Design of a Micro-kernel Based Secure System Architecture

Abstract

We describe the Trium secure system architecture. It is based on Fiasco an implementation of the L4 microkernel interface - and L4Env - a programming environment for L4 systems. Compared to previous work on microkernel based secure systems, such as TMach and DTOS, Trium tries to minimize the trusted computing base (TCB) of a secure system by moving most functions of an operating system (OS) out of the TCB, and it emphasizes on the reuse of legacy software. We also try to achieve better isolation, privilege control and flexible configuration of system components, taking advantage of the specific features of the L4 microkernel as a second generation microkernel