DOCSLIB.ORG

Virtualization in Multilevel Security Enviroments

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Virtualization in Multilevel Security Enviroments Virtualization in Multilevel Security Environments Dr. Christoph Schuba [email protected] http://blogs.sun.com/schuba 1 Agenda • Using OS Virtualization to Build MLS Architecture > OS Virtualization > Labeled Local and Remote File Systems > Trusted Desktop • Overview Trusted VirtualBox • What We Can Do Today • What We Can Do Tomorrow - 2 - Agenda • Using OS Virtualization to Build MLS Architecture > OS Virtualization > Labeled Local and Remote File Systems > Trusted Desktop • Overview Trusted VirtualBox • What We Can Do Today • What We Can Do Tomorrow - 3 - Virtualization Technologies • Type 1 - Hypervisor-based virtualization > xVM - style (think XEN) > Logical Domains (LDOM) - firmware-style, Sparc CMT • OS virtualization > Containers (aka Zones), both x64 and Sparc • Type 2 - Hypervisor-based virtualization • Desktop and network virtualization > Sunray, VDI, Crossbow, ... • Combinations! - 4 - Server Virtualization Categories Hard Partitions Virtual Machines OS Virtualization Resource Mgmt. App OS Server Multiple OS Single OS > Very High RAS > Ability to live migrate > Very scalable and low > Very scalable and low an OS overhead overhead > Very Scalable > Ability to run different > Single OS to manage > Single OS to manage > Mature Technology OS versions and types > Cleanly divides system > Fine grained resource > Ability to run different > De-couples OS and and application management OS versions HW versions administration > Fine grained resource management - 5 - Virtualization Virtualization is the idea to introduce an abstraction layer that decouples previously adjacent layers to deliver greater resource utilization and flexibility. • Layers? > application, operating system, network, storage, file system, memory, resources, etc. - 6 - A Word About the Software • Solaris vs. OpenSolaris > Initially Developer Focus, soon Enterprise > Free > Open Source > Superior prototyping Environment for Security Research – virtualization technologies, – process privileges, – fault and service management, – open storage, especially ZFS – cryptographic framework, etc. • Type-2 Hypervisor VirtualBox - 7 - Multilevel Architecture • Layered architecture Need-to- Internal know Use Public implements: > Mandatory access control Global Zone > Hierarchical labels Solaris Kernel > Principle of least privilege SPARC, x86 or x64 Hardware > Trusted path Local or Sun Ray display > Role-based access - 8 - Solaris Trusted Extensions • All objects are labeled, based on sensitivity • Access governed by label hierarchal relationship Commercial Hierarchy Government Hierarchy Executive Non-Hierarchical Management Top Secret VP and Above Secret Directors Daisy's Confidential Net Inc. Music Online Florists All Employees Solaris 10 with or w/out Classified Trusted Extensions Trusted Extensions Trusted Extensions Mandatory Access Control & Security Labels - 9 - What's Solaris Trusted Extensions? • A redesign of the Trusted Solaris product using a layered architecture. • An extension of the Solaris 10 security foundation providing access control policies based on the sensitivity/label of objects • A set of software packages integrated into the standard Solaris 10 system. • A set of label-aware services which implement multilevel security - 10 - What are Label-Aware Services? • Services which are trusted to protect multilevel information according to predefined policy • Trusted Extensions Label-aware service include: > Labeled Desktops > Labeled Printing > Labeled Networking > Labeled Filesystems > Label Configuration and Translation > System Management Tools > Device Allocation - 11 - Trusted Extensions in a Nutshell • Every object has a label associated with it > Files, windows, printers, devices, network packets, network interfaces, processes, etc... • Accessing or sharing data is controlled by the objects' label relationship to each other > 'Secret' objects do not see 'Top Secret' objects • Administrators utilize Roles for duty separation > Security admin, user admin, installation, etc... • Processes use privileges rather than root access • Strong independent certification of security - 12 - Trusted Solaris History • 1990, SunOS MLS 1.0 > Conformed to