DOCSLIB.ORG

Scout: a Path-Based Operating System

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Scout: a Path-Based Operating System SCOUT: A PATH-BASED OPERATING SYSTEM by David Mosberger Copyright c David Mosberger 1997 A Dissertation Submitted to the Faculty of the DEPARTMENT OF COMPUTER SCIENCE In Partial Fulfillment of the Requirements For the Degree of DOCTOR OF PHILOSOPHY In the Graduate College THE UNIVERSITY OF ARIZONA 1997 This page intentially left blank. 3 STATEMENT BY AUTHOR This dissertation has been submitted in partial fulfillment of requirements for an ad- vanced degree at The University of Arizona and is deposited in the University Library to be made available to borrowers under rules of the Library. Brief quotations from this dissertation are allowable without special permission, pro- vided that accurate acknowledgment of source is made. Requests for permission for ex- tended quotation from or reproduction of this manuscript in whole or in part may be granted by the copyright holder. SIGNED: 4 ACKNOWLEDGMENTS I would like to express my gratitude to my advisor, Larry Peterson, for his support, patience, and encouragement throughout my graduate studies. It is not often that one finds an advisor and colleague that always finds the time for listening to the little problems and roadblocks that unavoidably crop up in the course of performing research. His technical and editorial advice was essential to the completion of this dissertation and has taught me innumerable lessons and insights on the workings of academic research in general. My thanks also go to the members of my major committee, John Hartman and Todd Proebsting for reading previous drafts of this dissertation and providing many valuable comments that improved the presentation and contents of this dissertation. I would like to thank the members of my minor committee, Robert Schowengerdt and Jeffrey Gonzalez for their help during my minor studies in the field of Remote Sensing. The friendship of Peter Druschel and Larry Brakmo is much appreciated and has led to many interesting and good-spirited discussions relating to this research. I am also grateful to my colleagues Patrick Bridges and Brady Montz for helping considerably with realiz- ing the path-related code optimizations. In particular, Brady implemented the last call optimization and Patrick, with great diligence and ingenuity, convinced gcc to perform path-inlining the way we wanted it. My thanks go to Abhiram Kunesh who adapted the MGR window management system to Scout, to Andy Beavier for turning MGR into the path-cognizant WiMP, and to Dave Larson and Rob Piltz for helping with various aspects of the Scout implementation. Last, but not least, I would like to thank my wife Ning for her understanding and love during the past few years. Her support and encouragement was in the end what made this dissertation possible. My parents, Marta and Erwin, receive my deepest gratitude and love for their dedication and the many years of support during my undergraduate studies that provided the foundation for this work. This work is supported in part by DARPA contracts DABT63-91-C-0030, DABT63- 95-C0075, and N66001-96-C-8518. 5 To my parents, for making it possible to embark on this journey. To my wife, for making it possible to conclude it. 6 TABLE OF CONTENTS LISTOFILLUSTRATIONS............................. 10 LISTOFTABLES.................................. 12 ABSTRACT...................................... 13 CHAPTER 1: INTRODUCTION ........................... 14 1.1FromMainframesToPersonalComputers................. 15 1.2TheAdventoftheInformationAppliance................. 16 1.3 The Need for Configurable and Modular Operating Systems . 19 1.4 Performance Implications of Modular Systems . ......... 21 1.4.1 Potential For Performance Improvements . ......... 23 1.4.2 Implications on Quality-of-Service and Predictability . 25 1.5 Beyond Modularity: The Path Abstraction . ................ 26 1.6ThesisStatementandContributions.................... 28 CHAPTER2:PATHABSTRACTION........................ 32 2.1CommunicationNetworkAnalogy..................... 33 2.2PathModel................................. 35 2.2.1 Basic Path . ........................... 36 2.2.2 Path Processing . .................... 37 2.2.3 Path Creation ........................... 39 2.2.4 Generalized Paths . .................... 48 2.3SummaryandDiscussion.......................... 50 2.3.1 Policy Issues ........................... 51 2.3.2 Intuitive Models . .................... 52 2.3.3 Limitations . ........................... 52 2.4Applications................................. 53 7 TABLE OF CONTENTS — Continued 2.4.1 Code Optimizations . .................... 54 2.4.2 Resource Management . .................... 55 2.5RelatedWork................................ 57 CHAPTER3:SCOUTARCHITECTURE...................... 