Premium
Multilevel security in the UNIX tradition
Author(s) -
McIlroy M. D.,
Reeds J. A.
Publication year - 1992
Publication title -
software: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.437
H-Index - 70
eISSN - 1097-024X
pISSN - 0038-0644
DOI - 10.1002/spe.4380220805
Subject(s) - unix , privilege (computing) , generality , computer security , computer science , power (physics) , private information retrieval , hacker , operating system , psychology , software , psychotherapist , physics , quantum mechanics
The original UNIX system was designed to be small and intelligible, achieving power by generality rather than by a profusion of features. In this spirit we have designed and implemented IX, a multilevel‐secure variant of the Bell Labs research system. IX aims at sound, practical security, suitable for private‐and public‐sector uses other than critical national‐security applications. The major security features are: private paths for safe cooperation among privileged processes, structured management of privilege, and security labels to classify information for purposes of privacy and integrity. The labels of flies and processes are checked at every system call that involves data flow and are adjusted dynamically to assure that labels on outputs reflect labels on inputs.