• DocumentCode
    2344050
  • Title

    Policy vs. mechanism in the Secure TUNIS operating system

  • Author

    Grenier, Guy-L ; Holt, Richard C. ; Funkenhauser, Mark

  • Author_Institution
    Comput. Syst. Res. Inst., Toronto Univ., Ont., Canada
  • fYear
    1989
  • fDate
    1-3 May 1989
  • Firstpage
    84
  • Lastpage
    93
  • Abstract
    The trusted computing base (TCB) of a secure operating system can have its security policy enforced by a small, provably correct security manager. The design of the Secure TUNIS (Toronto University system) operating system divides security concerns into policy (implemented by its security manager) and mechanism (implemented by the rest of the operating system). It is shown that this separation is a key concept in allowing Secure TUNIS to be validated, due to the isolation of security critical code and data in a small module. This design provides the basis of an implementation of a POSIX (Unix) kernel that can be certified at security levels of B3 and above. The security policy, as implemented by Secure TUNIS, is given
  • Keywords
    operating systems (computers); security of data; B3; POSIX (Unix) kernel; Secure TUNIS operating system; TCB; Toronto University system; mechanism; secure operating system; security critical code; security levels; security manager; security policy; trusted computing base; Access control; Books; Computer security; Data security; Information security; Kernel; Memory management; Operating systems; US Department of Defense; Utility programs;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
  • Conference_Location
    Oakland, CA
  • Print_ISBN
    0-8186-1939-2
  • Type

    conf

  • DOI
    10.1109/SECPRI.1989.36280
  • Filename
    36280
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2344050