Recommendations for Secure Initialization Routines in Operating Systems

Abstract

While a necessity of all operating systems, the code that initializes a system can be notoriously difficult to understand. This thesis explores the most common architectures used for bringing an operating system to its initial state, once the operating system gains control from the boot loader. Specifically, the ways in which the OpenBSD and Linux operating systems handle initialization are dissected. With this understanding, a set of threats relevant to the initialization sequences was developed. A thorough study was also made to determine the degree to which initialization code adheres to widely accepted software engineering principles. Based upon this threat analysis and the observed strengths and weaknesses of existing systems, a set of recommendations for initialization sequence architecture and implementation have been developed. These recommendations can serve as a guide for future operating system development.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2004
Accession Number
ADA436194

Entities

People

  • Catherine Dodge

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems
  • Space

DTIC Thesaurus Topics

  • Assembly Languages
  • Authentication
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cybersecurity
  • Debugging
  • Device Drivers
  • Engineering
  • Instruction Set Architecture
  • Operating Systems
  • Personal Computers
  • Programming Languages
  • Shell Scripts
  • Software Design
  • Software Development

Fields of Study

  • Computer science

Readers

  • Parallel and Distributed Computing.
  • Software Engineering
  • Strategic Security Studies