SlideShare a Scribd company logo

Building a New OS: Architectural & Security Implementations

Download as PPTX, PDF
S
Subhajeet Mukherjee

These are the slides for my talk at SfBayACM. Dated: 07/17/18 Thanks, Subhajeet Mukherjee

Technology
1 of 25
Building A New Operating System Subhajeet Mukherjee @ SfBayACM Subhajeet Mukherjee - SfBayACM Slides URL: http://bit.ly/071718 July 17, 2018
Agenda- • Structural & Architectural Differences Between Major Operating System Families [Q&A > 3-5 minutes] • Security Implementations Across Major Operating Systems [Q&A > 3- 5 minutes] • Architectural & Security Implementation In The OS That I’ve been Working On [Q&A > 5 minutes] Subhajeet Mukherjee - SfBayACM07/17/18
Structural Differences Between Major OS Families Subhajeet Mukherjee - SfBayACM07/17/18
Licenses- Permissive / Less Restrictive BSD, MIT, Apache 2.0 Protective Licenses GPL V2, V3 or other strict copyleft licenses Subhajeet Mukherjee - SfBayACM07/17/18
License Comparison- 07/17/18 Subhajeet Mukherjee - SfBayACM Source: please see reference
Major Families- • Unix Family != UNIX • Variants & Derivatives: BSD, XNU(Kernel), Darwin • Windows NT Family • Any Windows since 1993 • Unix-Like Family • Android • Uses Linux (Kernel) Subhajeet Mukherjee - SfBayACM07/17/18
Major Differences- Unix Family • Windowing system is separate and runs in the user space • File Systems vary depending on the versions. (UFS, Open ZFS) Windows NT Family • Windowing system doesn’t run in the user space but uses privileged mode to increase graphics performance • Almost consistent until now with Proprietary NTFS. Also has other proprietary file systems by Microsoft Subhajeet Mukherjee - SfBayACM07/17/18
Different Kernel Architectures- 07/17/18 Subhajeet Mukherjee - SfBayACM Source: Wikipedia
Security Implementations Across Major Families Subhajeet Mukherjee - SfBayACM07/17/18
Security Key Points- • Kernel Level Security • Computer security at very low level • File Systems Security • Encryption Technologies • Includes File System’s structural security, permissions etc. • User Level Security • Includes passwords, username check
Security- • ASLR (Address Space Layout Randomization) !General Computer Security Topic! • Prevents Memory corruption vulnerabilities • Arranges address spaces by randomizing positions of key data areas of a process, the base of the executable and the positions of heaps, stacks etc. • KASLR (Kernel Address Space Layout Randomization) • Same thing, but with Kernel. • There’s another thing called KARL. (will come back to this later)
File Systems Security- • Prevention of race conditions • Basically, if more than one program attempt to access and modify a file system, is when race condition happen as this can lead to corrupted data. • Access Control • Basic Read Write Execute Permissions • Data Protection • Having Backups and Recovery • Various Encryption Concepts 07/17/18 Subhajeet Mukherjee - SfBayACM
Architectural & Security Implementation In The OS That I’ve been Working On Subhajeet Mukherjee - SfBayACM07/17/18
Basic System Structure- 07/17/18 Subhajeet Mukherjee - SfBayACM
Kernel structure- • Security components from OpenBSD and Portability components from NetBSD • Hybrid Kernel is slightly different in my case- Source: Wikipedia
Security- • Kernel level security • Will support KARL as it inherits security components from OpenBSD. • KARL stands for Kernel Address Randomization Link • Very similar to KASLR but slightly different as it doesn’t change the location of the kernel • Combining both KASLR method will make it hard for the attacker • File system support • Supports UFS and ZFS
Hardware Support- • Currently supports Intel x86-64 Processors • Eventually plans to shift towards RISC-V (Parallelly being simulated) • Benefits include: • Open Instruction Set Architecture • Royalty Free
Graphics APIs Support- Open GL • Sequential execution of operations • Super hard to debug in terms of concurrency • One global state machine • GPU sync and memory are not usually visible • 49 fps on average in (eg. Mad Max) Supports Vulkan • Better handling towards Multi-threading • Multi-threading friendly • Object based without any state • User has control over memory sync. • 128 on average in (eg. Mad Max) CPU Efficiency Comparison (arm): https://www.youtube.com/watch?v=rvCD9F aTKCA 07/17/18 Subhajeet Mukherjee - SfBayACM
OS Demo- Desktop demonstration: https://www.youtube.com/watch?v=pU0mnrNeYS0 • Demonstrates the scrollable user interface and the system-wide multiple text selection tool
Round Focus Visual- 07/17/18 Subhajeet Mukherjee - SfBayACM
Round Focus- 07/17/18 Subhajeet Mukherjee - SfBayACM • The user gets notified about something while the user is working on something crucial • When the user clicks on it, the elements inside the application lead him to switch to a different application (high probability) • The user holds a high probability to fall in a loop depending on what he is working on and thus loses focus on the priority
Some High-Level Reasons- • Humans in general should evolve with technology instead of just being consumers • Ambiguous gestures reduce usability and consistency • Notifications and Multitasking reduce productivity: • Round Focus: https://www.youtube.com/watch?v=kX2Z5GnJmpE • Survey and Research by companies and institutions: https://bit.ly/2zI73sd 07/17/18 Subhajeet Mukherjee - SfBayACM
High-Level Solution Implementations In This OS- • Timed Notification System • Reduced Gestures • Reduced Multitasking • Scrollable and Unobtrusive User Interface • Usability and Accessibility 07/17/18 Subhajeet Mukherjee - SfBayACM
References- • Golftheman (2008, July 17). Monolith-, Micro- and a "hybrid" kernel, a draft of new version. Retrieved from: https://commons.wikimedia.org/wiki/File:OS- structure2.svg • David A Wheeler (2007). Free software licenses in a spectrum. Retrieved from: https://www.linuxvoice.com/the-fight-for-freedom & https://en.wikipedia.org/wiki/Free_software_license#/media/File:Software_licen sing_spectrum.png • CPU Efficiency Comparison (arm). [Video] Retrieved from YouTube: https://www.youtube.com/watch?v=rvCD9FaTKCA • Hacker News, Y Combinator. Retrieved from Hacker News: https://news.ycombinator.com/item?id=14542874
Thank you, Subhajeet Mukherjee sfbayacm.org | acm.org | subhajeetmukherjee.com 07/17/18 Subhajeet Mukherjee - SfBayACM

