Monolithic commodity operating systems (OSes), like Windows, Mac OS X, Linux, and FreeBSD, lack sufficient protection mechanisms with which to adhere to Critical information protection design principles. Today we will learn about the nested kernel architecture, a new OS organization that provides important security benefits to commodity operating systems that was retrofitted to an existing monolithic kernel. We will learn how the nested kernel architecture can efficiently support useful write-mediation policies, such as write-once and append-only, which OS developers can use to incorporate new security policies with very low performance overheads. Our guest today is Dr. Nathan Dautenhahn, Assistant Professor of Computer Science at Rice University.