|
Genode
Genode is a free and open-source software operating system (OS) framework consisting of a microkernel abstraction layer and a set of user space components. The framework is notable as one of the few open-source operating systems not derived from a proprietary OS, such as Unix. The characteristic design philosophy is that a small trusted computing base is of primary concern in a security-oriented OS. Genode can be used as a basis for a desktop computer or tablet OS or as a hypervisor, virtual machine monitor for guest operating systems. The framework has been used as a trusted component of secure hardware virtualization, virtualization systems for both Hardware-assisted virtualization, x86 and ARM architecture#TrustZone (for Cortex-A profile), ARM. The small codebase of Genode makes it a flexible alternative to more complex Unix-derived operating systems. For this reason the framework has been used as a base system for research in such fields as virtualization, inter-process commu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Capability-based Security
Capability-based security is a concept in the design of secure computing systems, one of the existing security models. A capability (known in some systems as a key) is a communicable, unforgeable token of authority. It refers to a value that references an object along with an associated set of access rights. A user program on a capability-based operating system must use a capability to access an object. Capability-based security refers to the principle of designing user programs such that they directly share capabilities with each other according to the principle of least privilege, and to the operating system infrastructure necessary to make such transactions efficient and secure. Capability-based security is to be contrasted with an approach that uses traditional UNIX permissions and Access Control Lists. Although most operating systems implement a facility which resembles capabilities, they typically do not provide enough support to allow for the exchange of capabilities among ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ARM Architecture
ARM (stylised in lowercase as arm, formerly an acronym for Advanced RISC Machines and originally Acorn RISC Machine) is a family of reduced instruction set computer (RISC) instruction set architectures for computer processors, configured for various environments. Arm Ltd. develops the architectures and licenses them to other companies, who design their own products that implement one or more of those architectures, including system on a chip (SoC) and system on module (SOM) designs, that incorporate different components such as memory, interfaces, and radios. It also designs cores that implement these instruction set architectures and licenses these designs to many companies that incorporate those core designs into their own products. There have been several generations of the ARM design. The original ARM1 used a 32-bit internal structure but had a 26-bit address space that limited it to 64 MB of main memory. This limitation was removed in the ARMv3 series, which h ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
L4 Microkernel Family
L4 is a family of second-generation microkernels, used to implement a variety of types of operating systems (OS), though mostly for Unix-like, ''Portable Operating System Interface'' (POSIX) compliant types. L4, like its predecessor microkernel L3, was created by German computer scientist Jochen Liedtke as a response to the poor performance of earlier microkernel-based OSes. Liedtke felt that a system designed from the start for high performance, rather than other goals, could produce a microkernel of practical use. His original implementation in hand-coded Intel i386-specific assembly language code in 1993 sparked intense interest in the computer industry. Since its introduction, L4 has been developed to be cross-platform and to improve security, isolation, and robustness. There have been various re-implementations of the original binary L4 kernel application binary interface (ABI) and its successors, including ''L4Ka::Pistachio'' (Karlsruhe Institute of Technology), ''L4/MIPS ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open-source Software
Open-source software (OSS) is computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose. Open-source software may be developed in a collaborative public manner. Open-source software is a prominent example of open collaboration, meaning any capable user is able to participate online in development, making the number of possible contributors indefinite. The ability to examine the code facilitates public trust in the software. Open-source software development can bring in diverse perspectives beyond those of a single company. A 2008 report by the Standish Group stated that adoption of open-source software models has resulted in savings of about $60 billion per year for consumers. Open source code can be used for studying and allows capable end users to adapt software to their personal needs in a similar way user scripts a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hypervisor
A hypervisor (also known as a virtual machine monitor, VMM, or virtualizer) is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a ''host machine'', and each virtual machine is called a ''guest machine''. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Unlike an emulator, the guest executes most instructions on the native hardware. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances (usually called ''containers'') must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the sa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Confused Deputy Problem
