The Ethos Operating System An operating system to make it far easier to write applications that withstand attack

Ethos

For decades, Operating Systems (OSs) have stressed backward compatibility and extraordinary flexibility. Thus the semantics of today's widely-used OSs dates back to the 1970s. In contrast, over this time Programming Langugages (PLs) have adopted higher level, more abstract, semantics. As a consequence of this semantic gap, PLs have been incorporating more OS semantics. But PLs are not OSs; and a PL-as-OS approach forfeits advantages which result from new OSs.

An OS's system calls (and other interfaces) define its semantics. This semantics includes its security services (authentication, authorization, isolation) and its abstractions. Ethos provides stronger security services which are more resistant to attack and abstractions which are less prone to abuse by attackers. As an example of the former, all networking in Ethos is encrypted, authenticated, and authorized. As an example of the later, Ethos I/O is typed (as in programming languages) ensuring that I/O conforms to declared typed and thus preventing many attacks based on ill-formed input. Together, the security services and abstraction provide security properties which are guaranteed to hold for all applications which are built on top of Ethos.

We believe that a new generation of OS semantics is both necessary and possible. The need which will drive new OS adoption is security. Ethos indicates what is possible with such a design philosophy.



News Recent news events I'm starting to tweet news @JonSolworth.

UIC is searching for Systems Faculty.

Jon Solworth presented a talk on Ethos at You broke the Internet at the 30th Chaos Computer Congress.

at the 30th Chaos Computer Congress. Dan Bernstein, Tanja Lange, and Nadia Heninger presented "The Year In Crypto" at the 30th Chaos Computer Congress.

Mike Petullo presented MinimaLT at ACM Computer and Communications Conference in Nov. 2013.

I've just put a slew of Ethos papers on-line, see this

We've released Ethos's network protocol "MinimaLT: Minimal-latency Networking Through Better Security" by W. Michael Petullo, Xu Zhang, Jon A. Solworth, Daniel J. Bernstein, and Tanja Lange.

Jon A. Solworth gave a talk on May 21st at IEEE Security and Privacy: Clean slate vs. compatibility: The struggle for new system software layers

Jon A. Solworth gave a talk on May 3rd at Greater Chicago Area Systems Research Workshop, Ethos: A layered approached to secure applications

W. Michael Petullo defended his Ph.D. thesis on May 15th, 2013.

An Ethos paper on secure networking has been accepted to the EuroSec workshop at EuroSys in Prague. Mike Petullo is lead author and presenter.

Wenyuan and Muxuan Fei's son Daniel was born on March 12th.

Two more Ethos papers have been accepted, this time to the Resolve Workshop at ASPLOS. Mike Petullo is the lead author and presenter.

Mike Petullo gave a talk at University of Wisconsin, Madison on Ethos.

Ethos now runs on 64-bit, the result of 6 months determined effort to root out bugs in the the 64-bit port which made it unusable. Kudos to Xu Zhang and Mike Petullo and to Pat Gavlin and Andrei Warkentin for the original port.

CS 486, Secure Operating System Design and Implementation course has been approved by the department's graduate and undergraduate committees.

The first Ethos paper has been published at ACM DIM, the ACM workshop on Digital Identity Management.