My undergraduate thesis on a capability based security system for a data-centric operating system.
feat/poster: works cited!
+145
-88
+13
.harper-dictionary.txt
+13
.harper-dictionary.txt
+12
-15
poster/main.typ
+12
-15
poster/main.typ
···
1
1
#import "template.typ": *
2
2
#import "colors.typ": base_colors, bold_color
3
3
4
-
5
-
6
-
7
4
#set page(
8
5
width: 48in,
9
6
height: 36in,
···
53
50
[
54
51
55
52
// section 1
56
-
#import "./sections/twizzler.typ": title;
53
+
#import "./sections/1_twizzler.typ": title;
57
54
#colored_poster_section(fill: true)[
58
55
#title
59
56
][
60
-
#include "./sections/twizzler.typ"
57
+
#include "./sections/1_twizzler.typ"
61
58
]
62
59
63
60
// section 2
64
-
#import "./sections/cap.typ": title;
61
+
#import "./sections/2_cap.typ": title;
65
62
#colored_poster_section(fill: true)[
66
63
#title
67
64
][
68
-
#include "./sections/cap.typ"
65
+
#include "./sections/2_cap.typ"
69
66
]
70
67
71
68
],
72
69
[
73
70
74
71
// section 3
75
-
#import "./sections/sec_ctx.typ": title;
72
+
#import "./sections/3_sec_ctx.typ": title;
76
73
#colored_poster_section(fill: true)[
77
74
#title
78
75
][
79
-
#include "./sections/sec_ctx.typ"
76
+
#include "./sections/3_sec_ctx.typ"
80
77
]
81
78
82
79
// section 4
83
-
#import "./sections/execution.typ": title;
80
+
#import "./sections/4_execution.typ": title;
84
81
#colored_poster_section(fill: true)[
85
82
#title
86
83
][
87
-
#include "./sections/execution.typ"
84
+
#include "./sections/4_execution.typ"
88
85
]
89
86
90
87
],
91
88
[
92
89
93
90
// section 3
94
-
#import "./sections/future.typ": title;
91
+
#import "./sections/5_future.typ": title;
95
92
#colored_poster_section(fill: true)[
96
93
#title
97
94
][
98
-
#include "./sections/future.typ"
95
+
#include "./sections/5_future.typ"
99
96
]
100
97
101
98
// section 4
102
-
#import "./sections/cited.typ": title;
99
+
#import "./sections/6_cited.typ": title;
103
100
#colored_poster_section(fill: true)[
104
101
#title
105
102
][
106
-
#include "./sections/cited.typ"
103
+
#include "./sections/6_cited.typ"
107
104
]
108
105
109
106
+19
poster/sections/1_twizzler.typ
+19
poster/sections/1_twizzler.typ
···
1
+
#let title = "What is Twizzler?"
2
+
3
+
4
+
// the big idea is movign into a data centric operating system
5
+
//
6
+
// with that data centric operating system means that processes
7
+
// access data directly
8
+
//
9
+
// How do we ensure that data is only accessed by parties who
10
+
// are supposed to access that data, if the kernel isnt there
11
+
// to mediate data access?
12
+
//
13
+
// lead into capabilities...
14
+
15
+
#lorem(200)
16
+
17
+
18
+
19
+
+19
poster/sections/2_cap.typ
+19
poster/sections/2_cap.typ
···
1
+
#let title = "Capabilities"
2
+
3
+
// what is a capability in general?
4
+
//
5
+
// what is a twizzler capability?
6
+
//
7
+
// keypairs!? why??
8
+
// (to ensure that noone can just tamper with a capability on disk and
9
+
// get away with it.)
10
+
//
11
+
// verifying key
12
+
// signing key
13
+
//
14
+
//
15
+
// figure of what a capability looks like
16
+
17
+
#lorem(200)
18
+
19
+
+10
poster/sections/3_sec_ctx.typ
+10
poster/sections/3_sec_ctx.typ
+13
poster/sections/4_execution.typ
+13
poster/sections/4_execution.typ
···
1
+
#let title = "System At Work"
2
+
3
+
// ok show an example of the system at work, what exactly is done
4
+
// to map it in, and then run...
5
+
//
6
+
// key point is that once access is set up, the process
7
+
// does not have to interact with the kernel to read/write to the file.
8
+
9
+
10
+
// THE main point is that there is no kernel involvement in the datapath,
11
+
// but we still uphold security!!