In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important. Capability systems protect against the confused deputy problem, whereas access control list-based systems do not. Example In the original example of a confused deputy, there was a compiler program provided on a commercial timesharing service. Users could run the compiler and optionally specify a filename where it would write debugging output, and the compiler would be able to write to that file if the user had permission to write there. The compiler also collected statistics about language feature usage. Those statistics were stored in a file called "(SYSX)STAT", in the directory "SYSX". To make this possible, the compiler program was given permiss ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sculpt
Sculpt may be: *a verb meaning 'to sculpture Sculpture is the branch of the visual arts that operates in three dimensions. Sculpture is the three-dimensional art work which is physically presented in the dimensions of height, width and depth. It is one of the plastic arts. Durable ...'' *the name of a 2016 film {{Disambiguation ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Application Programming Interface
An application programming interface (API) is a way for two or more computer programs to communicate with each other. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how to build or use such a connection or interface is called an ''API specification''. A computer system that meets this standard is said to ''implement'' or ''expose'' an API. The term API may refer either to the specification or to the implementation. In contrast to a user interface, which connects a computer to a person, an application programming interface connects computers or pieces of software to each other. It is not intended to be used directly by a person (the end user) other than a computer programmer who is incorporating it into the software. An API is often made up of different parts which act as tools or services that are available to the programmer. A program or a programmer that uses one of these parts is said to ''call'' th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Application Binary Interface
In computer software, an application binary interface (ABI) is an interface between two binary program modules. Often, one of these modules is a library or operating system facility, and the other is a program that is being run by a user. An ''ABI'' defines how data structures or computational routines are accessed in machine code, which is a low-level, hardware-dependent format. In contrast, an ''API'' defines this access in source code, which is a relatively high-level, hardware-independent, often human-readable format. A common aspect of an ABI is the calling convention, which determines how data is provided as input to, or read as output from, computational routines. Examples of this are the x86 calling conventions. Adhering to an ABI (which may or may not be officially standardized) is usually the job of a compiler, operating system, or library author. However, an application programmer may have to deal with an ABI directly when writing a program in a mix of programmi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
TU Dresden
TU Dresden (for german: Technische Universität Dresden, abbreviated as TUD and often wrongly translated as "Dresden University of Technology") is a public research university, the largest institute of higher education in the city of Dresden, the largest university in Saxony and one of the 10 largest universities in Germany with 32,389 students . The name Technische Universität Dresden has only been used since 1961; the history of the university, however, goes back nearly 200 years to 1828. This makes it one of the oldest colleges of technology in Germany, and one of the country’s oldest universities, which in German today refers to institutes of higher education that cover the entire curriculum. The university is a member of TU9, a consortium of the nine leading German Institutes of Technology. The university is one of eleven German universities which succeeded in the Excellence Initiative in 2012, thus getting the title of a "University of Excellence". The TU Dresden succee ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Development
Software development is the process of conceiving, specifying, designing, programming, documenting, testing, and bug fixing involved in creating and maintaining applications, frameworks, or other software components. Software development involves writing and maintaining the source code, but in a broader sense, it includes all processes from the conception of the desired software through to the final manifestation of the software, typically in a planned and structured process. Software development also includes research, new development, prototyping, modification, reuse, re-engineering, maintenance, or any other activities that result in software products. Methodologies One system development methodology is not necessarily suitable for use by all projects. Each of the available methodologies are best suited to specific kinds of projects, based on various technical, organizational, project, and team considerations. Software development activities Identification of need The s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Internet Protocol Suite
The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are the Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), and the Internet Protocol (IP). In the development of this networking model, early versions of it were known as the Department of Defense (DoD) model because the research and development were funded by the United States Department of Defense through DARPA. The Internet protocol suite provides end-to-end data communication specifying how data should be packetized, addressed, transmitted, routed, and received. This functionality is organized into four abstraction layers, which classify all related protocols according to each protocol's scope of networking. An implementation of the layers for a particular application forms a protocol stack. From lowest to high ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
