一、Flask体系结构 嵌入式系统实验室 EMBEDDED SYSTEM LABORATORY SUZHOU INSTITUTE FOR ADVANCED STUDY OF USTC
一、Flask体系结构
Flask history In 1992 1993,researchers at the NSA and SCC worked on the design and implementation of DTMach,an outgrowth of the TMach project and the LOCK project. >DTMach integrated a generalization of type enforcement,a flexible access control mechanism,into the Mach microkernel. The DTMach project was continued in the DTOS p project The DTOS project improved upon the earlier design and implementation work,yielding a prototype that was released to universities for research (e.g.Secure Transactional Resources,DX). Science and Technol 嵌入式系统实验室 EMBEDDED SYSTEM LABORATORY From:http://www.cs.utah.edu/flux/fluke/html/flask.html SUZHOU INSTITUTE FON ADVANCED STUDY OF USTC
Flask history ❖ In 1992 & 1993, researchers at the NSA and SCC worked on the design and implementation of DTMach, an outgrowth of the TMach project and the LOCK project. ➢ DTMach integrated a generalization of type enforcement, a flexible access control mechanism, into the Mach microkernel. ❖ The DTMach project was continued in the DTOS project. ❖ The DTOS project improved upon the earlier design and implementation work, yielding a prototype that was released to universities for research (e.g. Secure Transactional Resources, DX). From:http://www.cs.utah.edu/flux/fluke/html/flask.html
After the DTOS project,a new joint effort was started by the NSA,SCC,and the University of Utah's Flux project to transfer the DTOS security architecture into the Fluke research OS. During the integration,the architecture was enhanced to provide better support for dynamic security policies It was named Flask. Flask:Flux Advanced Security Kernel Flask was ported to: >OSKit > Security-Enhanced Linux Cce and Technology o 嵌入式系统实验室 EMBEDDED SYSTEM LABORATORY SUZHOU INSTITUTE FON ADVANCED STUDY OF USTC
❖ After the DTOS project, a new joint effort was started by the NSA, SCC, and the University of Utah's Flux project to transfer the DTOS security architecture into the Fluke research OS. ❖ During the integration, the architecture was enhanced to provide better support for dynamic security policies ❖ It was named Flask. ➢ Flask: Flux Advanced Security Kernel ❖ Flask was ported to: ➢ OSKit ➢ Security-Enhanced Linux
论文 Ray Spencer,et al.,The flask security architecture: system support for diverse security policies,in Proceedings of the 8th conference on USENIX Security Symposium-Volume 8.1999,USENIX Association:Washington,D.C. FLASK Science and technologvorc Flux Advanced Security Kernel 嵌入式系统实验室 EMBEDDED SYSTEM LABORATORY SUZHOU INSTITUTE FON ADVANCED STUDY OF USTC
论文 ❖Ray Spencer, et al., The flask security architecture: system support for diverse security policies, in Proceedings of the 8th conference on USENIX Security Symposium - Volume 8. 1999, USENIX Association: Washington, D.C. FLASK Flux Advanced Security Kernel
The Flask Security Architecture: System Support for Diverse Security Policies Ray Spencer Secure Computing Corporation Stephen Smalley,Peter Loscocco National Security Agency Mike Hibler,David Andersen,Jay Lepreau University of Utah 参考了Jim Stevens的ppt 嵌入式系统实验室 EMBEDDED SYSTEM LABORATORY SUZHOU INSTITUTE FOR ADVANCED STUDY OF USTC
The Flask Security Architecture: System Support for Diverse Security Policies Ray Spencer Secure Computing Corporation Stephen Smalley, Peter Loscocco National Security Agency Mike Hibler, David Andersen, Jay Lepreau University of Utah 参考了Jim Stevens的ppt