TCSEC (1985 Orange Book) • 1992, SunOS CMW 1.0 > Compartmented-mode workstation requirements > Release 1.2 ITSEC certified for FB1 E3, 1995 • 1996, Trusted Solaris 2.5 > ITSEC certified for FB1 E3, 1998 • 1999, Trusted Solaris 7 • 2000, Trusted Solaris 8 > Common Criteria: CAPP, RBACPP, LSPP at EAL4+ • 2008, Solaris 10 Trusted Extensions > Common Criteria: CAPP, RBACPP, LSPP at EAL4+ - 13 - Solaris™ Trusted Extensions Trusted Solaris 8 Trusted Extensions Label- Label- Trusted Trusted Trusted Trusted Aware Aware Networking Desktop Networking Desktop Services Services Modified Process Trusted's Process Containment TCP/IP Containment Privileges TCP/IP [Labels] Privileges [Zones] Solaris 10* ●Benefits: ● Software portability ● Patch compatibility ● Shorter release window ● More familiar - 14 - Integration of Trusted Extensions • Leveraging Solaris functionality: > Process & User Rights Management, auditing, zones > Make use of existing Solaris kernel enhancements • Elimination of patch redundancy: > All Solaris patches apply, hence available sooner > No lag in hardware platform availability • Extend Solaris Application Guarantee • Full hardware and software support > File systems (UFS, VxFS, ZFS, SAM-FS, QFS, etc.) > Processors (SPARC, x86, AMD64) > Infrastructure (Cluster, Grid, Directory, etc.) - 15 - Labeled Zones in Trusted Extensions • Each zone provides a security boundary > Unique sensitivity label per zone > Labels are implied by process zone IDs > Processes and data are isolated by label • No object is writable by more than one zone > Mount policy prevents writing down or reading up > Network policy requires endpoint label equality (default) • Information sharing between zones is based on label relationships - 16 - Solaris Kernel Services • Multilevel Networking Need-to- Internal Public know Use • Filesystem mount policy Global Zone • Containment (zones) Solaris Kernel > Processes SPARC, x86 or x64 Hardware > Devices Local or Sun Ray display > Resource Pools - 17 - Multilevel Services • Label Policy Administration Need-to- Internal Public know Use • Name Services • Labeled Printing Global Zone • File relabeling Solaris Kernel • Device Allocation SPARC, x86 or x64 Hardware • Labeled Windows Local or Sun Ray display • Single Sign-on - 18 - Single Level Applications • Application Launchers Need-to- Internal Public know Use • Windows XP Remote Desktop Global Zone • Mozilla Solaris Kernel • StarOffice • CDE or Java SPARC, x86 or x64 Hardware Local or Sun Ray display Desktop System - 19 - Agenda • Using OS Virtualization to Build MLS Architecture > OS Virtualization > Labeled Local and Remote File Systems > Trusted Desktop • Overview Trusted VirtualBox • What We Can Do Today • What We Can Do Tomorrow - 20 - Filesystem MAC policies • Labels derived from a filesystem owner's label • Mount policy is always enforced > No reading-up – Read-write mounts require label equality in labeled zones > Reading-down – Read-only mounts require dominance by client – Can be restricted via zone's limit set and network label range > Writing-up – Cannot write-up to regular files – Limited write-up to label-aware services (via TCP and doors) > Writing-down – Restricted to privileged label-aware global zone services - 21 - Labeled Filesystems Global Zone / • Read-only zone usr access to lower- need-to-know internal public level directories root root root Need to know Internal Zone Public Zone • Supports all Zone export export export filesystem types • Both local and NFS filesystems • Administered y h c r a r ADMIN_HIGH Legend e via Global Zone i NEED TO KNOW H Subdirectory l INTERNAL USE ONLY e b PUBLIC a Loopback Mount L ADMIN_LOW - 22 - Labeled Filesystems Global Zone / • Read-only zone usr access to lower- need-to-know internal public level directories root root root Need to know Internal Zone Public Zone • Supports all Zone export usr export usr export usr filesystem types • Both local and NFS filesystems • Administered y h c r a r ADMIN_HIGH Legend e via Global Zone i NEED TO KNOW H Subdirectory l INTERNAL USE ONLY e b PUBLIC a Loopback Mount L ADMIN_LOW - 23 - Labeled Filesystems Global Zone / • Read-only zone usr access to lower- need-to-know internal public level directories root root root Need to know Internal Zone Public Zone • Supports all Zone export zone usr export usr export usr filesystem types