Paramecium: an extensible object-based kernel

  title={Paramecium: an extensible object-based kernel},
  author={L. V. Doorn and P. Homburg and A. Tanenbaum},
  journal={Proceedings 5th Workshop on Hot Topics in Operating Systems (HotOS-V)},
We describe the design of an extensible kernel, called Paramecium. This kernel uses an object-based software architecture which together with instance naming, late binding and explicit overrides enables easy reconfiguration. Determining which components reside in the kernel protection domain is up to the user. A certification authority or one of its delegates certifies which components are trustworthy and therefore permitted to run in the kernel protection domain. These delegates may include… Expand
An Explicit Binding Model for Runtime Extensible Operating Systems
Operating system design has traditionally followed a philosophy in which the system is structured as a fixed set of abstractions and mecha nisms. This approach, however, is now showing itsExpand
Towards a Grand Uni ed Framework For Mobile
Distributed object systems (DOS) are usually implemented as middleware which repeats and undoes a signiicant amount of work performed by the underlying operating system. This introduces overhead andExpand
Chameleon, a dynamically extensible and configurable object-oriented operating system
This dissertation introduces Chameleon, a new object-oriented operating system that shares the same philosophical approach as Apertos, leveraging meta designs and concepts to deal with the diverse requirements of today's and future multimedia applications. Expand
Dycos-a customizable kernel architecture supporting distributed operating environments
  • C. B. Czech
  • Computer Science
  • Proceedings of 3rd International Conference on Algorithms and Architectures for Parallel Processing
  • 1997
Dycos is an object-based approach providing a toolbox of operations to build user-definable compositions of kernel structures, and has been evaluated on a Solaris 2.5.1 platform. Expand
A secure java TM virtual machine
This paper describes the design and implementation of a system that provides operating system style protection for Java code, which uses hardware protection domains to separate Java classes, provide access control on cross domain method invocations, efficient data sharing between protection domains, and memory and CPU resource control. Expand
Isolation, resource management and sharing in the kaffeos java runtime system
It is demonstrated that in the presence of malicious or buggy code that engages in a denial-of-service attack directed against resources, KaffeOS-based systems can contain the attack, remove resources from the attacked applications, and continue to provide robust service to other clients. Expand
The Inherently Distributed AdaptableO
To build a distributed operating system the microkernel approach is the most popular. To build an adaptable operating system a minimal microkernel is preferred. But for an adaptable and exibleExpand
Towards object-based wide area distributed systems
This work advocates an object-based approach to distribution, which allows for flexibility because many of the technical detail of distribution, such as communication protocols, consistency rules, etc. can be hidden behind the objects' interfaces. Expand
Dynamic Memory Model Reconfiguration in DEIMOS
How DEIMOS simultaneously supports a variety of dyn amically instantiable memory models (e.g. segmented memory, paged virtual memory, flat unprotected memo ry, software protected memory) and how it is possible to load new memory models at run time w ithout disrupting applications running under existing models. Expand
Towards a Grand Unified Framework for Mobile Objects
Distributed object systems (DOS) are usually implemented as middleware which repeats and undoes a significant amount of work performed by the underlying operating system [3]. This introduces overheadExpand


Authentication in the Taos operating system
In this design, applications gain access to security services through a narrow interface that provides a notion of identity that includes simple principals, groups, roles, and delegations. Expand
The Operating System Kernel as a Secure Programmable Machine
To test and evaluate exokernels and their customization techniques a prototype system is being developed, Aegis, which allows programmable yet safe additions to the supervisor-mode execution environment. Expand
The operating system kernel as a secure programmable machine
To put abstractions traditionally implemented by the kernel out into user-space, where user-level libraries and servers abstract the exposed hardware resources, a new operating system structure, exokernel, is defined that safely exports the resources defined by the underlying hardware. Expand
The CHORUS Distributed Operating System: Some Design Issues
The current version, CHORUS-V2, offers a full UNIX ™ compatibility at the user level, while providing control of distribution by relying on a powerful IPC facility, based on ports and messages, as the heart of its architecture. Expand
SPACE: a new approach to operating system abstraction
SPACE is an extensible operating system being developed for research into object-oriented and distributed systems design that uses capability mechanisms based on the manipulation of address spaces to provide low-level kernel primitives from which higher-level abstractions can be constructed. Expand
SPIN: an extensible microkernel for application-specific operating system services
The SPIN operating system enables system services to be defined in an application-specific fashion through an extensible microkernel and offers applications fine-grained control over a machine's logical and physical resources through run-time adaptation of the system to application requirements. Expand
The Spring Name Service
The Spring name service exploits and supports the uniformity of objects in the Spring object-oriented distributed system, integrating access control and persistence for objects in a way that allows object implementations to delegate responsibility to the name service, or to implement their own policies. Expand
Authentication in distributed systems: theory and practice
A theory of authentication and a system that implements it, based on the notion of principal and a "speaks for" relation between principals, that explains how to reason about a principal's authority by deducing the other principals it can speak for. Expand
Efficient software-based fault isolation
It is demonstrated that for frequently communicating modules, implementing fault isolation in software rather than hardware can substantially improve end-to-end application performance. Expand
Interposition agents: transparently interposing user code at the system interface
This paper presents a toolkit that substantially increases the ease of interposing user code between clients and instances of the system interface by allowing such code to be written in terms of the high-level objects provided by this interface, rather than in Terms of the intercepted system calls themselves. Expand