committing to a
single OS abstraction has been made by the extensible OS community, perhaps most
