Architecture Of Secure Operating Systems Based On Triple-Privilege-Levels

Traditional computer systems’operating space is compartmentalized into kernel space and user space to prevent applications from impacting on the safety and stability of the operating system. All kernel codes of operating system are running at the system level and in a public shared address space. However, any external third party codes for extending functions of operating systems added in the kernel may pose a threat to the security of operating system and computer system.In this paper, secure architecture of operating systems based on triple privilege levels is studied based on memory protection mechanisms provided in the IA-32system according to the principle of authorization partition and refinement and the theory of hierarchical structure of computer systems. Moreover, functions of the kernel are divided and replaced into core kernel layer and kernel services layers respectively. The core kernel layer is running at the privilege level0while the kernel services layer is running at the privilege level1. Such architecture can prevent the user processes’attack on the system using loopholes in the system’s kernel-services, and can prevent malicious codes from the third party from modifying the system codes and data by kernel space. Moreover, it can isolate user program and system services. That is to prevent user process’s malicious access using the operating system service module to caused damage to the normal operation of the computer system. Therefore, this structure is also different from the micro kernel structure.The prototype system of the architecture of secure operating systems based on Triple-Privilege-Levels is designed and developed based on the1386hardware architecture. The system’s test working is satisfactorily. Basically it is achieved the purpose of verification. At the end of the thesis, summarizes the research work of the project, and discusses the structural basis for computer systems rely on the operating system security reinforcement direction of improvement objectives and operating system security architecture design further efforts.