internal • Both local and NFS filesystems export • Administered y h c r a r ADMIN_HIGH Legend e via Global Zone i NEED TO KNOW H Subdirectory l INTERNAL USE ONLY e b PUBLIC a Loopback Mount L ADMIN_LOW - 24 - Labeled Filesystems Global Zone / • Read-only zone usr access to lower- need-to-know internal public level directories root root root Need to know Internal Zone Public Zone • Supports all Zone export zone usr export zone usr export usr filesystem types internal public public • Both local and NFS filesystems export export export • Administered y h c r a r ADMIN_HIGH Legend e via Global Zone i NEED TO KNOW H Subdirectory l INTERNAL USE ONLY e b PUBLIC a Loopback Mount L ADMIN_LOW - 25 - NFS Support for Zones • NFS clients: > Each zone has its own automounter > Kernel enforces MAC policy for NFS mounts • NFS servers: > Per-zone sharing policy set in global zone > Kernel enforces MAC policy for NFS requests • The global zone administrator can export filesystems from labeled zones > Each export must be a single-level
Load more

Recommended publications
  • New/Usr/Src/Cmd/Mdb/Common
    new/usr/src/cmd/mdb/common/modules/genunix/findstack.c 1 new/usr/src/cmd/mdb/common/modules/genunix/findstack.c 2 ********************************************************** 642 return (DCMD_USAGE); 21346 Thu Feb 18 08:40:37 2016 new/usr/src/cmd/mdb/common/modules/genunix/findstack.c 644 if (interesting) { 6583 remove whole-process swapping 645 if (sobj != NULL || excl_sobj != NULL || ********************************************************** 646 tstate_str != NULL || excl_tstate_str != NULL) { ______unchanged_portion_omitted_ 647 mdb_warn( 648 "stacks: -i is incompatible with -[sStT]\n"); 583 /*ARGSUSED*/ 649 return (DCMD_USAGE); 584 int 650 } 585 stacks(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv) 651 excl_sobj = "CV"; 586 { 652 excl_tstate_str = "FREE"; 587 size_t idx; 653 } 589 char *seen = NULL; 655 if (caller_str != NULL) { 656 mdb_set_dot(0); 591 const char *caller_str = NULL; 657 if (mdb_eval(caller_str) != 0) { 592 const char *excl_caller_str = NULL; 658 mdb_warn("stacks: evaluation of \"%s\" failed", 593 uintptr_t caller = 0, excl_caller = 0; 659 caller_str); 594 const char *module_str = NULL; 660 return (DCMD_ABORT); 595 const char *excl_module_str = NULL; 661 } 596 stacks_module_t module, excl_module; 662 caller = mdb_get_dot(); 597 const char *sobj = NULL; 663 } 598 const char *excl_sobj = NULL; 599 uintptr_t sobj_ops = 0, excl_sobj_ops = 0; 665 if (excl_caller_str != NULL) { 600 const char *tstate_str = NULL; 666 mdb_set_dot(0); 601 const char *excl_tstate_str = NULL; 667 if (mdb_eval(excl_caller_str) !=
    [Show full text]
  • Ubuntu Kung Fu
    Prepared exclusively for Alison Tyler Download at Boykma.Com What readers are saying about Ubuntu Kung Fu Ubuntu Kung Fu is excellent. The tips are fun and the hope of discov- ering hidden gems makes it a worthwhile task. John Southern Former editor of Linux Magazine I enjoyed Ubuntu Kung Fu and learned some new things. I would rec- ommend this book—nice tips and a lot of fun to be had. Carthik Sharma Creator of the Ubuntu Blog (http://ubuntu.wordpress.com) Wow! There are some great tips here! I have used Ubuntu since April 2005, starting with version 5.04. I found much in this book to inspire me and to teach me, and it answered lingering questions I didn’t know I had. The book is a good resource that I will gladly recommend to both newcomers and veteran users. Matthew Helmke Administrator, Ubuntu Forums Ubuntu Kung Fu is a fantastic compendium of useful, uncommon Ubuntu knowledge. Eric Hewitt Consultant, LiveLogic, LLC Prepared exclusively for Alison Tyler Download at Boykma.Com Ubuntu Kung Fu Tips, Tricks, Hints, and Hacks Keir Thomas The Pragmatic Bookshelf Raleigh, North Carolina Dallas, Texas Prepared exclusively for Alison Tyler Download at Boykma.Com Many of the designations used by manufacturers and sellers to distinguish their prod- ucts are claimed as trademarks. Where those designations appear in this book, and The Pragmatic Programmers, LLC was aware of a trademark claim, the designations have been printed in initial capital letters or in all capitals. The Pragmatic Starter Kit, The Pragmatic Programmer, Pragmatic Programming, Pragmatic Bookshelf and the linking g device are trademarks of The Pragmatic Programmers, LLC.
