Solaris Trusted Extensions

Solaris Trusted Extensions is a set of security extensions incorporated in the Solaris 10 operating system by Sun Microsystems, featuring a mandatory access control model. It succeeds Trusted Solaris, a family of security-evaluated operating systems based on earlier versions of Solaris.

Solaris 10 5/09 is Common Criteria certified at Evaluation Assurance Level EAL4+ against the CAPP, RBACPP, and LSPP protection profiles.^[1]

Overview[edit]

Certain Trusted Solaris features, such as fine-grained privileges, are now part of the standard Solaris 10 release. Beginning with Solaris 10 11/06, Solaris now includes a component called Solaris Trusted Extensions which gives it the additional features necessary to position it as the successor to Trusted Solaris. Inclusion of these features in the mainstream Solaris release marks a significant change from Trusted Solaris, as it is no longer necessary to use a different Solaris release with a modified kernel for labeled security environments. Solaris Trusted Extensions is an OpenSolaris project.

Trusted Extensions additions and enhancements include:

Accounting
Role-Based Access Control
Auditing
Device Allocation
Mandatory Access Control Labeling

Solaris Trusted Extensions enforce a mandatory access control policy on all aspects of the operating system, including device access, file, networking, print and window management services. This is achieved by adding sensitivity labels to objects, thereby establishing explicit relationships between these objects. Only appropriate (and explicit) authorization allows applications and users read and/or write access to the objects.

The component also provides labeled security features in a desktop environment. Apart from extending support for the Common Desktop Environment from the Trusted Solaris 8 release, it delivers the first labeled environment based on GNOME.^[2] Solaris Trusted Extensions facilitate the access of data at multiple classification levels through a single desktop environment.

Solaris Trusted Extensions also delivers labeled device access and labeled network communication (through the CIPSO standard). CIPSO is used to pass security information within and between labeled zones. Solaris Trusted Extensions complies with the Federal Information Processing Standard (FIPS).

Trusted Solaris history[edit]

1999 Trusted Solaris 7
1996 Trusted Solaris 2.5.1 - ITSEC Certified for E3 / F-B1
1995 Trusted Solaris 1.2 - ITSEC Certified for E3 / F-B1
1992 SunOS Compartmented Mode Workstation 1.0 - ITSEC Certified for E3 / F-B1
1990 SunOS Multilevel Security 1.0 - TCSEC Conformance (1985 Orange Book)

References[edit]

^ "Solaris Common Criteria Certification". Sun Microsystems. Retrieved 2010-01-31.
^ "Solaris Trusted Extensions Data Sheet". Sun Microsystems. Retrieved 2007-04-02.

External links[edit]

Solaris Trusted Extensions Official Website
OpenSolaris: Solaris Trusted Extensions project
Solaris Trusted Extensions press release
Solaris at Curlie

This operating-system-related article is a stub. You can help Wikipedia by expanding it.

[securitycert-1] "Solaris Common Criteria Certification". Sun Microsystems. Retrieved 2010-01-31.

[gnometrusted-2] "Solaris Trusted Extensions Data Sheet". Sun Microsystems. Retrieved 2007-04-02.

[1]

[2]

v t e Solaris
Technologies	Direct binding Doors DTrace IPMP JumpStart mdb MPxIO SMF snoop Containers Crossbow Cluster Trusted Extensions ZFS
OpenSolaris, illumos	BeleniX Nexenta OS OpenIndiana OpenSolaris for System z SmartOS

Solaris Trusted Extensions

Overview[edit]

Trusted Solaris history[edit]

References[edit]

External links[edit]

Premium Membership

€4.95

Create a Premium Account quick and easy

Save your Favourite Pages

Listen to any page in Audio

Colour Night Mode