Edit WYSIWYGattachfile Attach PDF Raw View►More Actions▼More Actions


Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
822 Jul 2014 - 15:08ThomasMisa 
703 Oct 2013 - 15:56norqu036? 
625 Jun 2013 - 12:30NicLewis 
525 Jun 2013 - 10:16NicLewis 
424 Jun 2013 - 14:24NicLewis 
324 Jun 2013 - 11:42NicLewis 
224 Jun 2013 - 11:41NicLewisAttached file ford78.pdf 
124 Jun 2013 - 09:07NicLewis 

Render style:     Context:


 History: r8 < r7 < r6 < r5 < r4
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>Systems>SystemsKSOS (22 Jul 2014, ThomasMisa)

Current Activitieslock Who is Who?lock People Programs Publications CSHW_2014 Systems Events Mechanisms

KSOS

 

Ford Aerospace and its SRI International subcontractor originally developed the Kernelized Secure Operating System (KSOS) for the Defense Advanced Research Projects Agency (DARPA) as a provably secure, commercially viable operating system initially for use on the DEC PDP-11/70 minicomputer. With its design executive summary released in 1978, the purpose of the KSOS project was to produce a security kernel compatible with the UNIX operating system from Bell Labs. KSOS was designed to handle information of multiple security levels, with the intention of preventing users with insufficient privileges from compromising information, while maintaining full compatibility with the library of UNIX applications without modification to the software. This followed pioneering security kernel work conducted at The MITRE Corporation under United States Air Force sponsorship. The MITRE project demonstrated successfully a security kernel proof-of-concept on the Multics operating system. Ford Aerospace and SRI International applied lessons from the Multics security kernel toward development of the KSOS project.

Several difficulties arose during KSOS development. Among the difficulties were the verification of the "trusted processes" needed for most applications, doubts over the ability of the security models of the period to verify the implementation of the security kernel, and the complexity of supporting application compatibility while maintaining a verifiably secure system. The greatest difficulty emerged from the KSOS implementation of UNIX under emulation. Running UNIX under emulation was intended to ensure application compatibility by creating an arbitrary environment best suited for the application, while maintaining control over resource allocation through the kernel. However, this process of emulation placed great demands on the limited computer resources available, resulting in a significant reduction in performance. Subsequent security kernel efforts, such as the Honeywell Scomp, avoided the significant performance issues found in KSOS through a hardware-level implementation of emulation, rather than a software-level implementation.(1)(2)(3)(4)(5)

Notes

1 : Lester J. Fraim, "Scomp: A Solution to the Multilevel Security Problem," 26-27, in Computer (July 1983), 26-34. DOI

2 : lock John P. L. Woodward, "Applications for Multilevel Secure Operating Systems," 320, in National Computer Conference 1979, New York: AFIPS Press, 1979, 319-328. (Login required)

3 : Secure Minicomputer Operating System (KSOS): Executive Summary, Palo Alto, CA: Ford Aerospace & Communications Corporation, 1978, 1-2.

4 : lock J. M. Rushby, "Design and Verification of Secure Systems," 12-13, in Proceedings of the Eigth ACM Symposium on Operating Systems Principles 15, issue 5 (December 1981), 12-21. (Login required)

5 : lock E. J. McCauley and P. J. Drongowski, KSOS--The design of a secure operating system," 345-347, in National Computer Conference 1979, New York: AFIPS Press, 1979, 345-353 (Login required)


Topic attachments
I Attachment Action Size Date WhoSorted ascending Comment
pdfpdf ford78.pdf manage 802.6 K 24 Jun 2013 - 11:41 NicLewis Secure Minicomputer Operating System (KSOS): Executive Summary.
Topic revision: r8 - 22 Jul 2014 - 15:08:06 - ThomasMisa
 
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback