Abstract
We present an approach for the management of highly critical tasks coexisting with non-critical tasks in a single processor or multiprocessor architecture. To prevent error propagation from non-critical to critical tasks, an integrity level is assigned to groups of tasks according to their trustworthiness. Multiple levels of integrity are implemented using spatial and temporal isolation, and mediation via an integrity policy. The integrity policy defines the rules for data flow between integrity levels and resource utilisation by the tasks at different levels. Since the GUARDS project aims to provide generic solutions for a variety of application domains, the described integrity management can be implemented either in a middleware, the operating system or both. In this paper, we show a CORBA-compliant implementation of the integrity policy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Biba, K. (1977) Integrity Considerations for Secure Computer Systems, MITRE Co, Bedford, MA, USA.
Brownbridge, D. and Marshall, L. (1982) The Newcastle connection or UNIXes of the world unite! Software Practice and Experience, 12, 1147–1162.
Burns, A. and Wellings, A. J. (1995) Safety Kernels: Specification and Implementation. High Integrity Systems, 3, 287–300.
Chiba, S. (1995) A Metaobject Protocol for C++, in ACM conference on Object-Oriented Programming, Systems, Languages and Applications, Austin, TX, pp. 285–299.
Clark, D. D. and Wilson, D. R. (1987) A Comparison of Commercial and Military Computer Security Policies, in IEEE Symposium on Security and Privacy (Ed, Press, I. S.) Oakland, CA, pp. 184–194.
Fabre, J.-C. and Pérennou, T. (1998) A Metaobject Architecture for Fault-Tolerant Distributed Systems: The FRIENDS Approach. IEEE Transactions on Computers, 47.
Hoyme, K. and Driscoll, K. (1992) SAFEbus, in 11th Digital Avionics Systems Conference (Ed, Press, I. S.) Seattle, WA USA, pp. 68–73.
IEC (1995) Functional Safety: Safety-Related Systems, International Electrotechnical Commission SC 65 A.
IEEE (1996) Information technology - Portable Operating System Interface (POSIX) - Part 1: System Application Program Interface (API) [C Language], IEEE.
Jajodia, S. and Kogan, B. (1990) Integrating an Object-Oriented Data Model with Multilevel Security, in International Symposium on Security and Privacy, IEEE Society Press, Oakland, CA, pp. 76–85.
Kiczales, G., des Rivières, J. and D.G., B. (1991) The Art of the Metaobject Protocol, MIT Press.
Kopetz, H. (1997) Component-Based Design of Large Distributed Real-Time Systems, in the IFAC Workshop on Distributed Computer Control Systems, DCCS 97, Seoul, Korea.
NCSC (1987) Trusted Network Interpretation of Trusted Computer Security Evaluation Criteria, National Computer Security Center (USA), pp. 278.
OMG (1995) The Common Object Request Broker: Architecture and Specification, OMG.
Powell, D. (1997) Preliminary Definition of the GUARDS Architecture, LAAS, Toulouse.
Rozier, M. (1991) Chorus Overview, Chorus systemes.
Totel, E., Blanquart, J.-P., Deswarte, Y. and Powell, D. (1998) Supporting Multiple Levels of Criticality, in IEEE Symposium on Fault Tolerant Computing Systems (FTCS-28), Munich, pp. 10.
Wellings, A. and Beus-Dukic, L. (1996) Computational Models and Time-Related Dependability Mechanisms for GUARDS, Department of Computer Science, University of York, UK.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 Springer-Verlag London Limited
About this paper
Cite this paper
Totel, E., Beus-Dukic, L.J., Blanquart, JP., Deswarte, Y., Powell, D., Wellings, A. (1998). Integrity management in GUARDS. In: Davies, N., Jochen, S., Raymond, K. (eds) Middleware’98. Springer, London. https://doi.org/10.1007/978-1-4471-1283-9_7
Download citation
DOI: https://doi.org/10.1007/978-1-4471-1283-9_7
Publisher Name: Springer, London
Print ISBN: 978-1-4471-1285-3
Online ISBN: 978-1-4471-1283-9
eBook Packages: Springer Book Archive