Recommended

J j-j-jea power
J j-j-jea powerJ j-j-jea power
J j-j-jea powerJames Honeycutt
 
Differences between Windows 7 and 8.1
Differences between Windows 7 and 8.1Differences between Windows 7 and 8.1
Differences between Windows 7 and 8.1Sadania Miller
 
Firefox vs. chrome
Firefox vs. chromeFirefox vs. chrome
Firefox vs. chromePrabhath Suminda
 
CS403: Operating System : Lec 1 Introduction.pptx
CS403: Operating System : Lec 1 Introduction.pptxCS403: Operating System : Lec 1 Introduction.pptx
CS403: Operating System : Lec 1 Introduction.pptxAsst.prof M.Gokilavani
 
CS403: Operating System : Lec 5 System calls.pptx
CS403: Operating System : Lec 5 System calls.pptxCS403: Operating System : Lec 5 System calls.pptx
CS403: Operating System : Lec 5 System calls.pptxAsst.prof M.Gokilavani
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22jemtallon
 
Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018The Linux Foundation
 
Grabbing the PostgreSQL Elephant by the Trunk
Grabbing the PostgreSQL Elephant by the TrunkGrabbing the PostgreSQL Elephant by the Trunk
Grabbing the PostgreSQL Elephant by the TrunkHarold Giménez
 

Recommended

J j-j-jea power
J j-j-jea powerJ j-j-jea power
J j-j-jea powerJames Honeycutt
 
Differences between Windows 7 and 8.1
Differences between Windows 7 and 8.1Differences between Windows 7 and 8.1
Differences between Windows 7 and 8.1Sadania Miller
 
Firefox vs. chrome
Firefox vs. chromeFirefox vs. chrome
Firefox vs. chromePrabhath Suminda
 
