Think: A Software Framework for Component-based Operating System Kernels
We present in this paper the security features of Think, an object-oriented architecture dedicated to build customized operating system kernels. The Think architecture is composed of an objectoriented software framework including a trader, and a library of system abstractions programmed as components. We show how to use this architecture to build secure and efficient kernels. Policy-neutral security is achieved by providing elementary tools that can be used by the system programmer to build a system resistant to security hazards, and a security manager that uses these tools to enforce a given security policy. An example of such a secure system is given by detailing how to ensure component isolation with a elementary software-based memory isolation tool.