Trusted Solaris
   HOME

TheInfoList



OR:

Trusted Solaris is a discontinued security-evaluated
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...
based on Solaris by Sun Microsystems, featuring a
mandatory access control In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system or database constrains the ability of a ''subject'' or ''initiator'' to access or generally perform some sort of operation on a ...
model.


Features

* Accounting *
Role-Based Access Control In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users. It is an approach to implement mandatory access control (MAC) or discretionary access control ...
* Auditing * Device allocation * Mandatory access control (MAC) labeling


Certification

Trusted Solaris 8 is Common Criteria certified at
Evaluation Assurance Level The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assuranc ...
EAL4+ against the CAPP, RBACPP, and LSPP protection profiles. It is the basis for the DoDIIS Trusted Workstation program.


Solaris Trusted Extensions

Features that were previously only available in Trusted Solaris, such as fine-grained privileges, are now part of the standard Solaris release. In the Solaris 10 11/06 update a new component called
Solaris Trusted Extensions Solaris Trusted Extensions is a set of security extensions incorporated in the Solaris 10 operating system by Sun Microsystems, featuring a mandatory access control model. It succeeds Trusted Solaris, a family of security-evaluated operating syste ...
was introduced, making it no longer necessary to have a different release with a modified kernel for labeled security environments. Solaris Trusted Extensions is an OpenSolaris project. Solaris Trusted Extensions, when enabled, enforces a mandatory access control policy on all aspects of the operating system, including device access, file, networking, print and window management services. This is achieved by adding sensitivity labels to objects, thereby establishing explicit relationships between these objects. Only appropriate (and explicit) authorization allows applications and users read and/or write access to the objects. The component also provides labeled security features in a desktop environment. Apart from extending support for the
Common Desktop Environment The Common Desktop Environment (CDE) is a desktop environment for Unix and OpenVMS, based on the Motif widget toolkit. It was part of the UNIX 98 Workstation Product Standard, and was for a long time the Unix desktop associated with commercial ...
from the Trusted Solaris 8 release, it delivered the first labeled environment based on GNOME. Solaris Trusted Extensions facilitates the access of data at multiple classification levels through a single desktop environment. Solaris Trusted Extensions also implements labeled device access and labeled network communication, through the Commercial Internet Protocol Security Option (CIPSO) standard. CIPSO is used to pass security information within and between labeled
zones Zone or The Zone may refer to: Places Climate and altitude zones * Death zone (originally the lethal zone), altitudes above a certain point where the amount of oxygen is insufficient to sustain human life for an extended time span * Frigid zone, ...
. Solaris Trusted Extensions complies with the
Federal Information Processing Standards The Federal Information Processing Standards (FIPS) of the United States are a set of publicly announced standards that the National Institute of Standards and Technology (NIST) has developed for use in computer systems of non-military, America ...
(FIPS).


References


External links

* * {{Solaris Operating system security Sun Microsystems software Proprietary operating systems