A Domain and Type Enforcement UNIX Prototype
Lee Badger
Daniel F. Sterne
David L. Sherman
Kenneth M. Walker
Sheila A. Haghighat
Trusted Information Systems, Inc.
3060 Washington Road
Glenwood, Maryland 21738
Abstract
UNIX system security today often relies on correct operation of
numerous privileged subsystems and careful attention by expert system
administrators. In the context of global and possibly hostile
networks, these traditional UNIX weaknesses raise a legitimate
question about whether UNIX systems are appropriate platforms for
processing and safeguarding important information resources. Domain
and Type Enforcement (DTE) is an access control technology for
partitioning host operating systems such as UNIX into access control
domains. Such partitioning has promise both to enforce organizational
security policies that protect special classes of information and to
generically strengthen operating systems against penetration attacks.
This paper reviews the primary DTE concepts, discusses their
application to IP networks and NFS, and then describes the design and
implementation of a DTE UNIX prototype system.
Download the full text of this paper in
ASCII (55,732 bytes),
POSTSCRIPT (290,705 bytes),
and PDF (217,636 bytes) form.
To Become a USENIX Member, please see our
Membership Information.