Monolithic operating systems are dominating the war against microkernels: with over 3 billion devices worldwide, the results speak for themselves. And even though microkernels are in the midst of a renaissance, with great strides in design, implementation, performance, and even formal verification, the truth remains that commodity monolithic operating systems will not be supplanted overnight. Unfortunately, despite being so widely deployed, monolithic operating systems violate the best security design principles that we know of, including the most obvious. The result is that billions of users not only must trust their operating system to be impenetrable---a bad idea given recent attacks---but also must trust the thousands of developers that write their operating systems.
This talk presents my efforts to retrofit fundamental information protection design principles into commodity monolithic operating systems, the aim of which is a micro-evolution of commodity system design that incrementally decompose monolithic operating systems from the ground up, thereby applying microkernel-like security properties for billions of users worldwide. The key contribution of my work is the creation of a new operating system organization, the Nested Kernel Architecture, which "nests" a new, efficient intra-kernel memory isolation mechanism into a traditional monolithic design. Using the Nested Kernel Architecture I introduce write-protection services for kernel developers to deploy security policies in ways not possible in current systems---while greatly reducing the trusted computing base---and demonstrate the value of these services by deploying three special data protection policies. Overall, the Nested Kernel Architecture demonstrates practical in-place protections that require only minor kernel changes with minimal runtime overheads.
Biography: Nathan Dautenhahn is a seventh-year doctoral candidate in the Department of Computer Science at the University of Illinois at Urbana-Champaign. His research investigates trustworthy system design by developing experimental operating systems, compilers, and hardware components. This research has led to publications in key systems and security venues, including IEEE S&P, CCS, NDSS, ASPLOS, and ISCA. His latest work, on the Nested Kernel Architecture, identifies solutions for defending against insecure and malicious operating systems---the topic of his thesis. The Nested Kernel Architecture is also under consideration for inclusion in HardenedBSD, a variant of FreeBSD. Dautenhahn actively contributes to the CS department graduate program by participating in many activities, such as establishing the Doctoral Education Perspectives seminar, formally mentoring undergraduate and graduate students, and serving on the Computer Science Graduate Academic Council and the Engineering Graduate Student Advisory Committee.