Access meditation in a message passing kernel

Proceedings. 1989 IEEE Symposium on Security and Privacy Pub Date : 1989-05-01 DOI:10.1109/SECPRI.1989.36278

M. Branstad, H. Tajalli, F. Mayer, D. Dalva

{"title":"Access meditation in a message passing kernel","authors":"M. Branstad, H. Tajalli, F. Mayer, D. Dalva","doi":"10.1109/SECPRI.1989.36278","DOIUrl":null,"url":null,"abstract":"The authors describe how mandatory and discretionary access mediation are performed in the trusted mach (TMach) kernel, a system that uses message passing as its primary means of communication both between tasks and with the kernel. As a consequence, control of interprocess communication in the TMach kernel is a central concern whereas controlled sharing of segments is the central focus in trusted systems with more traditional architectures. The TMach kernel is not a complete trusted system. It is a reference monitor of basic system abstractions, providing a small, well-controlled base on which the rest of a trusted computing base and operating system can be constructed. The TMach kernel provides simple and elegant mandatory access control for port access rights. The TMach kernel's MAC (mandatory access control) mechanisms clearly control the flow of information according to a mandatory security policy based on a Bell and La Padula model. DAC (discretionary access control) mechanisms are provided in the TMach kernel to implement TCSEC (trusted computer system evaluation criteria) requirements and to support DAC in servers to be built on the kernel.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"38","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1989 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1989.36278","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 38

Abstract

The authors describe how mandatory and discretionary access mediation are performed in the trusted mach (TMach) kernel, a system that uses message passing as its primary means of communication both between tasks and with the kernel. As a consequence, control of interprocess communication in the TMach kernel is a central concern whereas controlled sharing of segments is the central focus in trusted systems with more traditional architectures. The TMach kernel is not a complete trusted system. It is a reference monitor of basic system abstractions, providing a small, well-controlled base on which the rest of a trusted computing base and operating system can be constructed. The TMach kernel provides simple and elegant mandatory access control for port access rights. The TMach kernel's MAC (mandatory access control) mechanisms clearly control the flow of information according to a mandatory security policy based on a Bell and La Padula model. DAC (discretionary access control) mechanisms are provided in the TMach kernel to implement TCSEC (trusted computer system evaluation criteria) requirements and to support DAC in servers to be built on the kernel.<>

查看原文本刊更多论文

在消息传递内核中访问冥想

作者描述了如何在可信mach (TMach)内核中执行强制访问和自由访问中介，该系统使用消息传递作为任务之间以及与内核之间的主要通信手段。因此，在TMach内核中对进程间通信的控制是一个中心问题，而在具有更传统架构的可信系统中，对段共享的控制是中心问题。TMach内核不是一个完整的可信系统。它是基本系统抽象的参考监视器，提供了一个小的、控制良好的基础，可在此基础上构建可信计算基础和操作系统的其余部分。TMach内核为端口访问权限提供了简单而优雅的强制访问控制。TMach内核的MAC(强制访问控制)机制根据基于Bell和La Padula模型的强制安全策略明确地控制信息流。在TMach内核中提供了DAC(自由访问控制)机制，以实现TCSEC(可信计算机系统评估标准)要求，并支持建立在内核上的服务器中的DAC。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings. 1989 IEEE Symposium on Security and Privacy

自引率

0.00%

发文量