muSTAR Secure Decoupling of Linux Processes

Linux processes are subject to interference from the Linux kernel and other
running processes on the system. "Decoupling of Linux Processes" is a
mechanism that moves a Linux process out of a Linux virtual machine and runs
it next to the Linux VM on the L4Re microkernel. Thus, the decoupled process
runs without interference from Linux's scheduler and other influence. 
In the past, the decoupling mechanism has been implemented with L4Linux and
more recently also in hardware-assisted VMs.

Although the decoupling mechanism eliminates unwanted interruptions during
execution, the Linux kernel is still in charge of scheduling a decoupled
program, as well as for performing certain management tasks. 

In this presentation I will introduce an approach which extends the decoupling
mechanism with further means to ensure that a process that has been decoupled
can run independently of Linux. This includes the data separation as well as
integrity checks and execution state isolation.

(Diploma Thesis Defense)