59 3.1Overview.................................. 59 3.1.1 Scout Epochs ........................... 60 3.2 Modularity . ........................... 61 3.2.1 Module Granularity . .................... 62 3.2.2 Module Structure . .................... 63 3.2.3 Module Graph ........................... 65 3.2.4 Discussion . ........................... 70 3.3Paths..................................... 71 3.3.1 Attributes . ........................... 72 3.3.2 Visual Overview of a Scout Path . ................ 73 3.3.3 Path Object . ........................... 75 3.3.4 Stage . ........................... 77 3.3.5 Interface . ........................... 78 3.3.6 Creation . ........................... 80 3.3.7 Extension . ........................... 82 3.3.8 Optimization ........................... 83 3.3.9 Destruction . ........................... 83 3.3.10 Evaluation and Discussion .................... 84 3.4 Demultiplexing . ........................... 85 3.4.1 Scout Packet Classifier . .................... 85 3.4.2 The Role of Classifiers . .................... 86 8 TABLE OF CONTENTS — Continued 3.4.3 Realizing the Scout Classifier . ................ 88 3.4.4 Evaluation . ........................... 96 3.5ExecutionModel..............................100 3.5.1 Thread Scheduling . ....................101 3.5.2 Thread Creation . ....................103 3.6RelatedWork................................104 CHAPTER4:USINGPATHSTOOPTIMIZECODE................110 4.1 Preliminaries . ...........................111 4.1.1 Experimental Testbed . ....................111 4.1.2 Test Cases . ...........................112 4.1.3 Base Case . ...........................113 4.2LatencyReducingTechniques.......................115 4.2.1 Outlining . ...........................115 4.2.2 Cloning . ...........................118 4.2.3 Path-Inlining ...........................122 4.2.4 Last Call Optimization . ....................123 4.3Evaluation..................................124 4.3.1 Test Cases . ...........................124 4.3.2 End-to-End Results . ....................125 4.3.3 Detailed Analysis . ....................129 4.4ConcludingRemarks............................136 CHAPTER 5: USING PATHS FOR RESOURCE MANAGEMENT . 138 5.1BuildingNetTV...............................138 5.1.1 Module Graph ...........................139 5.1.2 Paths . ...........................140 9 TABLE OF CONTENTS — Continued 5.1.3 Base Performance . ....................145 5.2ResourceManagement...........................147 5.2.1 Queues . ...........................147 5.2.2 Scheduling . ...........................149 5.2.3 Admission Control . ....................154 CHAPTER6:CONCLUSIONS...........................157 6.1Summary..................................157 6.2Contributions................................159 6.3FutureDirections..............................160 6.3.1 CPU Scheduling . ....................162 6.3.2 Distributed Paths . ....................163 6.3.3 Secure Paths . ...........................163 REFERENCES....................................164 10 LIST OF ILLUSTRATIONS FIGURE1.1SystemDesignSpectrum..................... 28 FIGURE2.1ExampleCommunicationNetwork................ 33 FIGURE 2.2 Example Modular System .................... 35 FIGURE2.3SimplePath............................ 37 FIGURE 2.4 Example Path in Modular System ................ 38 FIGURE2.5DynamicRoutingDecision.................... 42 FIGURE 2.6 Path Creation Using pathExtend ............... 43 FIGURE2.7ExamplePath........................... 50 FIGURE 2.8 Approximating Fan-In/Fan-Out With Multiple Paths . 53 FIGURE3.1ScoutDevelopmentTimeline................... 61 FIGURE 3.2 Module With Two Services .................... 64 FIGURE 3.3 Modular Graph for Network-Attached Camera ......... 66 FIGURE 3.4 Graph Description File for Network-Attached Camera . 66 FIGURE3.5PathStructure........................... 74 FIGURE3.6PathsVersusClassifiers...................... 87 FIGURE 3.7 Classification Pseudo-Code .................... 89 FIGURE3.8UpdateofDemuxTree...................... 91 FIGURE3.9TypicalPartialClassifier..................... 93 FIGURE 3.10 Example Requiring Global Hierarchical Classification . 93 FIGURE 3.11 Generalized Partial Classifier . ................ 94 FIGURE 3.12 Classification Performance as a Function of Number of Filters . 99 FIGURE4.1TestProtocolStacks.......................113 FIGURE 4.2 Effects of Outlining and Cloning . ................119 FIGURE 5.1 Module Graph For MPEG Example . .........140 11 LIST OF ILLUSTRATIONS — Continued FIGURE5.2PathsCreatedatBootTime....................142 FIGURE5.3ExampleVideoPaths.......................146 FIGURE 5.4 Correlation Between MPEG Frame Size and Decoding Time . 155 12 LIST OF TABLES TABLE1.1SPECnfsResultsandSystemConfigurations........... 23 TABLE 2.1 Module Descriptions . ...................