12
+
13
+
#lorem(200)
+5
poster/sections/5_future.typ
+5
poster/sections/5_future.typ
+4
poster/sections/6_cited.typ
+4
poster/sections/6_cited.typ
+12
-17
thesis/main.typ
+12
-17
thesis/main.typ
···
2
2
3
3
#show: mol-thesis
4
4
5
-
6
-
7
5
#mol-titlepage(
8
6
// title: "Design, Implementation, and Verification of a Security System for Data-Centric Operating Systems",
9
7
title: "Twizzler-Security\nA Capability-Based Security System for Twizzler",
···
13
11
birth-place: "Alice Springs, Australia",
14
12
defence-date: "August 28, 2005",
15
13
/* Only one supervisor? The singleton array ("Dr Jack Smith",) needs the
16
-
trailing comma. */
14
+
trailing comma. */
17
15
supervisors: ("Owen B. Arden",),
18
16
committee: (
19
17
"Dr. Peter Alvaro",
20
18
"Dr. Andi Quinn",
21
19
),
22
-
degree: "Computer Engineering B.S."
20
+
degree: "Computer Engineering B.S.",
23
21
)
24
22
25
23
// DANIEL feedback
···
31
29
// more feedback throughout, feel free to take or ignore
32
30
33
31
#mol-abstract[
34
-
Traditional operating systems permit data access through the kernel, applying
35
-
security policy as a part of that pipeline. The Twizzler operating system flips
36
-
that relationship on its head, focusing on an approach where data access is a
37
-
first-class citizen, getting rid of the kernel as a middleman. This
38
-
data-centric approach requires us to rethink how security policy interacts with
39
-
users and the kernel. In this thesis, I present the design and implementation of
40
-
core security primitives in Twizzler. Then I evaluate the security model with
41
-
microbenchmarks of core security operations, and ways to increase performace.
42
-
Lastly, I discuss a few things we plan to do in the continuation of this work, as
43
-
its not conplete by any means.
44
-
// Lastly, I discuss future work built
45
-
// off this thesis, such as the incorporation of Decentralized Information Flow
46
-
// Control.
32
+
Traditional operating systems permit data access through the kernel, applying
33
+
security policy as a part of that pipeline. The Twizzler operating system flips
34
+
that relationship on its head, focusing on an approach where data access is a
35
+
first-class citizen, getting rid of the kernel as a middleman. This
36
+
data-centric approach requires us to rethink how security policy interacts with
37
+
users and the kernel. In this thesis, I present the design and implementation of
38
+
core security primitives in Twizzler. Then I evaluate the security model with
39
+
micro benchmarks of core security operations, and ways to increase performance.
40
+
Lastly, I discuss a few things we plan to do in the continuation of this work, as
41
+
its not complete by any means.
47
42
]
48
43
49
44
+38
-39
thesis/template.typ
+38
-39
thesis/template.typ
···
30
30
#set heading(numbering: "1.1.1.1")
31
31
#set outline.entry(fill: repeat(". "))
32
32
#show outline.entry.where(
33
-
level: 1
33
+
level: 1,
34
34
): set block(above: 1.5em)
35
35
#show outline.entry.where(level: 1): it => [
36
36
#set block(above: 1.5em)
···
57
57
"Dr Jack Smith",
58
58
"Prof Dr Jane Williams",
59
59
"Dr Jill Jones",
60
-
"Dr Albert Heijn"),
61
-
degree: "MSc in Logic"
60
+
"Dr Albert Heijn",
61
+
),
62
+
degree: "MSc in Logic",
62
63
) = align(alignment.center)[
63
64
// Size of the thesis's title
64
65
#let title-size = 17pt
···
81
82
82
83
*#author*
83
84
84
-
under the supervision of #supervisors.map(x => [*#x*]).join(", ", last:
85
-
" and "), and submitted to the
85
+
under the supervision of #supervisors.map(x => [*#x*]).join(", ", last: " and"), and submitted to the
86
86
87
-
Examinations Board in partial fulfilment of the requirements for the
88
-
degree of
87
+
Examinations Board in partial fulfillment of the requirements for the
88
+
degree of
89
89
90
90
#text([*#degree*], size: subtitle-size)
91
91
···
93
93
94
94
#v(50pt)
95
95
96
-
#box(width: 75%,
97
-
columns(2, gutter: -10%,
98
-
align(alignment.left, [
99
-
#set par(first-line-indent: 0em)
96
+
#box(width: 75%, columns(2, gutter: -10%, align(alignment.left, [
97
+
#set par(first-line-indent: 0em)
100
98
101
-
// *Date of the public defence:*
99
+
// *Date of the public defence:*
102
100
103
-
// _#defence-date _
101
+
// _#defence-date _
104
102
105
-
#colbreak()
103
+
#colbreak()
106
104
107
-
*Members of the Thesis Committee:*
105
+
*Members of the Thesis Committee:*
108
106
109
-
#committee.join("\n")
110
-
])
111
-
)
112
-
)
107
+
#committee.join("\n")
108
+
])))
113
109
114
110
// #align(bottom, image("../img/illclogo.svg", alt: "ILLC Logo. A 3-by-3 jigsaw puzzle. The
115
111
// center piece is white, while the surrounding pieces are black. The text
···
122
118
// A non-numbered page dedicated to the thesis abstract.
