Title :
Assuring Distributed Trusted Mach
Author :
Fine, Todd ; Minear, Spencer E.
Author_Institution :
Secure Comput. Corp., Arden Hills, MN, USA
Abstract :
Distributed Trusted Mach (DTMach) is an operating system designed by Secure Computing Corporation. The goal of the project is to use the Mach 3.0 kernel as the base for a secure, distributed system. As a first step in developing the DTMach security policy, a categorization of general security concerns was constructed. Concerns that were not adequately addressed by the Mach 3.0 kernel indicated potential security vulnerabilities. The authors describe these general security concerns, the manner in which the Mach 3.0 kernel addresses each concern, and the manner in which DTMach addresses each concern. The focus is on the DTMach security policy and security mechanisms. It is first necessary to identify the general threats against which DTMach must protect. The next step is to identify control mechanisms that are sufficient to protect against each of the threats. The DTMach design makes extensive use of type enforcement in addressing the threats. The general threats and the countermeasures provided by DTMach are described, which provide more evidence of the usefulness of type enforcement in general and the high assurance provided by the DTMach type of enforcement policy
Keywords :
distributed processing; operating systems (computers); security of data; DTMach; Distributed Trusted Mach; Mach 3.0 kernel; Secure Computing Corporation; control mechanisms; enforcement policy; operating system; secure distributed system; security policy; security vulnerabilities; threats; type enforcement; Access control; Control systems; Distributed computing; Kernel; Message passing; Power system protection; Security;
Conference_Titel :
Research in Security and Privacy, 1993. Proceedings., 1993 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-3370-0
DOI :
10.1109/RISP.1993.287631
