The DGSA: unmet information security challenges for operating system designers
ACM SIGOPS Operating Systems Review
Embedding security policies into a distributed computing environment
ACM SIGOPS Operating Systems Review
| Hi-index | 0.00 |
This paper contributes to the recent discussion on unmet information security challenges for operating system designers. It focusses on the problem that in order to meet these challenges operating systems must be capable of supporting a multitude of information domains, each domain defined by its own and individual security policy. In such multi-domain systems, the interoperability between different information domains constitutes a major problem. While the security policies of the system control the interactions within their domains, it is an unsolved problem how interactions between different domains can be made secure.In order to provide a precise foundation for the discussion of secure interdomain actions as well as for the development of concepts for their implementation, the paper proposes a classification of interdomain actions that clearly identifies two major types of interdomain actions: interactions that cause conflicts between the involved security policies and interactions for which none of the involved policies can provide any security rule. The paper concludes that in order to support multiple information domains, operating systems must be capable of classifying interdomain actions, and they must support new types of interdomain security policies that mediate security conflicts in interdomain actions and complete the set of security rules for interdomain actions. The paper concludes with a discussion of the computational complexity of interdomain action classification.