Operating System Security
-
Why secure the OS?
- Increasing risk to valuable information
- Information attacks don’t require a corrupt
user
- Applications can be circumvented
- Must process in the clear
- Network too far/Hardware too close
-
Key missing feature: Mandatory Access Control (MAC)
- Administratively-set security policy
- Control over all processes and objects
- Decisions based on all security-relevant information