Load more

Recommended publications
  • Linux Kernel Contributions by ANSSI
    Linux kernel contributions by ANSSI Yves-Alexis Perez ANSSI LSS-EU 2018 Introduction Who am I? Yves-Alexis Perez ANSSI head of software and hardware architectures lab I OS security (Linux, micro-kernels) I mobile and embedded device security I CLIP OSa development Debian developer I security team I Linux kernel packaging I Xfce, strongSwan, imobiledevice packaging Mostly interested in low-level security and hardening a. https://www.clip-os.org [email protected] Linux kernel contributions by ANSSI LSS-EU 2018 3/28 ANSSI Missions I not an intelligence agency I protect French administration & industry networks I defensive only Labs I pool of expertise on relevant area: cryptography, network, OS, … I research & development I academic publications I free-software contributions [email protected] Linux kernel contributions by ANSSI LSS-EU 2018 4/28 French government & free software User I Large user of free software I Linux distributions widely used accross the whole government I cost reason, sometime about control Contributor I some large projects (SPIP, …) I DINSIC maintains a repository list[8] I 2016 Digital Republic law[11] introduced open-data by default I including code [email protected] Linux kernel contributions by ANSSI LSS-EU 2018 5/28 Current situation with Linux Linux usage quite diverse I Linux servers from various distribution I Linux-based appliances (firewalls, IDS, VPN…) I some Linux workstations ANSSI can’t secure everything downstream I upstream work benefits more people I Linux distributions
    [Show full text]
  • Le Rapport Au Format
    N° 7 SÉNAT SESSION ORDINAIRE DE 2019-2020 Rapport remis à M. le Président du Sénat le 1er octobre 2019 Enregistré à la Présidence du Sénat le 1er octobre 2019 RAPPORT FAIT au nom de la commission d’enquête (1) sur la souveraineté numérique, Président M. Franck MONTAUGÉ, Rapporteur M. Gérard LONGUET, Sénateurs Tome I : Rapport (1) Cette commission est composée de : M. Franck Montaugé, président ; M. Gérard Longuet, rapporteur ; M. Patrick Chaize, Mmes Sylvie Robert, Catherine Morin-Desailly, MM. Yvon Collin, M. André Gattolin, MM. Pierre Ouzoulias et Jérôme Bignon, vice-présidents ; Mme Viviane Artigalas, MM. Jérôme Bascher, Bernard Bonne, Mme Martine Filleul, MM. Christophe-André Frassa, Loïc Hervé, Laurent Lafon, Rachel Mazuir, Stéphane Piednoir, Mmes Sophie Primas, Frédérique Puissat et M. Hugues Saury. - 3 - SOMMAIRE Pages PRINCIPALES RECOMMANDATIONS ............................................................................ 7 AVANT-PROPOS .................................................................................................................13 I. QUELS SCÉNARII FACE AUX MENACES PESANT SUR NOTRE SOUVERAINETÉ ? ..........................................................................................................17 A. LA COMPÉTITION INTENSE ENTRE ÉTATS DANS LE CYBERESPACE ..................17 1. La politique américaine : la recherche d’un leadership incontesté .......................................18 a) Des relations complexes entre les Gafam et l’État américain .................................18 b) Une politique de la
    [Show full text]
  • SENG, the SGX-Enforcing Network Gateway
    SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients Fabian Schwarz and Christian Rossow, CISPA Helmholtz Center for Information Security https://www.usenix.org/conference/usenixsecurity20/presentation/schwarz This paper is included in the Proceedings of the 29th USENIX Security Symposium. August 12–14, 2020 978-1-939133-17-5 Open access to the Proceedings of the 29th USENIX Security Symposium is sponsored by USENIX. SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients Fabian Schwarz and Christian Rossow CISPA Helmholtz Center for Information Security Saarbrücken, Germany {fabian.schwarz,rossow}@cispa.saarland Abstract almost impossible. On the one hand, network administrators Network administrators face a security-critical dilemma. deploy firewalls and Intrusion Detection Systems (IDS) to While they want to tightly contain their hosts, they usually tightly control and contain information flows. On the other have to relax firewall policies to support a large variety of hand, they have to support a vast diversity of applications applications. However, liberal policies like this enable data and access methods and lack a mapping between which ap- exfiltration by unknown (and untrusted) client applications. plication causes which traffic. This enables internal clients An inability to attribute communication accurately and reli- to (possibly unknowingly) leak data by executing untrusted ably to applications is at the heart of this problem. Firewall or even malicious software. Furthermore, companies opening policies are restricted to coarse-grained features that are easy their servers to partners lack control over which remote client to evade and mimic, such as protocols or port numbers. applications are used to access these servers.
    [Show full text]
  • Auditing Hooks and Security Transparency for Cpython
    Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython 2019, Basel, Switzerland Auditing Hooks and Security Transparency for Python Why is SkelSec so sad? @zooba @christianheimes EuroPython 2019, Basel - 10 July 2019 2 Auditing Hooks and Security Transparency for Python @zooba @christianheimes EuroPython 2019, Basel - 10 July 2019 4 Auditing Hooks and Security Transparency for Python We made SkelSec sad… and that should make you all happy @zooba @christianheimes EuroPython 2019, Basel - 10 July 2019 5 Auditing Hooks and Security Transparency for Python Who are we? Steve Dower Christian Heimes • CPython core developer • CPython core developer • Author of PEP 578 • BDFL delegate for PEP 578 • @zooba • @christianheimes • (Also works at Microsoft) • (Also works at Red Hat) @zooba @christianheimes EuroPython 2019, Basel - 10 July 2019 6 Auditing Hooks and Security Transparency for Python Today’s Agenda • What are audit hooks, and why would I use them? • Using audit hooks to improve security • Integration on Windows-based systems • Integration on Linux-based systems @zooba @christianheimes EuroPython 2019, Basel - 10 July 2019 7 Auditing Hooks and Security Transparency for Python Runtime Audit Hooks (PEP 578) • One piece of a complete security solution • Provides low-level insight into runtime behaviour • Opening files • Connecting sockets • Compiling strings • By default, does nothing! • Designed for security engineers to plug into @zooba @christianheimes EuroPython 2019, Basel - 10 July 2019 8 Auditing
    [Show full text]
  • Computer Basics
    Microsoft® CCoommppuutteerr BBaassiiccss Student Edition Complete Computer Courseware © 2003 by CustomGuide, Inc. 1502 Nicollet Avenue South, Suite 1; Minneapolis, MN 55403 This material is copyrighted and all rights are reserved by CustomGuide, Inc. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual, or otherwise, without the prior written permission of CustomGuide, Inc. We make a sincere effort to ensure the accuracy of the material described herein; however, CustomGuide makes no warranty, expressed or implied, with respect to the quality, correctness, reliability, accuracy, or freedom from error of this document or the products it describes. Data used in examples and sample data files are intended to be fictional. Any resemblance to real persons or companies is entirely coincidental. The names of software products referred to in this manual are claimed as trademarks of their respective companies. CustomGuide is a registered trademark of CustomGuide, Inc. Table of Contents Introduction .......................................................................................................................... 7 Chapter One: The Essentials ............................................................................................ 11 Lesson 1-1: Hardware, Software, and Information Technology (IT)...................................12 Lesson 1-2: Computer