    [Show full text]
  • Sun Ray Server Software 4.2 Installation and Configuration Guide (Solaris)
    Sun Ray Server Software 4.2 Installation and Configuration Guide (Solaris) April 2011 Sun Ray Server Software 4.2 Installation and Configuration Guide (Solaris) Copyright © 2011, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]
  • Openoffice.Org News Highlights Table of Contents Octo Ber 2004
    OpenOffice.org News Highlights Table of Contents Octo ber 2004 ................................................................................................ R eplacing FrameMaker with OOo Writer ............................................................................................. Ger mans claim Linux lowers costs ......................................................................................................... Ope n approach offers Mindef more choice ............................................................................................ Ball mer calls for horse-based attack on Star Office ............................................................................... Ope n for Business - The 2004 OfB Choice Awards .............................................................................. Sep tember 2004 ............................................................................................ Ope nOffice.org reveals marketing ambitions ......................................................................................... No nprofit brings Linux and open source to Hawaii ............................................................................... UK charity builds Linux network on a shoestring .................................................................................. N SW opens door to Linux offers ............................................................................................................ L eading Edge Forum Report 2004 - Open Source: Open for Business .................................................
    [Show full text]
  • Sun Microsystems Solaris 10 What's
    Solaris 10 What’s New Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. Part No: 817–0547–15 January 2005 Copyright 2005 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved. This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, docs.sun.com, AnswerBook, AnswerBook2, SunVTS, Java, J2SE, J2EE, JavaServer, JumpStart, Sun Fire, StarOffice, Sun Blade, Sun Ray, Solstice Enterprise Agents, CacheFS, Sun StorEdge, and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. FireWire is a trademark of Apple Computer, Inc., used under license. Netscape and Netscape Navigator are trademarks or registered trademarks of Netscape Communications Corporation. Mozilla is a trademark or registered trademark of Netscape Communications Corporation in the United States and other countries.
    [Show full text]
  • NSA Security-Enhanced Linux (Selinux)
    Integrating Flexible Support for Security Policies into the Linux Operating System http://www.nsa.gov/selinux Stephen D. Smalley [email protected] Information Assurance Research Group National Security Agency ■ Information Assurance Research Group ■ 1 Outline · Motivation and Background · What SELinux Provides · SELinux Status and Adoption · Ongoing and Future Development ■ Information Assurance Research Group ■ 2 Why Secure the Operating System? · Information attacks don't require a corrupt user. · Applications can be circumvented. · Must process in the clear. · Network is too far. · Hardware is too close. · End system security requires a secure OS. · Secure end-to-end transactions requires secure end systems. ■ Information Assurance Research Group ■ 3 Mandatory Access Control · A ªmissing linkº of security in current operating systems. · Defined by three major properties: ± Administratively-defined security policy. ± Control over all subjects (processes) and objects. ± Decisions based on all security-relevant information. ■ Information Assurance Research Group ■ 4 Discretionary Access Control · Existing access control mechanism of current OSes. · Limited to user identity / ownership. · Vulnerable to malicious or flawed software. · Subject to every user©s discretion (or whim). · Only distinguishes admin vs. non-admin for users. · Only supports coarse-grained privileges for programs. · Unbounded privilege escalation. ■ Information Assurance Research Group ■ 5 What can MAC offer? · Strong separation of security domains · System, application, and data integrity · Ability to limit program privileges · Processing pipeline guarantees · Authorization limits for legitimate users ■ Information Assurance Research Group ■ 6 MAC Implementation Issues · Must overcome limitations of traditional MAC ± More than just Multi-Level Security / BLP · Policy flexibility required ± One size does not fit all! · Maximize security transparency ± Compatibility for applications and existing usage.
