Welcome to Journal of University of Chinese Academy of Sciences,Today is

›› 2008, Vol. 25 ›› Issue (4): 538-548.DOI: 10.7523/j.issn.2095-6134.2008.4.016

• 论文 • Previous Articles     Next Articles

The function isolation mechanism in secure operating system

Gong Yu-chang, Tang Ling, Zhang Ye, Jia Yong-quan   

  1. Department of Computer Science and Technology, University of Science and Technology of China, Hefei 230027, China
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-07-15

Abstract: Considering the limitations of current space isolation technique, a new security mechanism adopting function isolation is proposed in this paper. With the mechanism more delicate granularity of function can be used and different execution domains corresponding to different function requests may be isolated each other, so the safety of operating system can be improved. In the paper the principle and algorithm for function division are introduced in detail, and two kinds of isolating mechanisms PFI and ASFI are presented. Experiment results show that the overhead of function isolation wouldn’t reduce the system efficiency notably.

Key words: safety critical operating system, spatial isolation, function isolation, function dividing