    [Show full text]
  • Introduction Aux Trusted Platform Modules (Tpms)
    INTRODUCTION AUX TRUSTED PLATFORM MODULES (TPMS) Julien FRANCQ 29/08/2020 Naval Cyber Laboratory Corporate Sensitivity © Propriété Naval Group SA 2018 PUBLIC Tous droits réservés SOMMAIRE 1. C’est quoi un TPM ? 2. Applications des TPMs 3. Attaques sur les TPMs 4. Résumé Corporate Sensitivity © Propriété Naval Group SA 2018 Introduction aux Trusted Platform Modules (TPMs) PUBLIC Tous droits réservés 29/08/2020 2 C’EST QUOI UN TPM ? Corporate Sensitivity © Propriété Naval Group SA 2018 Introduction aux Trusted Platform Modules (TPMs) PUBLIC Tous droits réservés 29/08/2020 3 LES TPMS EN UNE SLIDE . Composant du Trusted Computing . Co-processeur cryptographique . Gère des clés cryptographiques . Contient des registres d’intégrité (Platform Configuration Registers, PCRs) . Protégé contre les attaques physiques . Enfoui au sein de la plateforme . Composant passif Corporate Sensitivity © Propriété Naval Group SA 2018 Introduction aux Trusted Platform Modules (TPMs) PUBLIC Tous droits réservés 29/08/2020 4 INTEGRATION D’UN TPM DANS UN PC . TPM discret (dTPM) intégré dans la carte mère et disponible avant le boot de la machine Corporate Sensitivity © Propriété Naval Group SA 2018 Introduction aux Trusted Platform Modules (TPMs) PUBLIC Tous droits réservés 29/08/2020 5 INTEGRATION D’UN TPM DANS UN PC . Firmware TPM (fTPM) s’exécutant dans la zone de confiance du CPU . Trusted Execution Environment (TEE) Corporate Sensitivity © Propriété Naval Group SA 2018 Introduction aux Trusted Platform Modules (TPMs) PUBLIC Tous droits réservés 29/08/2020 6
    [Show full text]
  • Building a Defense-In-Depth OS with the Linux Kernel and Open Source Software
    CLIP OS: Building a defense-in-depth OS with the Linux kernel and open source software Timothée Ravier, Nicolas Godinho, Thibaut Sautereau Agence nationale de la sécurité des systèmes d’information (ANSSI) Paris Open Source Summit 2018 December 6, 2018 About the ANSSI ◮ Agence nationale de la sécurité des systèmes d’information ◮ French authority in the area of cyberdefence, network and information security ◮ We are not an intelligence agency ANSSI CLIP OS: Building a defense-in-depth OS 2/21 Overview CLIP OS? ◮ Linux distribution developed by the ANSSI ◮ Initially only available internally ◮ Now open source, mostly under the LGPL v2.1+ ◮ Code and issue tracker hosted on GitHub12: ◮ Version 4: available as reference and for upstream patch contribution ◮ Version 5: currently developed version, alpha status 1https://github.com/CLIPOS 2https://github.com/CLIPOS-Archive ANSSI CLIP OS: Building a defense-in-depth OS 4/21 CLIP OS? Not yet another Linux distribution ◮ Not a generic/multi-purpose distribution ANSSI CLIP OS: Building a defense-in-depth OS 5/21 CLIP OS? Not yet another Linux distribution ◮ Not a generic/multi-purpose distribution Targets three main use cases ◮ Office workstation ◮ Administration workstation ◮ IPsec gateway ANSSI CLIP OS: Building a defense-in-depth OS 5/21 Hardened OS ◮ Based on Gentoo Hardened ANSSI CLIP OS: Building a defense-in-depth OS 6/21 Hardened OS ◮ Based on Gentoo Hardened ◮ Hardened Linux kernel and confined services ANSSI CLIP OS: Building a defense-in-depth OS 6/21 Hardened OS ◮ Based on Gentoo Hardened
    [Show full text]
  • Building a Defense-In-Depth OS Around Linux Kernel Security Improvements