    [Show full text]
  • An Access Control Model for Preventing Virtual Machine Escape Attack
    future internet Article An Access Control Model for Preventing Virtual Machine Escape Attack Jiang Wu ,*, Zhou Lei, Shengbo Chen and Wenfeng Shen School of Computer Engineering and Science, Shanghai University, Shanghai 200444, China; [email protected] (Z.L.); [email protected] (S.C.); [email protected] (W.S.) * Correspondence: [email protected]; Tel: +86-185-0174-6348 Academic Editor: Luis Javier Garcia Villalba Received: 26 March 2017; Accepted: 23 May 2017; Published: 2 June 2017 Abstract: With the rapid development of Internet, the traditional computing environment is making a big migration to the cloud-computing environment. However, cloud computing introduces a set of new security problems. Aiming at the virtual machine (VM) escape attack, we study the traditional attack model and attack scenarios in the cloud-computing environment. In addition, we propose an access control model that can prevent virtual machine escape (PVME) by adapting the BLP (Bell-La Padula) model (an access control model developed by D. Bell and J. LaPadula). Finally, the PVME model has been implemented on full virtualization architecture. The experimental results show that the PVME module can effectively prevent virtual machine escape while only incurring 4% to 8% time overhead. Keywords: virtual security; virtual machine escape; access control; BLP model; PVME model 1. Introduction Cloud computing treats IT resources, data and applications as a service provided to the user through network, which is a change in the way of how data is modeled. Currently, the world’s leading IT companies have developed and published their own cloud strategies, such as Google, Amazon, and IBM.
    [Show full text]
  • Solaris 10 End of Life
    Solaris 10 end of life Continue Oracle Solaris 10 has had an amazing OS update, including ground features such as zones (Solaris containers), FSS, Services, Dynamic Tracking (against live production operating systems without impact), and logical domains. These features have been imitated in the market (imitation is the best form of flattery!) like all good things, they have to come to an end. Sun Microsystems was acquired by Oracle and eventually, the largest OS known to the industry, needs to be updated. Oracle has set a retirement date of January 2021. Oracle indicated that Solaris 10 systems would need to raise support costs. Oracle has never provided migratory tools to facilitate migration from Solaris 10 to Solaris 11, so migration to Solaris has been slow. In September 2019, Oracle decided that extended support for Solaris 10 without an additional financial penalty would be delayed until 2024! Well its March 1 is just a reminder that Oracle Solaris 10 is getting the end of life regarding support if you accept extended support from Oracle. Combined with the fact gdpR should take effect on May 25, 2018 you want to make sure that you are either upgraded to Solaris 11.3 or have taken extended support to obtain any patches for security issues. For more information on tanningix releases and support dates of old and new follow this link ×Sestive to abort the Unix Error Operating System originally developed by Sun Microsystems SolarisDeveloperSun Microsystems (acquired by Oracle Corporation in 2009)Written inC, C'OSUnixWorking StateCurrentSource ModelMixedInitial release1992; 28 years ago (1992-06)Last release11.4 / August 28, 2018; 2 years ago (2018-08-28)Marketing targetServer, PlatformsCurrent: SPARC, x86-64 Former: IA-32, PowerPCKernel typeMonolithic with dynamically downloadable modulesDefault user interface GNOME-2-LicenseVariousOfficial websitewww.oracle.com/solaris Solaris is the own operating system Of Unix, originally developed by Sunsystems.
