Patterns for the secure and reliable execution of processes

Abstract

The controlled interaction of processes in a computing environment is fundamental for its security and reliability. Processes can be attacked by other processes or by external clients, errors in one process can propagate to others. We show here three patterns that can help provide a secure and reliable execution environment although they need to be complemented with other patterns. They include Protected Entry Points, which control the correct use of entry points according to their signatures (type and length of parameters); and Protection Rings, which control the calls between processes, enforcing constraints on entry points and signatures according to the level of trust in the processes. Finally, the Multilevel Secure Partitions (MSP) pattern, confines execution of a process to a system partition that has a specific confidentiality or integrity level.