Integrity management in GUARDS

Totel, E.; Beus-Dukic, L J; Blanquart, J.-P.; Deswarte, Y.; Powell, D.; Wellings, A.

doi:10.1007/978-1-4471-1283-9_7

E. Totel³,
L J Beus-Dukic⁴,
J.-P. Blanquart⁵,
Y. Deswarte³,
D. Powell³ &
…
A. Wellings⁴

106 Accesses
1 Citations

Abstract

We present an approach for the management of highly critical tasks coexisting with non-critical tasks in a single processor or multiprocessor architecture. To prevent error propagation from non-critical to critical tasks, an integrity level is assigned to groups of tasks according to their trustworthiness. Multiple levels of integrity are implemented using spatial and temporal isolation, and mediation via an integrity policy. The integrity policy defines the rules for data flow between integrity levels and resource utilisation by the tasks at different levels. Since the GUARDS project aims to provide generic solutions for a variety of application domains, the described integrity management can be implemented either in a middleware, the operating system or both. In this paper, we show a CORBA-compliant implementation of the integrity policy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Biba, K. (1977) Integrity Considerations for Secure Computer Systems, MITRE Co, Bedford, MA, USA.
Google Scholar
Brownbridge, D. and Marshall, L. (1982) The Newcastle connection or UNIXes of the world unite! Software Practice and Experience, 12, 1147–1162.
Article Google Scholar
Burns, A. and Wellings, A. J. (1995) Safety Kernels: Specification and Implementation. High Integrity Systems, 3, 287–300.
Google Scholar
Chiba, S. (1995) A Metaobject Protocol for C++, in ACM conference on Object-Oriented Programming, Systems, Languages and Applications, Austin, TX, pp. 285–299.
Google Scholar
Clark, D. D. and Wilson, D. R. (1987) A Comparison of Commercial and Military Computer Security Policies, in IEEE Symposium on Security and Privacy (Ed, Press, I. S.) Oakland, CA, pp. 184–194.
Google Scholar
Fabre, J.-C. and Pérennou, T. (1998) A Metaobject Architecture for Fault-Tolerant Distributed Systems: The FRIENDS Approach. IEEE Transactions on Computers, 47.
Google Scholar
Hoyme, K. and Driscoll, K. (1992) SAFEbus, in 11th Digital Avionics Systems Conference (Ed, Press, I. S.) Seattle, WA USA, pp. 68–73.
Google Scholar
IEC (1995) Functional Safety: Safety-Related Systems, International Electrotechnical Commission SC 65 A.
Google Scholar
IEEE (1996) Information technology - Portable Operating System Interface (POSIX) - Part 1: System Application Program Interface (API) [C Language], IEEE.
Google Scholar
Jajodia, S. and Kogan, B. (1990) Integrating an Object-Oriented Data Model with Multilevel Security, in International Symposium on Security and Privacy, IEEE Society Press, Oakland, CA, pp. 76–85.
Google Scholar
Kiczales, G., des Rivières, J. and D.G., B. (1991) The Art of the Metaobject Protocol, MIT Press.
Google Scholar
Kopetz, H. (1997) Component-Based Design of Large Distributed Real-Time Systems, in the IFAC Workshop on Distributed Computer Control Systems, DCCS 97, Seoul, Korea.
Google Scholar
NCSC (1987) Trusted Network Interpretation of Trusted Computer Security Evaluation Criteria, National Computer Security Center (USA), pp. 278.
Google Scholar
OMG (1995) The Common Object Request Broker: Architecture and Specification, OMG.
Google Scholar
Powell, D. (1997) Preliminary Definition of the GUARDS Architecture, LAAS, Toulouse.
Google Scholar
Rozier, M. (1991) Chorus Overview, Chorus systemes.
Google Scholar
Totel, E., Blanquart, J.-P., Deswarte, Y. and Powell, D. (1998) Supporting Multiple Levels of Criticality, in IEEE Symposium on Fault Tolerant Computing Systems (FTCS-28), Munich, pp. 10.
Google Scholar
Wellings, A. and Beus-Dukic, L. (1996) Computational Models and Time-Related Dependability Mechanisms for GUARDS, Department of Computer Science, University of York, UK.
Google Scholar

Download references

Author information

Authors and Affiliations

LAAS-CNRS, 7 avenue du Colonel Roche, 31077, Toulouse 4, France
E. Totel, Y. Deswarte & D. Powell
Department of Computer Science, University of York, York, YOl 5DD, UK
L J Beus-Dukic & A. Wellings
Matra Marconi Space, 31 avenue des cosmonautes, 31042, Toulouse Cedex 4, France
J.-P. Blanquart

Authors

E. Totel
View author publications
You can also search for this author in PubMed Google Scholar
L J Beus-Dukic
View author publications
You can also search for this author in PubMed Google Scholar
J.-P. Blanquart
View author publications
You can also search for this author in PubMed Google Scholar
Y. Deswarte
View author publications
You can also search for this author in PubMed Google Scholar
D. Powell
View author publications
You can also search for this author in PubMed Google Scholar
A. Wellings
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Distributed Multimedia Research Group, Lancaster University, Lancaster, LA1 4YR, UK
Nigel Davies & Seitz Jochen &
DSTC, Australia
Kerry Raymond

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Totel, E., Beus-Dukic, L.J., Blanquart, JP., Deswarte, Y., Powell, D., Wellings, A. (1998). Integrity management in GUARDS. In: Davies, N., Jochen, S., Raymond, K. (eds) Middleware’98. Springer, London. https://doi.org/10.1007/978-1-4471-1283-9_7

Download citation

DOI: https://doi.org/10.1007/978-1-4471-1283-9_7
Publisher Name: Springer, London
Print ISBN: 978-1-4471-1285-3
Online ISBN: 978-1-4471-1283-9
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics