Some Advantages of the SPEEDOS Approach

The first important advantage of the SPEEDOS approach is that designers of application software for SPEEDOS applications are automatically provided with a framework which encourages the important software engineering practice of information hiding. This, in combination with the use of capabilities, leads to a mechanism which allows modules to be protected at a much higher level than the simple access rights of conventional operating systems.

It also provides a basis for defining files as persistent objects, with all the advantages of persistent programming. It also removes the need to support a conventional file system (which in conventional systems is a substantial source of security problems).

At this point I can add that all the features mentioned so far have been thoroughly tested on hardware built by my Monads team at Monash University and then used at several universities in Australia and in Germany. This hardware was not RISC based, but I have described above how normal RISC computers can be modified using the S‐RISC technique, which also allows current RISC applications easily to be converted if a small change is made to the RISC hardware.

What has not been tested is the qualifier‐based protection technique, but I have described in detail in the book Making Computers Secure, volume 2, how this technique can be implemented in a future SPEEDOS system; this book can be downloaded below. Qualifier based protection is the technique which in effect allows information‐hiding files to be protected individually by qualifier‐based "firewalls".

The final SPEEDOS technique to be mentioned here provides a new and very secure mechanism for securely logging in and out of SPEEDOS systems, which has also been thoroughly tested in the Monads systems.

All of the SPEEDOS techniques carry over seamlessly to the Internet, using remote intermodule calls.

In summary SPEEDOS is an extremely secure operating system which could potentially save companies and governments trillions of dollars annually worldwide. The book Making Computers Secure, volume 2 explains in detail how SPEEDOS can be implemented. The paper "S‐RISC: Adding Security to RISC Computers", which can be downloaded from this website, explains how it can be efficiently implemented on a modified version of RISC hardware, which could at the same time also support existing RISC applications.