    CLIP OS: Building a defense-in-depth OS around Linux kernel security improvements Timothée Ravier, Mickaël Salaün Agence nationale de la sécurité des systèmes d’information (ANSSI) September 26, 2018 About the ANSSI I Agence nationale de la sécurité des systèmes d’information I French authority in the area of cyberdefence, network and information security I We are not an intelligence agency ANSSI CLIP OS: Building a defense-in-depth OS 2/27 Overview CLIP OS ? I Linux distribution developed by the ANSSI I Initially only available internally I Now open source, mostly under the LGPL v2.1+ I Code and issue tracker hosted on GitHub: I Version 4: available as reference and for upstream patch contribution1 I Version 5: currently developed version, alpha status2 1https://github.com/CLIPOS-Archive 2https://github.com/CLIPOS ANSSI CLIP OS: Building a defense-in-depth OS 4/27 Hardened OS I Hardened Linux kernel and userspace I Confined services I "Unprivileged" admin, audit and update roles: ⇒ the root account is not usable I Automatic updates using A/B partition model (similar to Android 7+) ANSSI CLIP OS: Building a defense-in-depth OS 5/27 Multilevel security OS I Provide two isolated user environments: low and high I Interactions follow the Bell-LaPadula model: I Write up: upload documents from low to high I Read down: high has read only access to untrusted USB devices I Trusted write down: encrypt documents from high to write them in low I Level high can only access network through a VPN I Per level user device assignment ANSSI CLIP OS: Building a defense-in-depth OS 6/27 Multilevel from the end user point of view ANSSI CLIP OS: Building a defense-in-depth OS 7/27 Admin panel: devices assignment per level ANSSI CLIP OS: Building a defense-in-depth OS 8/27 Goal of CLIP OS I We target non-expert users I Bell-LaPadula model with two levels I We favor a defense-in-depth approach Technical point of view I Hypervisor vs.
    [Show full text]
  • Mickaël Salaün Intégration De L'utilisateur Au Contrôle D'accès
    THÈSE DE DOCTORAT DE TÉLÉCOM SUDPARIS Spécialité Informatique École doctorale Informatique, Télécommunications et Électronique (Paris) Présentée par Mickaël Salaün Pour obtenir le grade de DOCTEUR de TÉLÉCOM SUDPARIS Sujet de la thèse : Intégration de l’utilisateur au contrôle d’accès : du processus cloisonné à l’interface homme-machine de confiance Soutenue le 2 mars 2018 devant le jury composé de : Président : Gaël Thomas Télécom SudParis Rapporteurs : Michaël Hauspie Université Lille 1, Sciences et Technologies Valérie Viet Triem Tong CentraleSupélec Examinateur : Roland Groz Grenoble INP, Ensimag Directeur de thèse : Hervé Debar Télécom SudParis Co-encadrante : Marion Daubignard ANSSI Invités : Mathieu Blanc CEA Benjamin Morin ANSSI NNT : 2018TELE0006 c 2018 Mickaël Salaün Ce document est placé sous la « Licence Ouverte » publiée par la mission Etalab. Mise à jour du 6 avril 2018 Résumé Cette thèse souhaite fournir des outils pour qu’un utilisateur puisse contribuer activement à la sécurité de son usage d’un système informatique. Les activités de sensibilités différentes d’un utilisateur nécessitent tout d’abord d’être cloisonnées dans des domaines dédiés, par un contrôle d’accès s’ajustant aux besoins de l’utilisateur. Afin de conserver ce cloisonnement, celui-ci doit être en mesure d’identifier de manière fiable les domaines avec lesquels il interagit, à partir de l’interface de sa machine. Dans une première partie, nous proposons un nouveau mécanisme de cloisonnement qui peut s’adapter de manière transparente aux changements d’activité de l’utilisateur, sans altérer le fonctionnement des contrôles d’accès existants, ni dégrader la sécurité du système. Nous en décrivons une première implémentation, nommée StemJail, basée sur les espaces de noms de Linux.
