Безопасность информационных технологий (Jun 2016)
Fragmented network subsystem with traffic filtering for microkernel environment
Abstract
The TCP/IP stack in a microkernel operating system executed in a user space, which requires the development of a distributed network infrastructure within a single software environment. Its functions are the organization of interaction between the components of the stack with different processes, as well as the organization of filtering mechanisms and routing of internal network traffic. Use of architectural approaches applicable in monolithic-modular systems is impossible, because the network stack is not a shareable component of the system. As a consequence, the microkernel environment requires development of special network subsystem. In this work we provide overview of major conceptions of network architectures in microkernel environments. Also, we provide own architecture which supports filtering of internal network traffic. We evaluate the architecture by development of high-performance "key-value" store.
