Language-based system
A language-based system is a type of operating system that uses language features to provide security, instead of or in addition to hardware mechanisms. In such systems, code referred to as the trusted base is responsible for approving programs for execution, assuring they cannot perform operations detrimental to the system's stability without first being detected and dealt with.[1] A very common strategy of guaranteeing that such operations are impossible is to base the system around a high-level language, such as Java, whose design precludes dangerous constructs; many are entirely written in such a language, with only the minimum amount of low-level code being used.[2] Since language-based systems can assure ahead of time that they cannot do things that can damage the system (such as corrupting memory by dereferencing dangling pointers), it is possible for them to avoid expensive address space switches needed by traditional OSes; because of this, microkernels are more popular than traditional systems. A more extreme form of this is a high-level language computer architecture, where the trusted base is pushed into hardware, and the entire system is written in a high-level language.
Examples
- Burroughs MCP
- Cosmos
- Emerald
- Inferno
- JX
- Lisp machine
- Midori
- Oberon
- Redox
- Singularity
- Smalltalk
- UCSD P-system
- Verve
References
- A Language-Based Approach to Security, Schneider F., Morrissett G. (Cornell University) and Harper R. (Carnegie Mellon University). Informatics: 10 Years Back, 10 Years Ahead. (2000)
- Michael Golm; Meik Felser; Christian Wawerish; Jürgen Kleinöder. "JX - A flexible Java Operating System (poster)". University of Erlangen. Retrieved 2007-04-21.
- A Sabelfeld, AC Myers Language-based information-flow security IEEE Journal on Selected Areas in Communications, 2003 Volume 21, Issue 1 pp. 5–19
- V Haldar, D Chandra, M Franz Semantic remote attestation—a virtual machine directed approach to trusted computing USENIX Virtual Machine Research and Technology Symposium, 2004
- Giacobazzi, Mastroeni Abstract non-interference: parameterizing non-interference by abstract interpretation Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages pp 186–97 (2004)
- Algis Rudys, Dan S. Wallach Termination in language-based systems ACM Transactions on Information and System Security (TISSEC) Volume 5, Issue 2 (May 2002) pp. 138–68