Title :
The security policy of the secure distributed operating system prototype
Author :
Proctor, Norman ; Wong, Raymond
Author_Institution :
Odyssey Res. Associates, Menlo Park, CA, USA
Abstract :
The experimental secure distributed operating system (SDOS) is described. It uses a composable property as its mandatory security policy. The security policy includes a fine granularity of discretionary access control immune to Trojan horse attacks. The high degree of assurance that composability makes practical and the richness of the discretionary controls lead SDOS to use balanced assurance. In balance assurance, the assurance measures are fitted to the portion of the security policy whose enforcement is being assured. Like the Cronus distributed computing environment from which it is derived, SDOS uses an object model with abstract operations on various types of system objects and permits an application to extend the paradigm to new types of application objects with new operations. The SDOS security policy and enforcement can likewise be extended for an application´s security policy and enforcement
Keywords :
distributed processing; network operating systems; security of data; Cronus distributed computing environment; Trojan horse; abstract operations; composable property; granularity; object model; secure distributed operating system prototype; security policy; Access control; Computer architecture; Computer security; Distributed computing; Invasive software; Military computing; Operating systems; Programming; Prototypes; Software prototyping;
Conference_Titel :
Computer Security Applications Conference, 1989., Fifth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2006-4
DOI :
10.1109/CSAC.1989.81034
