The Naval Postgraduate School SECURE ARCHIVAL STORAGE SYSTEM. Part II. Segment and Process Management Implementation.
Abstract
The security kernel technology has provided the technical foundation for highly reliable protection of computerized information. However, the operating system implementations face two significant challenges: providing (1) adequate computational resources for applications tasks, and (2) a clean, straightforward structure whose correctness can be easily reviewed. This paper presents the experience on an ongoing security kernel implementation using the Advanced Micro Devices 4116 single-board computer based on the Z8002 microprocessor. The performance issues of process switching, domain changing, and multiprocessor bus contention are explicitly addressed. The strictly hierarchical (i.e., loop-free) structure provides a series of increasingly capable, separately usable operating system subsets. Security enforcement is structured in two layers: the basic kernel rigorously enforces a non-discretionary (viz., lattice model) policy, while an upper layer provides the access refinements for a discretionary policy. (Author)
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 01, 1981
- Accession Number
- ADA109553
Entities
People
- Lyle A. Cox
- Roger R. Schell
- Sonja L. Perdue
Organizations
- Naval Postgraduate School