Encapsulation: An Approach to Operating System Security

Abstract

Currently, there does not exist a certifiably secure, multiuser operating system. No operating system has been able to withstand malicious attacks by skilled penetrators. Nevertheless, there exists a strongly felt need, both in the military and civilian sectors, for reliably secure operating system software. At the same time, any solution to the security problem must take into account the enormous investment in existing equipment and software. Encapsulation, is proposed for batch and RJE systems. It involves the use of a small amount of additional hardware and verified software. The resulting system can be certified to be secure, and is suitable for stringent military requirements. The solution is applicable, essentially unchanged, to a wide class of hardware and software, and it is insensitive to special versions of, or changes to, operating system code. Operating efficiency and costs of construction are discussed in this paper to demonstrate the feasibility of encapsulation.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 1973
Accession Number
AD0771758

Entities

People

  • Gerald J. Popek
  • Richard L. Bisbey Ii

Organizations

  • University of Southern California

Tags

Communities of Interest

  • Human Systems

DTIC Thesaurus Topics

  • Application Software
  • California
  • Computer Access Control
  • Computers
  • Cost Estimates
  • Costs
  • Cybersecurity
  • Encapsulation
  • Identities
  • Midrange Computers
  • Operating Systems
  • Resource Management
  • Security
  • Simulations
  • Simulators
  • Switches
  • Virtual Machines

Fields of Study

  • Computer science
  • Engineering

Readers

  • Database Systems and Applications
  • Economics
  • Software Engineering