{"title":"Access meditation in a message passing kernel","authors":"M. Branstad, H. Tajalli, F. Mayer, D. Dalva","doi":"10.1109/SECPRI.1989.36278","DOIUrl":null,"url":null,"abstract":"The authors describe how mandatory and discretionary access mediation are performed in the trusted mach (TMach) kernel, a system that uses message passing as its primary means of communication both between tasks and with the kernel. As a consequence, control of interprocess communication in the TMach kernel is a central concern whereas controlled sharing of segments is the central focus in trusted systems with more traditional architectures. The TMach kernel is not a complete trusted system. It is a reference monitor of basic system abstractions, providing a small, well-controlled base on which the rest of a trusted computing base and operating system can be constructed. The TMach kernel provides simple and elegant mandatory access control for port access rights. The TMach kernel's MAC (mandatory access control) mechanisms clearly control the flow of information according to a mandatory security policy based on a Bell and La Padula model. DAC (discretionary access control) mechanisms are provided in the TMach kernel to implement TCSEC (trusted computer system evaluation criteria) requirements and to support DAC in servers to be built on the kernel.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"38","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1989 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1989.36278","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 38
Abstract
The authors describe how mandatory and discretionary access mediation are performed in the trusted mach (TMach) kernel, a system that uses message passing as its primary means of communication both between tasks and with the kernel. As a consequence, control of interprocess communication in the TMach kernel is a central concern whereas controlled sharing of segments is the central focus in trusted systems with more traditional architectures. The TMach kernel is not a complete trusted system. It is a reference monitor of basic system abstractions, providing a small, well-controlled base on which the rest of a trusted computing base and operating system can be constructed. The TMach kernel provides simple and elegant mandatory access control for port access rights. The TMach kernel's MAC (mandatory access control) mechanisms clearly control the flow of information according to a mandatory security policy based on a Bell and La Padula model. DAC (discretionary access control) mechanisms are provided in the TMach kernel to implement TCSEC (trusted computer system evaluation criteria) requirements and to support DAC in servers to be built on the kernel.<>
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
