A Configuration Framework and Implementation for the Least Privilege Separation Kernel

Abstract

The Least Privilege Separation Kernel (LPSK) configuration vector defines the initial secure state and the operational configuration of the kernel, including its security policies. Enhancements made to the LPSK functional specification necessitated substantial changes to the configuration vector data format defined previously. Moreover, the earlier format used an ad-hoc syntax, which did not adhere to any standard. This work leverages Extensible Markup Language (XML) to standardize the configuration vector format. The new configuration vector format is depicted in a XML Schema, and its limitations are discussed. A more compact binary representation is defined, with an offline tool provided to generate binary configuration vectors for the target platform. Creation of a configuration vector file is a laborious and error-prone task. A good user interface can ease the process by removing underlying complexities from users. Pertinent features of XML editors were assessed in a survey. Using these as requirements, an XML editor with a suitable graphical user interface was selected.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2010
Accession Number
ADA536553

Entities

People

  • Chee L. Quek

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Biomedical
  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Authentication
  • Computer Program Documentation
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Graphical User Interface
  • Human-Machine Interaction
  • Information Systems
  • Language
  • Markup Languages
  • National Security
  • Operating Systems
  • Standards
  • User Interface
  • Word Processors
  • Xml

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Systems Analysis and Design