{"title":"Bear -- A Resilient Kernel for Tactical Missions","authors":"Colin Nichols, M. Kanter, Stephen Taylor","doi":"10.1109/MILCOM.2013.240","DOIUrl":null,"url":null,"abstract":"This paper describes Bear, a clean-slate, resilient operating system design intended to support military applications on scalable multi-processors and in embedded systems. The system combines a minimalist micro-kernel with an associated hypervisor, and presents only a 120Kbyte attack surface on 64-bit x86 blade servers. MULTICS-like protections are strictly enforced through extended page tables and Intel VTx extensions. The design utilizes multiple, overlapping, nondeterministic techniques to continually re-establish trust. This is achieved by dynamically regenerating core components of the system. The cumulative effect of this design style is to increase attacker workload by denying surveillance and persistence over time-scales consistent with tactical operations. Unlike traditional approaches to computer security, no attempt is made to detect intrusions: instead, we focus on continually validating, preserving, and re-establishing the ability of a mission to proceed.","PeriodicalId":379382,"journal":{"name":"MILCOM 2013 - 2013 IEEE Military Communications Conference","volume":"103 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"MILCOM 2013 - 2013 IEEE Military Communications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MILCOM.2013.240","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
This paper describes Bear, a clean-slate, resilient operating system design intended to support military applications on scalable multi-processors and in embedded systems. The system combines a minimalist micro-kernel with an associated hypervisor, and presents only a 120Kbyte attack surface on 64-bit x86 blade servers. MULTICS-like protections are strictly enforced through extended page tables and Intel VTx extensions. The design utilizes multiple, overlapping, nondeterministic techniques to continually re-establish trust. This is achieved by dynamically regenerating core components of the system. The cumulative effect of this design style is to increase attacker workload by denying surveillance and persistence over time-scales consistent with tactical operations. Unlike traditional approaches to computer security, no attempt is made to detect intrusions: instead, we focus on continually validating, preserving, and re-establishing the ability of a mission to proceed.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
