Acetone is a secure operating system kernel that uses a shared address space and supports Asbestos labels. Acetone uses Asbestos labels to enable a wide variety of security policies including ones that prevent untrusted applications from being able to disclose private data. All threads run in the same address space, but have different memory access privileges. Acetone uses standard memory protection mechanisms to ensure that all memory accesses are consistent with label rules. The performance results show that these checks have a relatively low cost.

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005.Includes bibliographical references (p. 53-55).