Security

One use of the term "computer security" refers to technology that is used to implement secure operating systems. Much of this technology is based on science developed in the 1980s and used to produce what may be some of the most impenetrable operating systems ever. Though still valid, the technology is in limited use today, primarily because it imposes some changes to system management and also because it is not widely understood. Such ultra-strong secure operating systems are based on operating system kernel technology that can guarantee that certain security policies are absolutely enforced in an operating environment. An example of such a Computer security policy is the Bell-LaPadula model. The strategy is based on a coupling of special microprocessor hardware features, often involving the memory management unit, to a special correctly implemented operating system kernel. This forms the foundation for a secure operating system which, if certain critical parts are designed and implemented correctly, can ensure the absolute impossibility of penetration by hostile elements. This capability is enabled because the configuration not only imposes a security policy, but in theory completely protects itself from corruption. Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. The design methodology to produce such secure systems is precise, deterministic and logical.

Systems designed with such methodology represent the state of the art[clarification needed] of computer security although products using such security are not widely known. In sharp contrast to most kinds of software, they meet specifications with verifiable certainty comparable to specifications for size, weight and power. Secure operating systems designed this way are used primarily to protect national security information, military secrets, and the data of international financial institutions. These are very powerful security tools and very few secure operating systems have been certified at the highest level (Orange Book A-1) to operate over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only on the soundness of the design strategy, but also on the assurance of correctness of the implementation, and therefore there are degrees of security strength defined for COMPUSEC. The Common Criteria quantifies security strength of products in terms of two components, security functionality and assurance level (such as EAL levels), and these are specified in a Protection Profile for requirements and a Security Target for product descriptions. None of these ultra-high assurance secure general purpose operating systems have been produced for decades or certified under Common Criteria.

In USA parlance, the term High Assurance usually suggests the system has the right security functions that are implemented robustly enough to protect DoD and DoE classified information. Medium assurance suggests it can protect less valuable information, such as income tax information. Secure operating systems designed to meet medium robustness levels of security functionality and assurance have seen wider use within both government and commercial markets. Medium robust systems may provide the same security functions as high assurance secure operating systems but do so at a lower assurance level (such as Common Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security functions are implemented flawlessly, and therefore less dependable. These systems are found in use on web servers, guards, database servers, and management hosts and are used not only to protect the data stored on these systems but also to provide a high level of protection for network connections and routing services.

Tags:

Featured Posts
Recent Posts
Search By Tags
Follow Us
  • Facebook Classic
  • Twitter Classic
  • Google Classic
ISSA
IDAgentPartner-Logo-black
download
LA Sports Color
17_nextLA_AQUA
SCLN Logo
SilverMidmarketSolutionProvider
sophos reflexion
58316-trend-micro-box
Microsoft-Partner-Silver-Small-and-Midmarket-Cloud
mspp_trustmark150
polycom-logo-h-cmyk_highres.jpeg
silver-partner.jpg
samsung-silver.jpg
oracle.jpg
Kaspersky_Lab_logo.jpg
Dlink.jpg
AVG-Reseller-Logo-Lockup_Authorized-Reseller_Authorized-Reseller.png
Los Angeles Area Chamber of Commerce
EZworknet Logo Bold.png
Irvine Chamber of Commerce
HUBLA2.jpg
Intronis
Proud Microsoft Partner
Hewlett pACKARD.gif
Datto_Authorized_Partner_Badge.jpg
Axcient1.jpg
Hewlett pACKARD.gif
APC
Ingram Micro Distribution
Proud IBM Partners
Proud Cisco Meraki Partners
Sonicwall
Dell Sonic Wall
Protect yourself with McAfee
Microsoft Certified Professional
Samsung
Cisco Meraki
Dell Partner Direct.
Proud Lenovo Partner
AdobeRegistered

Managed Technology Support Services  | Managed Security Service Provider

Irvine | Los Angeles | Santa Monica | Palm Springs | San Diego | Santa Barbara | Inland Valleys | Temecula

Toll Free:   1-800-884-1103      |       Email:  Info@ezworknet.com

  • Facebook App Icon
  • Twitter App Icon
  • Google+ Classic
  • LinkedIn App Icon
  • Pinterest App Icon
  • YouTube Classic

© 2019 EZworknet llc

EZworknet Logo Bold.png