BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Memento EPFL// BEGIN:VEVENT SUMMARY:Nested Kernel: An Operating System Architecture for Intra-Kernel P rivilege Separation DTSTART:20150311T160000 DTEND:20150311T170000 DTSTAMP:20260407T113715Z UID:5d4c66862816e735cc00ec7a7181ba407c38a417c3085a17f63aceee CATEGORIES:Conferences - Seminars DESCRIPTION:Nathan Dautenhahn\, Department of Computer Science\, Universit y of Illinois at Urbana-Champaign\nMonolithic operating system designs und ermine the security of computing systems by allowing single exploits anywh ere in the kernel to enjoy full supervisor privileges. The nested kernel o perating system architecture addresses this problem by “nesting” a sma ll\, isolated kernel within a traditional monolithic kernel. The “nested kernel” interposes on all updates to virtual memory translations to ass ert protections on physical memory\, thus significantly reducing the trust ed computing base for memory access control enforcement. We incorporated t he nested kernel architecture into FreeBSD on x86-64 hardware by write-pro tecting MMU translations and de- privileging the untrusted part of the ker nel\, thereby enabling the entire operating system\, trusted and untrusted components alike\, to operate at the highest hardware privilege level. Ou r implementation inherently enforces kernel code integrity while still all owing dynamically loaded kernel modules\, thus defending against code inje ction attacks. We also demonstrate\, by introducing write-mediation and wr ite-logging services\, that the nested kernel architecture allows kernel d evelopers to isolate memory in ways not possible in monolithic kernels. Pe rformance of the nested kernel prototype shows modest overheads: < 1% aver age for Apache\, <3.7% average for SSHD\, and 2.7% average for kernel comp ile. Overall\, our results and experience show that the nested kernel desi gn can be retrofitted to existing monolithic kernels\, providing important security benefits. LOCATION:BC 04 https://plan.epfl.ch/?room==BC%2004 STATUS:CONFIRMED END:VEVENT END:VCALENDAR