CuPIDS enhances StUPIDS: exploring a co-processing paradigm shift in information system security

Abstract

The CuPIDS project is an exploration of increasing information system security by dedicating computational resources to system security tasks in a shared resource, multiprocessor (MP) architecture. Our research explores ways in which this architecture offers improvements over the traditional uniprocessor (UP) model of security. There are a number of areas to explore, one of which has a protected application running on one processor in a symmetric multiprocessing (SMP) system while a shadow process specific to that application runs on a different processor, monitoring its activity, ready to respond immediately if the application veers off course. This paper describes initial work into defining such an architecture and the prototype work done to validate our ideas.