BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Isolating Untrusted Extensions in a Multiserver Operating System -
  Jorrit N. Herder (Vrije Universiteit Amsterdam)
DTSTART:20071115T163000Z
DTEND:20071115T173000Z
UID:TALK8564@talks.cam.ac.uk
CONTACT:Eiko Yoneki
DESCRIPTION:This talk explores the principles and practice of isolating fa
 ulty extensions in order to improve operating systems dependability. Sever
 al approaches to prevent extensions from crashing the operating system hav
 e been proposed\, including wrapping\, language-based protection\, virtual
 ization\, and multiserver designs. While there is a consensus that extensi
 ons need to be isolated\, the crucial question in each approach remains: "
 Who can do what and how can this be done safely?" In particular\, this tal
 k will discuss how MINIX 3\, a UNIX-like multiserver operating system\, is
 olates extensions using ordinary processes and a strict interpretation of 
 least authority. We also present the results of extensive fault-injection 
 experiments conducted on a prototype implementation to verify that the pro
 posed protection mechanisms are indeed effective. For the moment\, one obs
 ervation  stands out: out of 3\,000\,000 common\, randomly injected faults
 \, no single fault was able to crash MINIX 3.\n\nSPEAKER BIO: Jorrit Herde
 r holds an M.Sc. degree in Computer Science (cum laude) from the Vrije Uni
 versiteit in Amsterdam and is currently a Ph.D.\nstudent there. His resear
 ch focuses on operating system reliability and security\, and he is closel
 y involved in the design and implementation of MINIX 3.\n\n
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Builiding
END:VEVENT
END:VCALENDAR