INDEX 215
placement, LSM, 124
Multics, 31
security, 51
SELinux, 126, 131
registry, Windows, 55
requirement of security, 12
resource mechanisms, 1
resources, shared, 48
restricted contexts, 53
result, VAX VMM, 162
retrofitting commercial OS’s, history of, 93
retrofitting security into a commercial OS, 91
return gate, 32
reuse, object, 77
revocation problem, 145
revoking capabilities, 149
rings and brac kets, 29
role based access control, 118
rootkits, 37, 48
safe capability, 148
safety problem, 148
SAT, 147
SCAP, 146, 148
scheduling, 1
scheduling mechanisms, 2
Scomp, 75
applications, 84
architecture, 78
evaluation, 84
hardware, 79
kernel interface pac kage, 78, 83
system, 77
trusted
computing base, 78
operating program, 82
operating system, 78
SDW, 25, 26, 28
secrecy, 5
categories, 66
classes, 65
models, information flow, 59
secure
Ada target, 147
capability systems, 141
building, 146
challenges in, 143
communications processor, 77
operating systems, 3
definition, 16
for Linux, building a, 121
Gemini, 86
requirements, 4
UNIX and KSOS, emulated systems: data,
93
virtual machine systems, 153
Xenix, 94
securing commercial operating systems, 91
security
analysis, UNIX, 45
analysis, Windows, 53
automated verified, 178
capability, 142
classes, 60
classes, Orange Book, 170
Domains, B3, 172
enforcement, 56
enhanced Linux, 121, 126
evaluation, SELinux, 137
feature requirements, 170
for Xen, 166
fundamentals, Multics, 25
goals, 4, 5
goals, verifiable, 57
in ordinary operating systems, 39
in other virtual machine systems, 163
into a commercial OS, retrofitting, 91
kernel, 75, 76, 82, 86, 90

Get Operating System Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.