{"title":"安全突尼斯操作系统中的策略与机制","authors":"Gideon Grenier, R. Holt, M. Funkenhauser","doi":"10.1109/SECPRI.1989.36280","DOIUrl":null,"url":null,"abstract":"The trusted computing base (TCB) of a secure operating system can have its security policy enforced by a small, provably correct security manager. The design of the Secure TUNIS (Toronto University system) operating system divides security concerns into policy (implemented by its security manager) and mechanism (implemented by the rest of the operating system). It is shown that this separation is a key concept in allowing Secure TUNIS to be validated, due to the isolation of security critical code and data in a small module. This design provides the basis of an implementation of a POSIX (Unix) kernel that can be certified at security levels of B3 and above. The security policy, as implemented by Secure TUNIS, is given.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Policy vs. mechanism in the Secure TUNIS operating system\",\"authors\":\"Gideon Grenier, R. Holt, M. Funkenhauser\",\"doi\":\"10.1109/SECPRI.1989.36280\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The trusted computing base (TCB) of a secure operating system can have its security policy enforced by a small, provably correct security manager. The design of the Secure TUNIS (Toronto University system) operating system divides security concerns into policy (implemented by its security manager) and mechanism (implemented by the rest of the operating system). It is shown that this separation is a key concept in allowing Secure TUNIS to be validated, due to the isolation of security critical code and data in a small module. This design provides the basis of an implementation of a POSIX (Unix) kernel that can be certified at security levels of B3 and above. The security policy, as implemented by Secure TUNIS, is given.<<ETX>>\",\"PeriodicalId\":126792,\"journal\":{\"name\":\"Proceedings. 1989 IEEE Symposium on Security and Privacy\",\"volume\":\"101 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1989-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 1989 IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECPRI.1989.36280\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1989 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1989.36280","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Policy vs. mechanism in the Secure TUNIS operating system
The trusted computing base (TCB) of a secure operating system can have its security policy enforced by a small, provably correct security manager. The design of the Secure TUNIS (Toronto University system) operating system divides security concerns into policy (implemented by its security manager) and mechanism (implemented by the rest of the operating system). It is shown that this separation is a key concept in allowing Secure TUNIS to be validated, due to the isolation of security critical code and data in a small module. This design provides the basis of an implementation of a POSIX (Unix) kernel that can be certified at security levels of B3 and above. The security policy, as implemented by Secure TUNIS, is given.<>
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