CS403: Operating System : Lec 1 Introduction.pptx
CS403: Operating System : Lec 1 Introduction.pptxCS403: Operating System : Lec 1 Introduction.pptx
CS403: Operating System : Lec 1 Introduction.pptxAsst.prof M.Gokilavani
 
CS403: Operating System : Lec 5 System calls.pptx
CS403: Operating System : Lec 5 System calls.pptxCS403: Operating System : Lec 5 System calls.pptx
CS403: Operating System : Lec 5 System calls.pptxAsst.prof M.Gokilavani
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22jemtallon
 
Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018The Linux Foundation
 
Grabbing the PostgreSQL Elephant by the Trunk
Grabbing the PostgreSQL Elephant by the TrunkGrabbing the PostgreSQL Elephant by the Trunk
Grabbing the PostgreSQL Elephant by the TrunkHarold Giménez
 
EMBEDDED OS
EMBEDDED OSEMBEDDED OS
EMBEDDED OSAJAL A J
 
StorageQuery: federated querying on object stores, powered by Alluxio and Presto
StorageQuery: federated querying on object stores, powered by Alluxio and PrestoStorageQuery: federated querying on object stores, powered by Alluxio and Presto
StorageQuery: federated querying on object stores, powered by Alluxio and PrestoAlluxio, Inc.
 
EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22MichaelM85042
 
License compliance in embedded linux with the yocto project
License compliance in embedded linux with the yocto projectLicense compliance in embedded linux with the yocto project
License compliance in embedded linux with the yocto projectPaul Barker
 
OpenHPC: A Comprehensive System Software Stack
OpenHPC: A Comprehensive System Software StackOpenHPC: A Comprehensive System Software Stack
OpenHPC: A Comprehensive System Software Stackinside-BigData.com
 
Best Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkBest Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkAlluxio, Inc.
 
La vita nella corsia di sorpasso; A tutta velocità, XPages!
La vita nella corsia di sorpasso; A tutta velocità, XPages!La vita nella corsia di sorpasso; A tutta velocità, XPages!
La vita nella corsia di sorpasso; A tutta velocità, XPages!Ulrich Krause
 
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Andrejs Prokopjevs
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansPeter Clapham
 
Flexible compute
Flexible computeFlexible compute
Flexible computePeter Clapham
 
Operating system
Operating systemOperating system
Operating systemsweetysweety8
 
MK Sistem Operasi.pdf
MK Sistem Operasi.pdfMK Sistem Operasi.pdf
MK Sistem Operasi.pdfwisard1
 
Life in the Fast Lane: Full Speed XPages!, #dd13
Life in the Fast Lane: Full Speed XPages!, #dd13Life in the Fast Lane: Full Speed XPages!, #dd13
Life in the Fast Lane: Full Speed XPages!, #dd13Dominopoint - Italian Lotus User Group
 
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3Alluxio, Inc.
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud ComputingJosh Folgado
 
Pl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityPl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityGeorgi Kodinov
 
SLTS kernel and base-layer development in the Civil Infrastructure Platform
SLTS kernel and base-layer development in the Civil Infrastructure PlatformSLTS kernel and base-layer development in the Civil Infrastructure Platform
SLTS kernel and base-layer development in the Civil Infrastructure PlatformYoshitake Kobayashi
 
Basic Archive System overview
Basic Archive System overviewBasic Archive System overview
Basic Archive System overviewJan-Ivar Bøyum
 
Performance Tuning Oracle Weblogic Server 12c
Performance Tuning Oracle Weblogic Server 12cPerformance Tuning Oracle Weblogic Server 12c
Performance Tuning Oracle Weblogic Server 12cAjith Narayanan
 
CS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxCS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxAsst.prof M.Gokilavani
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

More Related Content

Similar to Building a New OS: Architectural & Security Implementations

EMBEDDED OS
EMBEDDED OSEMBEDDED OS
EMBEDDED OSAJAL A J
 
StorageQuery: federated querying on object stores, powered by Alluxio and Presto
StorageQuery: federated querying on object stores, powered by Alluxio and PrestoStorageQuery: federated querying on object stores, powered by Alluxio and Presto
StorageQuery: federated querying on object stores, powered by Alluxio and PrestoAlluxio, Inc.
 
EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22MichaelM85042
 
License compliance in embedded linux with the yocto project
License compliance in embedded linux with the yocto projectLicense compliance in embedded linux with the yocto project
License compliance in embedded linux with the yocto projectPaul Barker
 
OpenHPC: A Comprehensive System Software Stack
OpenHPC: A Comprehensive System Software StackOpenHPC: A Comprehensive System Software Stack
OpenHPC: A Comprehensive System Software Stackinside-BigData.com
 
Best Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkBest Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkAlluxio, Inc.
 
La vita nella corsia di sorpasso; A tutta velocità, XPages!
La vita nella corsia di sorpasso; A tutta velocità, XPages!La vita nella corsia di sorpasso; A tutta velocità, XPages!
La vita nella corsia di sorpasso; A tutta velocità, XPages!Ulrich Krause
 
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Andrejs Prokopjevs
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansPeter Clapham
 
MK Sistem Operasi.pdf
MK Sistem Operasi.pdfMK Sistem Operasi.pdf
MK Sistem Operasi.pdfwisard1
 
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3Alluxio, Inc.
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud ComputingJosh Folgado
 
Pl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityPl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityGeorgi Kodinov
 
SLTS kernel and base-layer development in the Civil Infrastructure Platform
SLTS kernel and base-layer development in the Civil Infrastructure PlatformSLTS kernel and base-layer development in the Civil Infrastructure Platform
SLTS kernel and base-layer development in the Civil Infrastructure PlatformYoshitake Kobayashi
 
Basic Archive System overview
Basic Archive System overviewBasic Archive System overview
Basic Archive System overviewJan-Ivar Bøyum
 
Performance Tuning Oracle Weblogic Server 12c
Performance Tuning Oracle Weblogic Server 12cPerformance Tuning Oracle Weblogic Server 12c
Performance Tuning Oracle Weblogic Server 12cAjith Narayanan
 
CS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxCS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxAsst.prof M.Gokilavani
 

Similar to Building a New OS: Architectural & Security Implementations (20)

EMBEDDED OS
EMBEDDED OSEMBEDDED OS
EMBEDDED OS
 
StorageQuery: federated querying on object stores, powered by Alluxio and Presto
StorageQuery: federated querying on object stores, powered by Alluxio and PrestoStorageQuery: federated querying on object stores, powered by Alluxio and Presto
StorageQuery: federated querying on object stores, powered by Alluxio and Presto
 
EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22
 
License compliance in embedded linux with the yocto project
License compliance in embedded linux with the yocto projectLicense compliance in embedded linux with the yocto project
License compliance in embedded linux with the yocto project
 
OpenHPC: A Comprehensive System Software Stack
OpenHPC: A Comprehensive System Software StackOpenHPC: A Comprehensive System Software Stack
OpenHPC: A Comprehensive System Software Stack
 
Best Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkBest Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with Spark
 
La vita nella corsia di sorpasso; A tutta velocità, XPages!
La vita nella corsia di sorpasso; A tutta velocità, XPages!La vita nella corsia di sorpasso; A tutta velocità, XPages!
La vita nella corsia di sorpasso; A tutta velocità, XPages!
 
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticians
 
Flexible compute
Flexible computeFlexible compute
Flexible compute
 
Operating system
Operating systemOperating system
Operating system
 
MK Sistem Operasi.pdf
MK Sistem Operasi.pdfMK Sistem Operasi.pdf
MK Sistem Operasi.pdf
 
Life in the Fast Lane: Full Speed XPages!, #dd13
Life in the Fast Lane: Full Speed XPages!, #dd13Life in the Fast Lane: Full Speed XPages!, #dd13
Life in the Fast Lane: Full Speed XPages!, #dd13
 
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
Cybersecurity and fraud detection at ING Bank using Presto & Alluxio on S3
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud Computing
 
Pl17: MySQL 8.0: security
Pl17: MySQL 8.0: securityPl17: MySQL 8.0: security
Pl17: MySQL 8.0: security
 
