Language-based system: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 09:26, 5 April 2009 edit Vanished user rt41as76lk (talk \| contribs) 523 edits m →Examples ← Previous edit		Latest revision as of 08:19, 10 August 2025 edit undo Q Chris (talk \| contribs) Extended confirmed users 3,546 edits →Examples: Add RedoxOS Tags: Mobile edit Mobile web edit
(32 intermediate revisions by 30 users not shown)
Line 1: {{Short description\|Type of operating system that uses language features to provide security}} In a '''language-based system''', the [[operating system]] has both the [[kernel (computer science)\|kernel]] and applications implemented using a [[High-level programming language\|high level]] [[programming language]], such as [[Java (programming language)\|Java]].<ref>{{cite web\| A '''language-based system''' is a type of [[operating system]] that uses [[programming language\|language]] features to provide [[Language-based security\|security]], instead of or in addition to hardware mechanisms. In such systems, code referred to as the ''trusted base'' is responsible for approving programs for [[execution (computing)\|execution]], assuring they cannot perform operations detrimental to the system's stability without first being detected and dealt with.<ref name="Schneider">[https://www.cs.cmu.edu/~rwh/papers/langsec/dagstuhl.pdf A Language-Based Approach to Security], Schneider F., Morrissett G. (Cornell University) and Harper R. (Carnegie Mellon University). Informatics: 10 Years Back, 10 Years Ahead. (2000)</ref> A very common strategy of guaranteeing that such operations are impossible is to base the system around a [[High-level programming language\|high-level language]], such as [[Java (programming language)\|Java]], whose design precludes dangerous constructs; many are entirely written in such a language, with only the minimum amount of [[low-level programming language\|low-level code]] being used.<ref>{{cite web\| title=JX - A flexible Java Operating System (poster)\| url=http://www4.informatik.uni-erlangen.de/Projects/JX/poster/jx-poster.jpg\|author1=Michael Golm \|author2=Meik Felser \|author3=Christian Wawerish \|author4=Jürgen Kleinöder \| publisher=University of Erlangen\|accessdate=2007-04-21}}</ref> Since language-based systems can assure ahead of time that they cannot do things that can damage the system (such as corrupting memory by dereferencing [[dangling pointer]]s), it is possible for them to avoid expensive address space switches needed by traditional OSes; because of this, [[microkernel]]s are more popular than traditional systems.{{Citation needed\|date=April 2011}} A more extreme form of this is a [[high-level language computer architecture]], where the trusted base is pushed into hardware, and the entire system is written in a high-level language. ~~author=Michael Golm, Meik Felser, Christian Wawerish, Jürgen Kleinöder\|~~ ~~publisher=University of Erlangen\|accessdate=2007-04-21}}</ref>~~ ~~==Protection==~~ In a language-based protection system, the kernel will only allow code to execute that has been produced by a trusted language [[compiler]]. The language may then be designed such that it is impossible for the programmer to instruct it to do something that will violate a security requirement.<ref name="Schneider">[http://www.cs.cmu.edu/~rwh/papers/langsec/dagstuhl.pdf A Language-Based Approach to Security], Schneider F., Morrissett G. (Cornell University) and Harper R. (Carnegie Mellon University). Informatics: 10 Years Back, 10 Years Ahead. (2000)</ref> ==Examples== {{annotated link\|Burroughs MCP}} [[UCSD P-system]]▼ ~~[[JX~~{{annotated link\|Cosmos (operating system)\|~~JX]]~~Cosmos}} {{annotated link\|Emerald (programming language)\|Emerald}} [[Singularity (operating system)\|Singularity]]▼ ~~[[Oberon~~{{annotated link\|Inferno (operating system)\|~~Oberon]]~~Inferno}} ~~[[Midori~~{{annotated link\|JX (operating system)\|~~Midori]]~~JX}} {{annotated link\|Lisp machine}} [[Inferno (operating system)\|Inferno]]▼ {{annotated link\|Midori (operating system)\|Midori}} [[JNode]] {{annotated link\|Oberon (operating system)\|Oberon}} {{annotated link\|RedoxOS\|Redox}} ▲[[{{annotated link\|Singularity (operating system)\|Singularity]]}} {{annotated link\|Smalltalk}} [https://github.com/theseus-os/Theseus Theseus OS] ▲[[{{annotated link\|UCSD P-system]]}} ▲~~[[Inferno~~{{annotated link\|Verve (operating system)\|~~Inferno]]~~Verve}} ==See also== * [[High-level language computer architecture]] ==References== {{Reflist}} {{refbegin}} A Sabelfeld, AC Myers ''[~~http~~https://ieeexplore.ieee.org/~~xpl~~document/~~freeabs_all.jsp~~1159651/;jsessionid=A692CC7FF77CD2C81E9E3E42B7099A2A?arnumber=1159651&isnumber=25986 Language-based information-flow security]'' IEEE Journal on Selected Areas in Communications, 2003 Volume: 21, Issue: 1 pp. ~~5- 19~~ 5–19 V Haldar, D Chandra, M Franz ''[http://www.vivekhaldar.com/pubs/trustedvm-tr.pdf Semantic remote attestation—a virtual machine directed approach to trusted computing]'' USENIX Virtual Machine Research and Technology Symposium, 2004 Giacobazzi, Mastroeni ''[http://doi.acm.org/10.1145/964001.964017 Abstract non-interference: parameterizing non-interference by abstract interpretation]'' Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages ~~Pages: 186 - 197~~pp 186–97 (2004) Algis Rudys, Dan S. Wallach ''[http://doi.acm.org/10.1145/505586.505589 Termination in language-based systems]'' ACM Transactions on Information and System Security (TISSEC) Volume 5 , Issue 2 (May 2002) pp. ~~138 - 168~~  138–68 {{refend}} [[Category:Operating system kernels]] {{operating-system-stub}}