ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Researchers get funding to build new secure OS

By | April 12, 2010, 8:48am PDT

Summary: Researchers at the University of Illinois at Chicago have received a $1.15 million grant from the National Science Foundation to build a new, secure computer operating system.

Researchers at the University of Illinois at Chicago have received a $1.15 million grant from the National Science Foundation to build a new computer operating system based on virtual machines and the concept of isolation.

The new OS project, called Ethos, is the brainchild of UIC associate professor Jon A. Solworth (right) an associate professor in UIC’s department of computer science.  Daniel Bernstein, the noted cryptographer behind djbdns, is helping to secure the operating system.

Ethos, which is billed as an OS based on the Xen hypervisor, is being created with security as the trump card.   At its core, the new OS will run on VMs that run one or more operating systems together, like Windows and Mac.

Older applications written for those OS systems where security is not a big issue, like games, will continue to work, but new OS like Ethos will simultaneously handle applications such as online banking and other sensitive business transactions as part of the evolution to tomorrow’s more secure operating systems.

Solworth explains a bit more:

Since VMs allow multiple OS to run on a computer, it is no longer necessary to choose one OS; multiple OSs can be used simultaneously. Hence, one significant application can justify running an OS. Second,

the VM provides an abstract hardware architecture which is far simpler then the vast variety of computers extant. The drivers for the real hardware are provided by the VM. We are using Xen as our VM because we believe it is a good security architecture on which to build an OS.

Solworth’s group is now looking for kernel hackers to help build out the architecture.

The news of funding for Ethos comes just days after virtualization security specialist and renowned rootkit researcher Joanna Rutkowska (right) released an early version of Qubes, a new open-source operating system based on Xen, X Window System, and Linux.

Qubes OS relies on virtualization to separate applications running on the OS and also places many of the system-level components in sandboxes to prevent them from affecting each other.

The Qubes OS architecture is described in this PDF document.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Operating System, Computer, Jon Solworth, Operating Systems, Productivity, Security, Software, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
16
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Researchers get funding to build new secure OS
efsane Updated - 9th Apr 2011
Great!!! thanks for sharing this information to us!
sesli sohbet sesli chat
View in thread
0 Votes
+ -
This is peanuts
RobertFolkerts 12th Apr 2010
One smallish research group getting a little over
a million dollars is tiny. A few developer years
at best. The group is no doubt good and will
probably produce useful results, but this is a
tiny effort for a global issue.
0 Votes
+ -
It's also just a start...
Fark 12th Apr 2010
If the group seems to be making good - I'm sure more funds will roll in. You don't look to start a project and allocate EVERYTHING. You give them a budget and see how they work and what they produce. If it's good, you keep feeding the beast. If, in two years, you have lots of pretty offices and no code - you cut your losses.

Seems to be the right approach, no?
0 Votes
+ -
Or this could be it.
AzuMao 12th Apr 2010
Unless something is said like "if you meet milemarks A B and C we'll provide X additional funds", nobody can know for sure.
0 Votes
+ -
Just as you guys are saying...
klumper 12th Apr 2010
you never know. It was, after all, the same University of Illinois system (only at Urbana-Champaign) that gave the world the Mosaic web browser, thus fulfilling Berners-Lee's vision for a truly ubiquitous World Wide Web.

Well, beyond those old go-to's of Gopher, Usenet, and FTP. wink
0 Votes
+ -
Global system - big budget?
smallermike 13th Apr 2010
What is it that makes a global system need a global budget? Mainly, I suspect, the need to fend off large numbers of placeholders who need to justify their existence by demanding function or test proofs which are not needed, or insisting that their favourite language/platform is needed. Many of the world's best inventions have been developed on a shoestring, and were/are long-term successful. How much does it cost to hire a versy small number of people with the right ideas?
0 Votes
+ -
Please Please Hyper V Type 2 for Desktops
docquesting@... 12th Apr 2010
We all need a ("desktop option" to run type 2 Hyper V with a
hot key option) to switch between each OS. Of course each OS
could be running various task as the server Hyper V's do. The
user gets to choose as mentioned which desktop Hyper V
environment they want to be in by hitting a custom key.

After looking all over for one such solution I found nothing
was available and only for servers. Server 2008 doesn't count
in such a scenario as a true type 2 Hyper Visor for a desktop
solution.
0 Votes
+ -
OpenBSD
davidr69 12th Apr 2010
I thought we already had a secure operating system.

Why isn't Theo de Raadt involved?
0 Votes
+ -
A secure OS?
SteveMak 12th Apr 2010
Now why didn't anyone think of creating a secure OS before these researchers? Good thinking, guys. And good luck happy
0 Votes
+ -
If it is built it will be cracked!
Tholian_53 12th Apr 2010
They thought virtual machines were safe but they have been cracked according to an earlier article. So how is this going to be any different?
0 Votes
+ -
XenSource
DAvenger 12th Apr 2010
Just another waste of taxpayer dollars (ever heard of XenSource, XenServer). Must be going to some politician's friend who doesn't want to work for a living and lives off our dime.
0 Votes
+ -
RE: Researchers get funding to build new secure OS
jeffk464 12th Apr 2010
I'm thinking I might do a dual boot on my laptop with win7 and google chrome. Depending on how secure chrome ends up being. Half of the security just comes from having an OS that you only use for banking and finance and then your win7 OS to play on and get infected without effecting the other OS. Am I right, or does having the two OS's on the same hard drive mean that win7 would be able to infect chrome?
0 Votes
+ -
A new OS - happens every day
Donald.Nagy@... 12th Apr 2010
At least one college or university displays a new OS
every day. (World Wide)
Some eventually catch on but there are a lot of new OS's
and lots of new features.
0 Votes
+ -
Hasn't it ever occurred to anyone ...
aureolin 12th Apr 2010
... that the only truly secure OS has no user? Think
about it - Most of the current exploits for pretty
much any OS are all based on social engineering of one
sort or another. Today's goal is to get the (l)user to
click on something so that the malware can install. The memory of those heady days of remotely hacking a
system or doing drive-by installs from a hacked
website are fast fading into the dim and pleasant
recesses of our memory. Hacking just isn't what it
used to be.

The conclusion is completely inescapable: You *must*
eliminate the user in order to properly secure the OS.
Anything else is just madness.

wink

Steve G.
0 Votes
+ -
RE: Researchers get funding to build new secure OS
gnorton100@... 13th Apr 2010
This new OS sounds like a discussion I had with friends some
years ago.

Create a bullet-proof kernel.
Wrap it in a VM layer that creates a "sandbox" for every
program, whether OS or app.
Sandboxes can pass data back and forth for interoperability.
Stealing from Linux: no app file or system changes can be made
without the SUDO password, preventing drive-by downloads and
infections.

If malware (virus, trojan, etc) actually infects the OS or app,
a popup notifies the user of the problem, saves any open files
from that sandbox, closes and re-opens the sandbox.

The app or OS re-opens using the prior-to-infection version and
NO changes made by the infection are retained.

The file that had been saved is re-opened and the user continues
their work.
0 Votes
+ -
RE: Researchers get funding to build new secure OS
914four 15th Jun 2010
Sounds an awful lot like OpenSolaris with Trusted Extensions and Virtualbox / xVM to me. Perhaps based on the limited funds they've received that might not be a bad place to start?
0 Votes
+ -
RE: Researchers get funding to build new secure OS
efsane Updated - 9th Apr 2011
Great!!! thanks for sharing this information to us!
sesli sohbet sesli chat

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix