The use of mTags for mandatory security: a case study

TitleThe use of mTags for mandatory security: a case study
Publication TypeJournal Article
Year of Publication2014
AuthorsRehman, A., A. Oliveira, M. Tripunitara, and S. Fischmeister
JournalSoftware: Practice and Experience
Keywordsmicrokernels, research, security
Refereed DesignationRefereed
Full Text

mTags is an efficient mechanism that augments inter-thread messages with lightweight metadata. We introduce and discuss a case study that we have conducted in the use of mTags for realizing a kind of mandatory security. Although mTags can be implemented for any message passing thread-based system, we consider an implementation of it in the POSIX-compliant QNX Neutrino, a commercial microkernel-based system. The approach to mandatory security that we adopt is Usable Mandatory Integrity Protection, which has been proposed in recent research. We call our adaptation of Usable Mandatory Integrity Protection using mTags, μMIP. We discuss the challenges we faced, and our design and implementation that overcomes these challenges. We discuss the performance of our implementation for well-established benchmarks. We conclude with the observation that mTags can be useful and practical to realize mandatory security in realistic systems. 

Related files: 


Looking for motivated students (undergrads and grads) interested in working on embedded software and systems research. Mail Sebastian Fischmeister for further information.