T.A. Berson and G.L. Barksdale Jr. KSOS: Development methodology for a secure operating system. In National Computer Conference, pages 365--371. AFIPS Conference Proceedings, 1979. Vol. 48.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....a separation kernel (with its wires cut ) enforces isolation on its regimes: we must prove the total absence of any information flow from one regime to another. The technique which has been used to verify secure information flow in kernels constructed by the Mitre Corporation [20] and in KSOS [7, 10], and which seems to be widely accepted, is known as information flow analysis (IFA) 21] sometimes also called security flow analysis. It might be thought that this will also provide a satisfactory technique for verifying a separation kernel. But this is not so. One reason for this is that ....

....of the implementation can then be established by showing it to be a correct implementation of the secure highlevel specifications [23] In conventional practice, however, this second stage is not performed. For KSOS, for example, only illustrative proofs of the implementation were provided [7]. Because the KSOS kernel contains, among other things, a mechanism to support a multilevel secure file system, verification of the security of its high level specifications is a significant task. It would be vastly more difficult and hugely expensive to verify the correctness of its ....

T. A. Berson and G. L. Barksdale Jr. KSOS---development methodology for a secure operating system. In National Computer Conference, volume 48, pages 365--371. AFIPS Conference Proceedings, 1979.

....and prove the implementation correct. Some projects were intended to complete only an initial portion of this sequence of goals. The goals were met with varying degrees of success. Many security kernel projects are reported in the literature: PSOS [Feiertag 79, Neumann 77] KSOS [McCauley 79, Berson 79] UCLA Secure Unix project [Popek 79, Walker 80] KVM 370 [Gold 79] and SCOMP [Fraim 83] The Secure Ada Target (SAT, now called LOCK) Boebert 85] is an ongoing project at Honeywell. Landwehr [Landwehr 83] gives a useful summary of the state of the art circa 1983. Rushby criticizes the kernel ....

T.A. Berson, G.L. Barksdale, Jr. KSOS - Development Methodology for a Secure Operating System. In AFIPS Conference Proceedings, pages 365-371. 1979.

No context found.

T.A. Berson and G.L. Barksdale Jr. KSOS: Development methodology for a secure operating system. In National Computer Conference, pages 365--371. AFIPS Conference Proceedings, 1979. Vol. 48.

No context found.

T.A. Berson and G.L. Barksdale Jr. KSOS: Development methodology for a secure operating system. In National Computer Conference, pages 365-371. AFIPS Conference Proceedings, 1979. Vol. 48.

No context found.

Berson, T., and J. Barksdale, "KSOS: Development Methodology for a Secure Operating System," NCC '79, New York, New York, June 1979.

No context found.

T.A. Berson, G.L. Barksdale, Jr. KSOS - Development Methodology for a Secure Operating System. In AFIPS Conference Proceedings, pages 365-371. 1979.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC