Sentry: A binary-level interposition mechanism for trusted kernel extension

Se Won Kim, Jae Hyun Hwang, Jin Hee Choi, Chuck Yoo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Several commodity operating systems have used kernel extensions to extend or replace their functionalities. Generally, since the kernel extensions are executed in the same address space with the kernel, a mere fault in the extensions may lead the whole system to be corrupted. So naturally, studies on the kernel extension are mainly proposed with the goal of isolating extension faults from the system. However, previous schemes require the static analysis of the extension module and the modification of kernel source code. The goal of this paper is to remove such overhead stages. This paper proposes Sentry; a lightweight kernel subsystem that provides dependable execution environment for the kernel extensions. We show the efficiency of Sentry through practical implementation on Linux.

Original languageEnglish
Title of host publicationProceedings - Sixth IEEE International Conference on Computer and Information Technology, CIT 2006
DOIs
Publication statusPublished - 2006
Event6th IEEE International Conference on Computer and Information Technology, CIT 2006 - Seoul, Korea, Republic of
Duration: 2006 Sept 202006 Sept 22

Publication series

NameProceedings - Sixth IEEE International Conference on Computer and Information Technology, CIT 2006

Other

Other6th IEEE International Conference on Computer and Information Technology, CIT 2006
Country/TerritoryKorea, Republic of
CitySeoul
Period06/9/2006/9/22

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Software
  • General Mathematics

Fingerprint

Dive into the research topics of 'Sentry: A binary-level interposition mechanism for trusted kernel extension'. Together they form a unique fingerprint.

Cite this