Computer Engineering & Science >
Design and Implementation of Trusted Paths
Received date: 2009-05-12
Revised date: 2009-08-26
Online published: 2011-06-25
The trusted path provides a way for users to authenticate computer systems so that they are assured the systems are not tampered and malicious code such as Trojan Horses couldn't steal their passwords or intercept their sessions. The paper first puts forward a complete design of trusted paths, which aims at Unixlike operating systems and consists of two parts: trusted login and trusted session, and both parts should handle the situations of console interface and graphical interface respectively. And also in accordance with the trusted path, an operating system is divided into four states and a secure attention key will lead to state transitions. With the relation of these states, the design can be more easily mapped into real operating systems. And then the paper gives an implementation through a secure attention key which invokes a trusted path between the user and the system in the FreeBSD operating system. With the trusted paths, FreeBSD can provide a much more secure operating environment for its users.
CHEN Songzheng,WEI Lifeng . Design and Implementation of Trusted Paths[J]. Computer Engineering & Science, 2011 , 33(6) : 21 -25 . DOI: 10.3969/j.issn.1007130X.2011.
[1]Trusted Computer Systems Evaluation Criteria[S]. US DoD 5200.28STD,1985.
[2]Common Criteria for Information Technology Security Evaluation Part 1: Introduction and General Model[S]. Version 2.1. CCIMB99031,1999.
[3]Common Criteria for Information Technology Security Evaluation Part 2: Security Functional Requirements[S]. Version 2.1. CCIMB99032,1999.
[4]Russinovich M E, Solomon D A. Microsoft Windows Internals[M].Fourth Ed.Microsoft Press,2004.
[5]Linux Kernel Documentation: Secure Attention Key (SAK) Handling[EB/OL].[20091010].http://www.kernel.org/pub/linux/kernel/v2.6/linux2.6.29.1.bz2.
[6]Linux Kernel Documentation: Linux Magic System Request Key Hacks[EB/OL].[20091010]. http://www.kernel.org/pub/linux/kernel/v2.6/linux2.6.29.1.bz2.
[7]Watson R. TrustedBSD:Adding Trusted Operating System Features to FreeBSD[C]∥Proc of 2001 USENIX Annual Technical Conf, 2001:1528.
[8]Watson R, Morrison W, Vance C, et al. The TrustedBSD MAC Framework: Extensible Kernel Access Control for FreeBSD 5.0[C]∥Proc of USENIX Annual Technical Conf, 2003:285296.
[9]Vance C, Watson R. Security Enhanced BSD[R]. Network Associates Laboratories Technical Report, 2003.
[10]Badger L, Sterne D, Sherman D, et al. A Domain and Type Enforcement UNIX Prototype[J]. Computing Systems,1996,9(1):4783.
/
| 〈 |
|
〉 |