Making information flow explicit in HiStar

Abstract

HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly limiting the structure of applications. HiStar's security features make it possible to implement a Unix-like environment with acceptable performance almost entirely in an untrusted user-level library. The system has no notion of superuser and no fully trusted code other than the kernel. HiStar's features permit several novel applications, including privacy-preserving, untrusted virus scanners and a dynamic Web server with only a few thousand lines of trusted code.

Document Details

Document Type
Pub Defense Publication
Publication Date
Nov 01, 2011
Source ID
10.1145/2018396.2018419

Entities

People

  • David Mazières
  • Eddie Kohler
  • Nickolai Zeldovich
  • Silas Boyd-wickizer

Organizations

  • Defense Advanced Research Projects Agency
  • Division of Computer and Network Systems
  • Massachusetts Institute of Technology
  • Stanford University
  • University of California, Los Angeles

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Systems Analysis and Design