The Resource Management Layer

On top of the hardware layer, the resource management layer is responsible for both sharing of hardware resources and the enforcement of mandatory access control rules based on the available hardware resources. Since access to hardware resources is most often highly security-critical, the resource management layer has to provide two important security properties, namely isolation and least privilege.

The resource management layer of EMSCB follows the so-called multiserver-approach by which isolated user-mode services are realized based on an efficient microkernel (see Figure 1).

Figure 1: The resource management layer is realized by user-level processes that are executed on top of an efficient microkernel.

To be able to share hardware devices, device drivers are also part of the resource management layer. Since malicious code that has access to busmaster direct memory access (DMA) devices can bypass any security mechanisms, the resource management layer has to ensure that only secure values are used to invoke DMA functions.

One important advantage of microkernel-based systems is their small size which qualifies them as basis for leightweight computing platforms like mobile devices and embedded systems.