The Need for Secure OS
-
Increasing risk to valuable information
-
Dependence on OS protection mechanisms
-
Inadequacy of mainstream operating systems
-
Key missing feature: Mandatory Access Control (MAC)
- Administratively-set security policy
- Control over all subjects and objects in system
- Decisions based on all security-relevant information