| Level 2: transparent extension of standard libraries. |
In this approach, standard programming interfaces (e.g., operating system calls or standard C library calls) are hardened with additional capabilities. Most of the changes at this level occur to the libraries that exist in user space; only the more advanced fault tolerance and security protection mechanisms require extensions to the operating system. Some example capabilities of this level include: (i) reliability support – detection of application hangs, protection against data errors on disk through duplication of file writes, automatic re-establishing broken TCP/IP socket connections upon recovery that is transparent to both client and server; (ii) security support – protection of return addresses of functions.
Because of the flexible ARMOR infrastructure, security protection and
detection and recovery services – embodied as reconfigurable high
availability and security modules – can be added or removed from the
infrastructure depending upon application requirements. The modular design
ensures that the customer only pays for the strategies that he uses—in
terms of both cost and hardware resources. Plus, a clear upgrade path exists
through which additional protection capabilities can be added to the ARMOR
infrastructure in the future.