Extensible Operating System Security

Abstract

The EXOS project investigated the practical application of security to extensible operating systems. The project leaders investigated how security policies should be represented and supported in extensible systems, concluding that classical policy models are intuitive, capture widely accepted policy requirements, and provide a concrete foundation for systems evaluation efforts. The investigators introduced support for several well known, important user-level security policy models. In addition, the investigators introduced kernel-oriented security by supporting the separation of kernel code into segments and enforcing a domain/type policy on threads as they execute or otherwise access system segments. Finally, they devised a domain/type policy extensibility strategy that is conservative, preserving prior policy after allowed extensions.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2002
Accession Number
ADA408087

Entities

People

  • Dennis Hollingworth
  • Robert Rice
  • Timothy Redmond

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Application Software
  • Computer Access Control
  • Computer Program Documentation
  • Computer Programming
  • Computer Programs
  • Computers
  • Device Drivers
  • Information Systems
  • Kernels (Operating System)
  • Language
  • Lessons Learned
  • Operating Systems
  • Programming Languages
  • Security
  • Shell Scripts
  • System Software

Fields of Study

  • Computer science

Readers

  • Parallel and Distributed Computing.
  • Software Engineering.
  • Theoretical Analysis.