SLTS kernel and base-layer development in the Civil Infrastructure Platform
SLTS kernel and base-layer development in the Civil Infrastructure PlatformSLTS kernel and base-layer development in the Civil Infrastructure Platform
SLTS kernel and base-layer development in the Civil Infrastructure Platform
 
Basic Archive System overview
Basic Archive System overviewBasic Archive System overview
Basic Archive System overview
 
Performance Tuning Oracle Weblogic Server 12c
Performance Tuning Oracle Weblogic Server 12cPerformance Tuning Oracle Weblogic Server 12c
Performance Tuning Oracle Weblogic Server 12c
 
CS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxCS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptx
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Building a New OS: Architectural & Security Implementations

  • 1. Building A New Operating System Subhajeet Mukherjee @ SfBayACM Subhajeet Mukherjee - SfBayACM Slides URL: http://bit.ly/071718 July 17, 2018
  • 2. Agenda- • Structural & Architectural Differences Between Major Operating System Families [Q&A > 3-5 minutes] • Security Implementations Across Major Operating Systems [Q&A > 3- 5 minutes] • Architectural & Security Implementation In The OS That I’ve been Working On [Q&A > 5 minutes] Subhajeet Mukherjee - SfBayACM07/17/18
  • 3. Structural Differences Between Major OS Families Subhajeet Mukherjee - SfBayACM07/17/18
  • 4. Licenses- Permissive / Less Restrictive BSD, MIT, Apache 2.0 Protective Licenses GPL V2, V3 or other strict copyleft licenses Subhajeet Mukherjee - SfBayACM07/17/18
  • 5. License Comparison- 07/17/18 Subhajeet Mukherjee - SfBayACM Source: please see reference
  • 6. Major Families- • Unix Family != UNIX • Variants & Derivatives: BSD, XNU(Kernel), Darwin • Windows NT Family • Any Windows since 1993 • Unix-Like Family • Android • Uses Linux (Kernel) Subhajeet Mukherjee - SfBayACM07/17/18
  • 7. Major Differences- Unix Family • Windowing system is separate and runs in the user space • File Systems vary depending on the versions. (UFS, Open ZFS) Windows NT Family • Windowing system doesn’t run in the user space but uses privileged mode to increase graphics performance • Almost consistent until now with Proprietary NTFS. Also has other proprietary file systems by Microsoft Subhajeet Mukherjee - SfBayACM07/17/18
  • 8. Different Kernel Architectures- 07/17/18 Subhajeet Mukherjee - SfBayACM Source: Wikipedia
  • 9. Security Implementations Across Major Families Subhajeet Mukherjee - SfBayACM07/17/18
  • 10. Security Key Points- • Kernel Level Security • Computer security at very low level • File Systems Security • Encryption Technologies • Includes File System’s structural security, permissions etc. • User Level Security • Includes passwords, username check
  • 11. Security- • ASLR (Address Space Layout Randomization) !General Computer Security Topic! • Prevents Memory corruption vulnerabilities • Arranges address spaces by randomizing positions of key data areas of a process, the base of the executable and the positions of heaps, stacks etc. • KASLR (Kernel Address Space Layout Randomization) • Same thing, but with Kernel. • There’s another thing called KARL. (will come back to this later)
  • 12. File Systems Security- • Prevention of race conditions • Basically, if more than one program attempt to access and modify a file system, is when race condition happen as this can lead to corrupted data. • Access Control • Basic Read Write Execute Permissions • Data Protection • Having Backups and Recovery • Various Encryption Concepts 07/17/18 Subhajeet Mukherjee - SfBayACM
  • 13. Architectural & Security Implementation In The OS That I’ve been Working On Subhajeet Mukherjee - SfBayACM07/17/18
  • 14. Basic System Structure- 07/17/18 Subhajeet Mukherjee - SfBayACM
  • 15. Kernel structure- • Security components from OpenBSD and Portability components from NetBSD • Hybrid Kernel is slightly different in my case- Source: Wikipedia
  • 16. Security- • Kernel level security • Will support KARL as it inherits security components from OpenBSD. • KARL stands for Kernel Address Randomization Link • Very similar to KASLR but slightly different as it doesn’t change the location of the kernel • Combining both KASLR method will make it hard for the attacker • File system support • Supports UFS and ZFS