    [Show full text]
  • Building a Defense-In-Depth OS with the Linux Kernel and Open Source Software
    CLIP OS: Building a defense-in-depth OS with the Linux kernel and open source software Timothée Ravier, Nicolas Godinho, Thibaut Sautereau Agence nationale de la sécurité des systèmes d’information (ANSSI) Journées nationales du GDR Sécurité 12 juin 2019 About the ANSSI ◮ Agence nationale de la sécurité des systèmes d’information ◮ French authority in the area of cyberdefence, network and information security ◮ Provides its expertise and technical assistance to government departments and businesses and plays an enhanced role in supporting operators of vital importance. ANSSI CLIP OS: Building a defense-in-depth OS 2/25 CLIP OS? ◮ Linux distribution developed by the ANSSI ◮ Initially only available internally ◮ Now open source, mostly under the LGPL v2.1+ ◮ Code and issue tracker hosted on GitHub12: ◮ Version 4: available as reference and for upstream patch contribution ◮ Version 5: currently developed version, alpha status, beta coming soon 1https://github.com/CLIPOS 2https://github.com/CLIPOS-Archive ANSSI CLIP OS: Building a defense-in-depth OS 3/25 CLIP OS? Not yet another Linux distribution ◮ Not a generic/multi-purpose distribution Targets three main use cases ◮ Mobile office workstation ◮ Remote administration workstation ◮ IPsec gateway ANSSI CLIP OS: Building a defense-in-depth OS 4/25 Hardened OS ◮ Based on Gentoo Hardened ◮ Hardened Linux kernel and confined services ◮ No interactive root account available: ⇒ "Unprivileged" admin, audit and update roles ◮ Automatic updates using A/B partition model (similar to Android 7+) ◮ Multilevel
    [Show full text]
  • Analyzing Government Use of Github for Collaboration: an Empirical Approach to Measuring Open Government and Open Collaboration
    Analyzing Government Use of GitHub for Collaboration: An Empirical Approach to Measuring Open Government and Open Collaboration By Jaydeep Mistry A thesis presented to the University of Waterloo in fulfilment of the thesis requirement for the degree of Master of Environmental Studies in Geography Waterloo, Ontario, Canada, 2020 © Jaydeep Mistry 2020 AUTHOR’S DECLARATION I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii Abstract The way government organizations collaborate on developing computer software has significantly changed with the use of the Internet. GitHub, an online platform that hosts computer software and provides project management solutions, has been popular for hosting open source software projects. Although some government organizations have been adopting the use of GitHub for their own work, there is a lack of understand as to why they use it and how it can contribute to them becoming an open government. This research identifies motivations and challenges that they face in using the platform to become an open government, and how they are participating in open collaboration on the platform. Governments are motivated to use GitHub because it allows them to break down silos of knowledge within government departments and share knowledge more freely. It comes with the challenges to train government workers to use version control systems such as Git, or to work within loose legal frameworks of what software is appropriate for governments to become an open government.
    [Show full text]
  • Open Reference Architecture for Security and Privacy Documentation Release 2021-Q1
    Open Reference Architecture for Security and Privacy Documentation Release 2021-Q1 Maikel Mardjan & Asim Jahan Apr 06, 2021 ARCHITECTURE ESSENTIALS 1 Content 5 1.1 Foreword.................................................5 1.2 Introduction...............................................6 1.3 Creating a Solution............................................ 11 1.4 Generic Security & Privacy Architectures................................ 13 1.5 Security and Privacy models....................................... 15 1.6 Security and Privacy Principles..................................... 36 1.7 Security Principles............................................ 41 1.8 Privacy Principles............................................ 67 1.9 Mozilla Data Privacy Principles..................................... 72 1.10 Security and Privacy designs....................................... 72 1.11 Using Open Source for security and privacy protection......................... 82 1.12 OSS Security Applications........................................ 95 1.13 OSS Privacy Applications........................................ 141 1.14 Security and Privacy References..................................... 152 1.15 Security Courses............................................. 158 1.16 Security and Privacy Measurements................................... 159 1.17 Security Regulation and policies..................................... 160 1.18 Secure Coding Guidelines........................................ 160 1.19 Security Testing Manuals.......................................
    [Show full text]