    [Show full text]
  • Sun Ray Server Software 4.2 Installation and Configuration Guide (Linux)
    Sun Ray Server Software 4.2 Installation and Configuration Guide (Linux) April 2011 Sun Ray Server Software 4.2 Installation and Configuration Guide (Linux) Copyright © 2011, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]
  • Solaris Zones: Operating System Support for Consolidating Commercial Workloads Daniel Price and Andrew Tucker – Sun Microsystems, Inc
    Solaris Zones: Operating System Support for Consolidating Commercial Workloads Daniel Price and Andrew Tucker – Sun Microsystems, Inc. ABSTRACT Server consolidation, which allows multiple workloads to run on the same system, has become increasingly important as a way to improve the utilization of computing resources and reduce costs. Consolidation is common in mainframe environments, where technology to support running multiple workloads and even multiple operating systems on the same hardware has been evolving since the late 1960’s. This technology is now becoming an important differentiator in the UNIX and Linux server market as well, both at the low end (virtual web hosting) and high end (traditional data center server consolidation). This paper introduces Solaris Zones (zones), a fully realized solution for server consolidation projects in a commercial UNIX operating system. By creating virtualized application execution environments within a single instance of the operating system, the facility strikes a unique balance between competing requirements. On the one hand, a system with multiple workloads needs to run those workloads in isolation, to ensure that applications can neither observe data from other applications nor affect their operation. It must also prevent applications from over-consuming system resources. On the other hand, the system as a whole has to be flexible, manageable, and observable, in order to reduce administrative costs and increase efficiency. By focusing on the support of multiple application environments rather than multiple operating system instances, zones meets isolation requirements without sacrificing manageability. Introduction mutually incompatible when run on the same server. In one real-world example, two poorly written appli- Within many IT organizations, driving up system utilization (and saving money in the process) has cations at a customer site both wanted to bind a net- become a priority.
    [Show full text]
  • 1 Establishment of the First Java 3DTM Enabled CAVE a Whitepaper
    Establishment of the first Java 3DTM enabled CAVEÒ1 A Whitepaper Christoph W. Sensen, University of Calgary, Sun Center of Excellence for Visual Genomics Jeff Brum, Fakespace Systems, Kitchener, Ontario Paul Gordon, University of Calgary, Sun Center of Excellence for Visual Genomics Mark Hood, Sun Microsystems, Palo Alto, CA Gary Lindahl, Fakespace Systems, Kitchener, Ontario Michael Schulman, Sun Microsystems, Palo Alto, CA Chris Spindler, Sun Microsystems of Canada, Calgary, Alberta Megan Stuart, Sun Microsystems of Canada, Calgary, Alberta Stefan Unger, Sun Microsystems, Palo Alto, CA 1 Ò CAVE is a registered trademark of the University of Illinois Board of Trustees 1 Introduction The name "CAVE" is a recursive acronym (CAVE Automatic Virtual Environment). The CAVE was researched and developed by the Electronic Visualization Laboratory, at the University of Illinois at Chicago2 as a tool for scientific visualization. Since it's premiere at the 1992 SIGGRAPH conference, the CAVE has achieved international recognition as the pinnacle of immersive virtual reality system technology, providing a compelling display environment for science, engineering, and art. The intent of the CAVE is to facilitate “suspension of disbelief” by making the virtual environment as realistic as possible. The quality of the graphical images is of paramount importance to realism. Depending upon the model or environment being explored, the speed of the computer’s graphic system will affect the speed of image update. The layout of the physical CAVE structure itself (typically at least three walls with a 270 degree angle and a floor display) will also affect the sense of virtual presence. Today, the CAVE technology has been commercialized and is marketed by Fakespace Systems Inc.
    [Show full text]
  • Multilevel Security (MLS)
    Multilevel Security (MLS) Database Security and Auditing Multilevel Security (MLS) Definition and need for MLS – Security Classification – Secrecy-Based Mandatory Policies: Bell- LaPadula Model – Integrity-based Mandatory Policies: The Biba Model – Limitation of Mandatory Policies Hybrid Policies – The Chinese Wall Policy Definition and need for MLS Multilevel security involves a database in which the data stored has an associated classification and consequently constraints for their access MLS allows users with different classification levels to get different views from the same data MLS cannot allow downward leaking, meaning that a user with a lower classification views data stored with a higher classification Definition and need for MLS Usually multilevel systems are with the federal government Some private systems also have multilevel security needs MLS relation is split into several single-level relations, A recovery algorithm reconstructs the MLS relation from the decomposed single-level relations At times MLS updates cannot be completed because it would result in leakage or destruction of secret information Definition and need for MLS In relational model, relations are tables and relations consist of tuples (rows) and attributes (columns) Example: Consider the relation SOD(Starship, Objective, Destination) Starship Objective Destination Enterprise Exploration Talos Voyager Spying Mars Definition and need for MLS The relation in the example has no classification associated with it in a relational model The same example in MLS with
    [Show full text]