Abstract
Several commodity operating systems have used kernel extensions to extend or replace their functionalities. Generally, since the kernel extensions are executed in the same address space with the kernel, a mere fault in the extensions may lead the whole system to be corrupted. So naturally, studies on the kernel extension are mainly proposed with the goal of isolating extension faults from the system. However, previous schemes require the static analysis of the extension module and the modification of kernel source code. The goal of this paper is to remove such overhead stages. This paper proposes Sentry; a lightweight kernel subsystem that provides dependable execution environment for the kernel extensions. We show the efficiency of Sentry through practical implementation on Linux.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - Sixth IEEE International Conference on Computer and Information Technology, CIT 2006 |
| DOIs | |
| Publication status | Published - 2006 Dec 1 |
| Event | 6th IEEE International Conference on Computer and Information Technology, CIT 2006 - Seoul, Korea, Republic of Duration: 2006 Sep 20 → 2006 Sep 22 |
Other
| Other | 6th IEEE International Conference on Computer and Information Technology, CIT 2006 |
|---|---|
| Country | Korea, Republic of |
| City | Seoul |
| Period | 06/9/20 → 06/9/22 |
Fingerprint
ASJC Scopus subject areas
- Computer Science Applications
- Information Systems
- Software
- Mathematics(all)
Cite this
Sentry : A binary-level interposition mechanism for trusted kernel extension. / Kim, Se Won; Hwang, Jae Hyun; Choi, Jin Hee; Yoo, Hyuck.
Proceedings - Sixth IEEE International Conference on Computer and Information Technology, CIT 2006. 2006. 4019955.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Sentry
T2 - A binary-level interposition mechanism for trusted kernel extension
AU - Kim, Se Won
AU - Hwang, Jae Hyun
AU - Choi, Jin Hee
AU - Yoo, Hyuck
PY - 2006/12/1
Y1 - 2006/12/1
N2 - Several commodity operating systems have used kernel extensions to extend or replace their functionalities. Generally, since the kernel extensions are executed in the same address space with the kernel, a mere fault in the extensions may lead the whole system to be corrupted. So naturally, studies on the kernel extension are mainly proposed with the goal of isolating extension faults from the system. However, previous schemes require the static analysis of the extension module and the modification of kernel source code. The goal of this paper is to remove such overhead stages. This paper proposes Sentry; a lightweight kernel subsystem that provides dependable execution environment for the kernel extensions. We show the efficiency of Sentry through practical implementation on Linux.
AB - Several commodity operating systems have used kernel extensions to extend or replace their functionalities. Generally, since the kernel extensions are executed in the same address space with the kernel, a mere fault in the extensions may lead the whole system to be corrupted. So naturally, studies on the kernel extension are mainly proposed with the goal of isolating extension faults from the system. However, previous schemes require the static analysis of the extension module and the modification of kernel source code. The goal of this paper is to remove such overhead stages. This paper proposes Sentry; a lightweight kernel subsystem that provides dependable execution environment for the kernel extensions. We show the efficiency of Sentry through practical implementation on Linux.
UR - http://www.scopus.com/inward/record.url?scp=34547345875&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34547345875&partnerID=8YFLogxK
U2 - 10.1109/CIT.2006.165
DO - 10.1109/CIT.2006.165
M3 - Conference contribution
AN - SCOPUS:34547345875
SN - 076952687X
SN - 9780769526874
BT - Proceedings - Sixth IEEE International Conference on Computer and Information Technology, CIT 2006
ER -