Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Servers

    Trusted Systems Move to Mainstream

    Written by

    Jason Brooks
    Published September 3, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      When it comes to operating systems, its a matter of trust—or mistrust, as the case may be.

      Its often suggested that Microsoft Corp.s security woes stem in part from the companys tardiness in updating the security assumptions it had developed when solitary, disconnected desktop PCs had little reason to fear network-borne attacks.

      However, the problem of operating systems that are too trusting for anyones good in todays wide-open, tightly connected environment extends beyond Microsoft—although Unix and Linux systems derive certain security benefits from their networked, multiuser roots, these systems are also much more permissive than they should be.

      Perimeter-focused security elements such as firewalls play an important role in securing an enterprise infrastructure, but with many services, such as Web servers, its necessary for companies to expose portions of their infrastructure to the Internet.

      Enter the trusted operating system, which can make an enterprise infrastructure significantly more secure by bringing servers an access control scheme thats more fine-grained than the DAC (discretionary access control) of most operating systems.

      /zimages/2/28571.gifClick here to read about how trusted operating systems are certified.

      Trusted operating systems provide for and enforce mandatory access control policies, which limit user and application privileges to the minimum required to do whatever job needs to be done. With the DAC schemes of most operating systems, in contrast, a process has access to everything available to the user who launched it.

      Many applications, including potentially vulnerable Internet-facing services, require superuser privileges to do things such as bind to low-numbered ports. This means that a compromised name server or Web server can give potential attackers the keys to all the data and processes on a breached machine. By limiting processes to the resources they require, trusted operating systems let companies limit the damage that a compromise can cause.

      Trusted-operating-system products arent new, and there is a variety of options available. These include Sun Microsystems Inc.s Trusted Solaris and the National Security Agency-developed Security-Enhanced Linux, as well as PitBull LX from Argus Systems Group, a division of Innovative Security Systems Inc.

      /zimages/2/28571.gifClick here to read about how one IT services company is using PitBull LX.

      However, since the early 1980s, when trusted operating systems began to be used in government and security-sensitive private deployments, these products have typically occupied a niche position. This is because of how the systems have been marketed and, as with other computing systems, because security is inversely related to convenience—trusted operating systems typically are trickier to configure and work with than are their more trusting counterparts.

      But with increasing attention being paid to security on both the vendor and consumer sides of the enterprise IT market, trusted-operating-system features are beginning to make their way into mainstream operating systems.

      Sun, for example, has announced that Solaris 10, due early next year, will leverage some of the process rights management functionality present in the companys Trusted Solaris, which limits privileges for users and tasks.

      In addition, Microsoft has launched a major project called NGSCB (Next Generation Secure Computing Base) for improving the security of “Longhorn,” the next major Windows revision. NGSCB is designed to tighten the control that users and administrators have over their systems. However, responding to developer and user pushback, Microsoft is re-evaluating what role NGSCB will play in Longhorn when that operating system ships. (Longhorn is expected to ship sometime in 2006.)

      /zimages/2/28571.gifClick here to read about the changes Microsoft is making in order to deliver Longhorn in 2006.

      Linux serves as a base platform for trusted-operating-system products such as PitBull LX and Immunix Inc.s Secured OS, and SELinux provides a common option for bringing trusted-operating-system features to various Linux distributions.

      Red Hat Inc. officials have said that SELinux will be included in Red Hat Enterprise Linux 4, which is expected to ship in the first quarter of next year. SELinux also integrates well with the Debian and Gentoo distributions of Linux.

      Senior Analyst Jason Brooks can be reached at [email protected].

      /zimages/2/28571.gifCheck out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      /zimages/2/77042.gif

      Be sure to add our eWEEK.com Security news feed to your RSS newsreader or My Yahoo page

      Jason Brooks
      Jason Brooks
      As Editor in Chief of eWEEK Labs, Jason Brooks manages the Labs team and is responsible for eWEEK's print edition. Brooks joined eWEEK in 1999, and has covered wireless networking, office productivity suites, mobile devices, Windows, virtualization, and desktops and notebooks. Jason's coverage is currently focused on Linux and Unix operating systems, open-source software and licensing, cloud computing and Software as a Service.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×