Trusted Solaris

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Trusted Solaris is a security-evaluated operating system based on Solaris by Sun Microsystems, featuring a mandatory access control model.

Parts of Trusted Solaris:

Trusted Solaris 8 is Common Criteria certified at Evaluation Assurance Level EAL4+ against the CAPP, RBACPP, and LSPP protection profiles. It is the basis for the DoDIIS Trusted Workstation program. [1]

Solaris Trusted Extensions[edit]

Certain Trusted Solaris features, such as fine-grained privileges, are now part of the standard Solaris 10 release. The Solaris 10 11/06 update has added a component called Solaris Trusted Extensions which gives Solaris 10 the additional features necessary to position it as the successor to Trusted Solaris. Inclusion of these features in the mainstream Solaris release marks a significant change from Trusted Solaris, as it is no longer necessary to use a different Solaris release with a modified kernel for labeled security environments. Solaris Trusted Extensions is an OpenSolaris project.

Solaris Trusted Extensions enforce a mandatory access control policy on all aspects of the operating system, including device access, file, networking, print and window management services. This is achieved by adding sensitivity labels to objects, thereby establishing explicit relationships between these objects. Only appropriate (and explicit) authorization allows applications and users read and/or write access to the objects.

The component also provides labeled security features in a desktop environment. Apart from extending support for the Common Desktop Environment from the Trusted Solaris 8 release, it delivers the first labeled environment based on GNOME.[2] Solaris Trusted Extensions facilitate the access of data at multiple classification levels through a single desktop environment.

Solaris Trusted Extensions also delivers labeled device access, and labeled network communication (through the CIPSO standard). Commercial Internet Protocol Security Option is used to pass security information within and between labeled zones. Solaris Trusted Extensions complies with the Federal Information Processing Standards (FIPS).

See also[edit]


External links[edit]