Trusted Operating Systems

(OBJ .)

Trusted Operating System (TOS)

• An operating system that is designed to provide a secure computing environment by enforcing stringent security policies that usually rely on mandatory access controls
• Used where Confidentiality, Integrity, and Availability is essential

Evaluation Assurance Level (EAL)

• A predefined security standard and certification from the Common Criteria for Information Technology Security Evaluation
• Common criteria standards are used to assess the effectiveness of the security controls in an operating system
  • EAL 1 is the lowest level of assurance
  • EAL 7 is the highest level of assurance

Trusted operating systems often include

• Mandatory Access Control
  • Access permissions are determined by a policy defined by the system administrators and enforced by the operating system
• Security Auditing
• Role-based Access Control

Examples

• SELinux (Security-Enhanced Linux)

  • Set of controls that are installed on top of another Linux distribution like CentOS or Red Hat Linux

• Trusted Solaris

  • Offers secure, multi-level operations with MAC, detailed system audits, and data/process compartmentalization

• Trusted OS enhances security with microkernels by minimizing the trusted base and reducing attack surface and vulnerabilities

• Choosing an operating system requires balancing security with usability, performance, and functional requirements