Trusted operating system
First Claim
1. ) An operating system for supporting a plurality of applications, wherein at least some of said applications are provided with a label or tag, each label or tag being indicative of a logically protected computing compartment of the system, each application having the same label or tag belonging to the same compartment, the operating system defining one or more communications paths between said compartments, and preventing communication between compartments where a communication path therebetween is not defined.
2 Assignments
0 Petitions
Accused Products
Abstract
An operating system comprising a kernel 100 incorporating mandatory access controls as a means to counter the effects posed by application compromise. The operating system uses a technique known as “containment” to at least limit the scope of damage when security breaches occur.
In a preferred embodiment, each application supported by the operating system, is assigned a tag or label, each tag or label being indicative of a logically protected computing environment or “compartment”, and applications having the same tag or label belonging to the same compartment. By default, only applications running in the same compartment can communicate with each other. Access control rules define very narrow tightly-controlled communications paths between compartments.
182 Citations
27 Claims
- 1. ) An operating system for supporting a plurality of applications, wherein at least some of said applications are provided with a label or tag, each label or tag being indicative of a logically protected computing compartment of the system, each application having the same label or tag belonging to the same compartment, the operating system defining one or more communications paths between said compartments, and preventing communication between compartments where a communication path therebetween is not defined.
- 3. ) An operating system for supporting a plurality of applications, the operating system further comprising a plurality of access control rules and enforced by a kernel of the operating system, the access control rules defining the only communication interfaces or paths between selected applications.
- 23. ) An operating system for supporting a plurality of applications, said operating system comprising a database in which is stored a plurality of rules defining permitted communications paths between said applications, said rules being stored in the form of at least two encoded tables, the first table being keyed on the rule source details and the second table being keyed on the rule destination details, the system further comprising a portion, which, in response to a system call, checks at least one of said tables for the presence of a rule defining the required communication path and for permitting said system call to proceed only in the event that said required communication path is defined.
-
25. ) An operating system for supporting a plurality of applications, the operating system:
-
providing at least some of said applications with a tag or label, said tags or labels being indicative of whether or not an application is permitted to transition to root in response to a request, identifying such a request, determining from its tag or label whether or not an application is permitted to transition to root, and permitting or denying said transition accordingly.
-
- 26. ) An operating system comprising a kernel for storing a rule base consisting of one or more rules defining permitted communication paths between system objects, and a user-operable interface for adding, deleting and/or listing such rules.
Specification