  • 17. Hardware Support- • Currently supports Intel x86-64 Processors • Eventually plans to shift towards RISC-V (Parallelly being simulated) • Benefits include: • Open Instruction Set Architecture • Royalty Free
  • 18. Graphics APIs Support- Open GL • Sequential execution of operations • Super hard to debug in terms of concurrency • One global state machine • GPU sync and memory are not usually visible • 49 fps on average in (eg. Mad Max) Supports Vulkan • Better handling towards Multi-threading • Multi-threading friendly • Object based without any state • User has control over memory sync. • 128 on average in (eg. Mad Max) CPU Efficiency Comparison (arm): https://www.youtube.com/watch?v=rvCD9F aTKCA 07/17/18 Subhajeet Mukherjee - SfBayACM
  • 19. OS Demo- Desktop demonstration: https://www.youtube.com/watch?v=pU0mnrNeYS0 • Demonstrates the scrollable user interface and the system-wide multiple text selection tool
  • 20. Round Focus Visual- 07/17/18 Subhajeet Mukherjee - SfBayACM
  • 21. Round Focus- 07/17/18 Subhajeet Mukherjee - SfBayACM • The user gets notified about something while the user is working on something crucial • When the user clicks on it, the elements inside the application lead him to switch to a different application (high probability) • The user holds a high probability to fall in a loop depending on what he is working on and thus loses focus on the priority
  • 22. Some High-Level Reasons- • Humans in general should evolve with technology instead of just being consumers • Ambiguous gestures reduce usability and consistency • Notifications and Multitasking reduce productivity: • Round Focus: https://www.youtube.com/watch?v=kX2Z5GnJmpE • Survey and Research by companies and institutions: https://bit.ly/2zI73sd 07/17/18 Subhajeet Mukherjee - SfBayACM
  • 23. High-Level Solution Implementations In This OS- • Timed Notification System • Reduced Gestures • Reduced Multitasking • Scrollable and Unobtrusive User Interface • Usability and Accessibility 07/17/18 Subhajeet Mukherjee - SfBayACM
  • 24. References- • Golftheman (2008, July 17). Monolith-, Micro- and a "hybrid" kernel, a draft of new version. Retrieved from: https://commons.wikimedia.org/wiki/File:OS- structure2.svg • David A Wheeler (2007). Free software licenses in a spectrum. Retrieved from: https://www.linuxvoice.com/the-fight-for-freedom & https://en.wikipedia.org/wiki/Free_software_license#/media/File:Software_licen sing_spectrum.png • CPU Efficiency Comparison (arm). [Video] Retrieved from YouTube: https://www.youtube.com/watch?v=rvCD9FaTKCA • Hacker News, Y Combinator. Retrieved from Hacker News: https://news.ycombinator.com/item?id=14542874
  • 25. Thank you, Subhajeet Mukherjee sfbayacm.org | acm.org | subhajeetmukherjee.com 07/17/18 Subhajeet Mukherjee - SfBayACM

Editor's Notes

  1. Hello Everybody, First of all, thank you for hosting me. So, this talk will be on the intermediate level. Not super technical nor super conceptual. By the way If anyone wants to access the slides it's on this link.
  2. So, L and I had extensive conversations on what to include and what not. Generally, talking about Operating System includes a whole range of concepts in CS. So,1 hour is probably not enough. Also, I don't like monotonous lectures so, I've divided the talk in three sections and after section, I'll take questions, so, that we've the interactive flow.
  3. I thought of talking about licenses at the first place because that is one of the crucial aspects in terms of usage.
  4. I categorized it with two main divisions, one is permissive and the other one is protective
  5. XNU has 4.3bsd mach and freebsd Darwin mostly monolithic people sometimes confuse linux with os
  6. by windowing system I mean things like X window system or wayland On the other hand windows nt family since vista uses DWM (desktop window manager)
  7. The whole ASLR term was coined by the Linux community
  8. Notice that there's an ML Layer. I'm using tensorflow in the DE.