This paper describes a research project to engineer a security kernel for Multics, a general-purpose, remotely accessed, multiuser computer system. The goals are to identify the minimum mechanism that must be correct to guarantee computer enforcement of desired constraints on information access, to simplify the structure of that minimum mechanism to make verification of correctness by auditing possible, and to demonstrate by test implementation that the security kernel so developed is capable of supporting the functionality of Multics completely and efficiently. The paper presents the overall viewpoint and plan for the project and discusses initial strategies being employed to define and structure the security kernel.
本文描述了一个为Multics设计安全内核的研究项目,Multics是一种通用的,远程访问的多用户计算机系统。目标是确定必须正确的最小机制,以保证计算机强制实施所需的信息访问约束条件,简化该最小机制的结构,以使通过审核的正确性验证成为可能,并通过测试实现证明安全内核如此开发的软件能够完全有效地支持Multics的功能。本文介绍了该项目的总体观点和计划,并讨论了用于定义和构造安全内核的初始策略。
机译:系统安全和系统安全工程:异同和基于ISO 26262过程框架的系统安全工程过程
机译:GRSECURITY / PAX Linux内核安全变量对ROP攻击分析
机译:GRSECURITY / PAX Linux内核安全变量对ROP攻击分析
机译:Multics内核设计项目
机译:增强虚拟化系统中的内核安全性
机译:单一玉米籽粒中黄曲霉毒素和伏马毒素的分析方法学综述以及这些方法对粮食安全的潜在影响
机译:三十年后:Multics安全评估的经验教训
机译:支持multics安全内核软件开发的工程调查,