123
119
#let mol-abstract(body) = [
124
120
#set page(numbering: none)
125
-
#align(center+horizon, heading("Abstract", numbering: none, outlined: false))
121
+
#align(center + horizon, heading(
122
+
"Abstract",
123
+
numbering: none,
124
+
outlined: false,
125
+
))
126
126
#body
127
127
#pagebreak()
128
128
#counter(page).update(1)
···
132
132
#let mol-chapter(body) = [
133
133
#pagebreak()
134
134
#hide(
135
-
heading(body,
136
-
hanging-indent: 0pt,
137
-
level: 1,
138
-
supplement: [Chapter])
135
+
heading(body, hanging-indent: 0pt, level: 1, supplement: [Chapter]),
139
136
)
140
137
#text(size: 28pt, weight: "bold")[
141
138
#set par(first-line-indent: 0pt)
···
147
144
// A counter for mathematical blocks
148
145
#let mathcounter = rich-counter(
149
146
identifier: "mathblocks",
150
-
inherited_levels: 1
147
+
inherited_levels: 1,
151
148
)
152
149
153
150
// A block for mathematical definitions
154
151
#let definition = mathblock(
155
152
blocktitle: "Definition",
156
-
counter: mathcounter
153
+
counter: mathcounter,
157
154
)
158
155
159
156
// A block for mathematical theorems
160
157
#let theorem = mathblock(
161
158
blocktitle: "Theorem",
162
-
counter: mathcounter
159
+
counter: mathcounter,
163
160
)
164
161
165
162
// A block for mathematical examples
166
163
#let example = mathblock(
167
164
blocktitle: "Example",
168
-
counter: mathcounter
165
+
counter: mathcounter,
169
166
)
170
167
171
168
// A block for mathematical propositions
172
169
#let proposition = mathblock(
173
170
blocktitle: "Proposition",
174
-
counter: mathcounter
171
+
counter: mathcounter,
175
172
)
176
173
177
174
// A block for mathematical lemmas
178
175
#let lemma = mathblock(
179
176
blocktitle: "Lemma",
180
-
counter: mathcounter
177
+
counter: mathcounter,
181
178
)
182
179
183
180
// A block for mathematical corollaries
184
181
#let corollary = mathblock(
185
182
blocktitle: "Corollary",
186
-
counter: mathcounter
183
+
counter: mathcounter,
187
184
)
188
185
189
186
// A block for mathematical remarks
190
187
#let remark = mathblock(
191
188
blocktitle: "Remark",
192
-
prefix: [_Remark._]
189
+
prefix: [_Remark._],
193
190
)
194
191
195
192
// A block for mathematical proofs
···
199
196
// This allows you to invoke it once per file in your thesis. This is important,
200
197
// because Typst would otherwise raise an error if you were to cite a source in
201
198
// a file with no bibliography.
202
-
//
199
+
//
203
200
// https://forum.typst.app/t/how-to-share-bibliography-in-a-multi-file-setup/1605/9
204
-
//
201
+
//
205
202
// If invoked with "true", it actually displays the bibliography.
206
-
//
203
+
//
207
204
// ```typst
208
205
// // main.typ
209
206
// #include "chapter-1.typ"
210
207
// #load-bib(read("works.bib"), main: true)
211
208
// ```
212
-
//
209
+
//
213
210
// Otherwise, it still makes the sources citable in the current file. Should be
214
211
// invoked with "true" at most once.
215
-
//
212
+
//
216
213
// ```typst
217
214
// // chapter-1.typ
218
215
// We build on the work of @Author_2025.
···
222
219
counter("illc-mol-thesis-bibs").step()
223
220
context if main {
224
221
[#bibliography(bytes(sources)) <main-bib>]
225
-
} else if (counter("illc-mol-thesis-bibs").get().first() == 1 and
226
-
query(<main-bib>) == ()) {
222
+
} else if (
223
+
counter("illc-mol-thesis-bibs").get().first() == 1
224
+
and query(<main-bib>) == ()
225
+
) {
227
226
// This is the first bibliography, and there is no main bibliography
228
227
bibliography(bytes(sources))
229
228
}