Abstract
Currently a certifiably secure multiuser operating system does not exist; no operating system has been able to withstand mallcious attacks by skilled penetrators. While there is a strongly felt need in both the military and civilian sectors for reliably secure operating system software, any solution to the security problem must also take into account the enormous investment in existing equipment and software.In the present paper, hypervisors are discussed as one approach to retrofitting security, but rejected due to the high cost and complexity of installing them on existing equipment. Encapsulation, an alternative solution proposed for batch and remote batch entry applications, requires only a small amount of additional hardware and verified software. The resulting system can be certified to be secure, and is thus suitable for stringent military requirements. The solution is applicable---essentially unchanged---to a wide class of hardware and software, and it is not sensitive to special versions of (or changes to) operating system code. Operating efficiency and construction costs of the encapsulation method are discussed to demonstrate its feasibility.This work has been performed under Advanced Research Projects Agency Contract DAHC15 72 C 0308. It is part of a larger effort to provide securable operating systems in DOD environments.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.