Operating System Security
Morgan & Claypool Publishers, 2008 - 218 Seiten
"Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build"secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to satisfy these requirements,we see that the complexity of software systems often results in implementation challenges that we are still exploring to this day. However, if a system design does not aim for achieving the secure operating system requirements, then its security features fail to protect the system in a myriad of ways. We also study systems that have been retro-fit with secure operating system features after an initial deployment. In all cases, the conflict between function on one hand and security on the other leads to difficult choices and the potential for unwise compromises. From this book, we hope that systems designers and implementers will learn the requirements for operating systems that effectively enforce security and will better understand how to manage the balance between function and security."--BOOK JACKET.
Was andere dazu sagen - Rezension schreiben
Es wurden keine Rezensionen gefunden.
access control list applications assurance authorization queries Bell-LaPadula Biba capability systems Chapter complete mediation conﬁguration conﬁnement covert channels deﬁned deﬁnition descriptor device difﬁcult discretionary access control enable enforcement ensure evaluation example execution ﬁle system ﬁrst function GEMSOS hardware high integrity identiﬁed implementation information ﬂow input Linux LSM hooks mandatory access control mandatory protection system mechanisms memory microkernel MLS policy modiﬁcation module Multics multilevel security open system call perform permissions privileges processes running proﬁle programs protection domain provides reference monitor interface request requirements retroﬁt satisﬁes Scomp secrecy and integrity secret secure operating system security class security features security kernel security-sensitive operations segment SELinux sensitivity level server setuid signiﬁcant Solaris speciﬁc system call system resources system security goals Tamperproof tamperprooﬁng transition trusted computing base Trusted Extensions trusted software UNIX systems untrusted processes user’s VAX VMM veriﬁed verify virtual machine write zone