Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Solaris Trusted Extensions User's Guide
Previous Next

Trusted Extensions Protects Against Intruders

Trusted Extensions software adds features to the Solaris OS that protect against intruders. Trusted Extensions also relies on some Solaris features, such as password protection. Trusted Extensions adds a password change GUI for roles. Auditing is enabled by default.

Access to the Trusted Computing Base Is Limited

The term trusted computing base (TCB) refers to the part of the Trusted Extensions software that handles events that are relevant to security. The TCB includes software, hardware, firmware, documentation, and administrative procedures. Utilities and application programs that can access security-related files are all part of the TCB. Your administrator sets limits on all potential interactions that you can have with the TCB. Such interactions include programs that you need to perform your job, files that you are allowed to access, and utilities that can affect security.

Mandatory Access Control Protects Information

If an intruder manages to successfully log in to the system, further obstacles prevent access to information. Files and other resources are protected by access control. As in the Solaris OS, access control can be set by the owner of the information. In Trusted Extensions, access is also controlled by the system. For details, see Trusted Extensions Provides Discretionary and Mandatory Access Control.

Peripheral Devices Are Protected

In Trusted Extensions, administrators control access to local peripheral devices such as tape drives, CD-ROM drives, printers, and microphones. Access can be granted on a user-by-user basis. The software restricts access to peripheral devices as follows:

  • By default, devices must be allocated for use.

  • You must be authorized to access devices that control removable media.

  • Remote users cannot use local devices such as microphones or CD-ROM drives. Only local users can allocate a device.

Programs That Spoof Users Are Prevented

To “spoof” means to imitate. Intruders sometimes spoof login or other legitimate programs to intercept passwords or other sensitive data. Trusted Extensions protects you from hostile spoofing programs by displaying the following trusted symbol, a clearly recognizable, tamper-proof icon at the bottom of the screen.

Figure 1-2 Trusted Symbol
Illustration shows the Trusted Symbol.

This symbol is displayed whenever you interact with the trusted computing base (TCB). The presence of the symbol ensures the safety of performing security-related transactions. No visible symbol indicates a potential security breach. The following figure shows the trusted symbol.

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire