Title :
Structuring trust in a large general purpose operating system
Author_Institution :
ICL UK Ltd., Wokingham, UK
Abstract :
A description is given of the approach taken by ICL to ameliorate the problem of evaluating the security of a large operating system in which the number of TCB (trusted computing base) and trusted process code procedures is large enough to make exhaustive detailed scrutinization more than exhausting. The approach is applicable to any structured large general-purpose system that enables a conventional TCB/trusted process architecture to be implemented, though it is described with particular reference to ICL´s VME (virtual machine environment) operating system. It is concluded that not only is it possible to structure the TCB into separately identifiable components with different responsibilities but it is also possible to provide a fine-grain categorization of the different degrees of trust vested in the trusted processes
Keywords :
ICL computers; operating systems (computers); performance evaluation; security of data; software reliability; virtual machines; conventional TCB/trusted process architecture; fine-grain categorization; general purpose operating system; large operating system; separately identifiable components; structured large general-purpose system; trusted computing base; trusted process code procedures; virtual machine environment; Certification; Job production systems; Libraries; Operating systems; Paper technology; Protection; Random access memory; Runtime; Security; US Department of Defense;
Conference_Titel :
Aerospace Computer Security Applications Conference, 1988., Fourth
Conference_Location :
Orlando, FL
Print_ISBN :
0-8186-0895-1
DOI :
10.1109/ACSAC.1988.113434
