Security Fundamentals: Models Trent Jaeger

Total Page:16

File Type:pdf, Size:1020Kb

Security Fundamentals: Models Trent Jaeger Trent Jaeger -- Background Security Fundamentals: Models Graduated from UM with PhD – Flexible Control of Downloaded Executable Content – Research Thread That Led to Java 2 Security Model IBM TJ Watson Research Center 1996-Present – Operating Systems Research 1996-2001 Trent Jaeger L4 microkernel-based systems: L4Linux, Lava, JavaOS, SawMill Security policy: graphical access control, constraint models January 12, 2004 – Systems Security Research 2001-Present Linux Security: based on the Linux Security Modules framework Linux Security Analysis Project: source code and policy analysis – www.research.ibm.com/vali Conference chair, programming chair of ACM SACMAT, CCS PC member of IEEE S&P, USENIX, ESORICS, etc. Why are we still talking about access Access Control control? Determine whether a principal can perform An access control policy is a specification for an a requested operation on a target object access decision function Principal: user, process, etc. The policy aims to achieve – Permit the principal’s intended function (availability) Operation: read, write, etc. – Ensure security properties are met (integrity, confidentiality) Object: file, tuple, etc. Limit to “Least Privilege,” Protect system integrity, Prevent Lampson defined the familiar access matrix unauthorized leakage, etc. and its two interpretations ACLs and Also known as ‘constraints’ capabilities [Lampson70] – Enable administration of a changeable system (simplicity) “Simple” example Access Control is Hard Because Prof Alice manages access to course objects Access control requirements are domain-specific – Assign access to individual (principal: Bob) – Generic approaches over-generalize – Assign access to aggregate (course-students) – Associate access to relation (students(course)) Access control requirements can change – Assign students to project groups (student(course, project, group)) – Anyone could be an administrator Prof Alice wants certain guarantees The Safety Problem [HRU76] – Students cannot modify objects written by Prof Alice – Can only know what is leaked right now – Students cannot read/modify objects of other groups Prof Alice must be able to maintain access policy Access is fail-safe, but Constraints are not – Ensure that individual rights do not violate guarantees – And constraints must restrict all future states – However, exceptions are possible – students may distribute their results from previous assignments for an exam 1 Compare to Other CS Problems Reference Monitor Model Entry Points Processor design System – Hard, but can get some smart people together to construct Interface one, fixed, testable design Access Hook Network protocol design Authorize Request? – TCP: A small number of control parameters necessary to manage all reasonable options, within a layered architecture – Constraints, such as DDoS, are ad hoc Security-sensitive Access Operation Access Monitor Hook Software design Hook Policy – Specific goals in mind to achieve function, constraints are ad hoc Security-sensitive Security-sensitive Operation Operation Yes/No Reference Monitor Components Access Control Models Interface Basic Access Matrix – Where to make access control decisions (mediation) – UNIX, ACL, various capability systems – Which access control decisions to make (authorization) Aggregated Access Matrix – Linux Security Modules interface – TE, RBAC, groups and attributes, parameterized Plus Domain Transitions Decision function – DTE, SELinux, Java – Compute decision based on request and policy Lattice Access Control Models – E.g., SELinux, LIDS, DTE, etc. modules – Bell-LaPadula, Biba, Denning Policy – our focus today Predicate Models – How to represent access control policy – ASL, OASIS, domain-specific models, many others – Main mechanism issue – find mechanism to enable verification Safety Models that policy achieves function and meets security guarantees – Take-grant, Schematic Protection Model, Typed Access Matrix Need for Aggregate Models (RBAC) Type Enforcement [BoebertKain84] Practical ease of specification – Abstraction for users, permissions, constraints, administration Permission Natural access control aggregations – based on Assignment Object organizational roles User – As new employees join, their permission assignments are Subject Type Can determined by their job Type Type Access Object Type Object – Permission assignment is largely static User (Subject) To Perform Operations (Object) Central control and maintenance of access rights On Objects Flexible enough to enforce User – least privilege, separation of duties, etc. Object 2 Group and Attributes Role-based Access Control User-Role Assignment Perm-Role Assignment Permission Role Assignment Object Perm Object User User User Group Has Users in Role Can User Access To Objects Access Objects Using Attribute Object Permissions Perm Object User Group With the Attribute User User Object User Perm Object Role vs. Types Data Structures Role-based Access Control Model RBAC Users: U – U: set of users Permissions: P – P: set of permissions Roles: R Type Enforcement – E: set of subjects or objects Assignments: User-role, perm-role, role-role – Permission Assignment Sessions: S ST: set of subject types Function: user(S), roles(S) OT: set of object types O: set of operations Constraints: C RBAC Family of Models Hierarchies and Constraints Role hierarchy RBAC0 contains all but hierarchies and constraints – Problem: does organizational hierarchy correspond to a RBAC1 contains RBAC0 and hierarchies permission inheritance hierarchy? – Problem: do organizational roles make sense for building RBAC2 contains RBAC0 and constraints hierarchies? RBAC3 contains all Constraints – Problem: constraints apply to all states, so they require a predicate The RBAC family idea has always been more a calculus in general NIST initiative – Problem: Only certain types of constraints can effectively be administered? Mutual exclusion, separation of duty, cardinality, The RBAC families are present in the NIST RBAC etc. standard [NIST2001] with slight modifications: Conflicts – RBAC0, RBAC1 (options), RBAC3 (SSD) , RBAC3 (DSD) – May find other concepts useful for resolving conflicts between constraints and hierarchies/assignments 3 Administration Does RBAC Achieve Its Goals? Discretionary Access Control Practical ease of specification – Clear base model – need more help for constraints, admin – Users (typically object owner) can decide Natural access control aggregations – based on permission assignments organizational roles Mandatory Access Control – In some cases, but not clear that organizational roles help with permission assignment – particularly with inheritance – System administrator decides on permission assignments Central control and maintenance of access rights – Central view is a selling feature of products, but a single Flexible Administrative Management view of all can be complex (layering?) – Access control models can be used to express Flexible enough to enforce – Flexible access control expression, but difficult to determine administrative privileges if we enforce our security goals (constraints) RBAC Products Safety Problem [HRU76] Determine if an unauthorized permission is leaked given SUN Solaris – An initial set of permissions and Sybase SQL Server – An access control system, mainly administrative operations For a traditional approach, the safety problem is undecidable BMC INCONTROL for Security Management – Access matrix model with multi-operational commands – Main culprit is create – create object/subject with own rights Systor Security Administration Manager – Prove reduction of a Turing machine to the multi-operational access matrix system Tivoli TME Security Management Result led to – Safe, but limited models: take-grant, schematic protection model, Computer Associates Protect IT typed access matrix model – Further support for models in which the constraints are implicit in the Siemens rbacDirX model – e.g., lattice models – Check safety on each policy change – constraint approach of RBAC Lattice Access Control Models Security Levels and Policies Read/writeRead/write Subjects and Objects have security levels and Dominance L:1 optional categories 1 > 2 > 3 Read Write Confidentiality Policy (e.g., Bell-LaPadula) – Simple property: may read only if the subject’s security level BLP Operations dominates the object’s security level (read-down) Biba Operations L:2 – *-property: may write only if the subject’s security level is Read Write dominated by the object’s security level (write-up) – Tranquility property: may not change the security level of an object concurrent to its use L:3 Integrity Policy – Biba is the dual of BLP for integrity 4 Purpose of BLP and Biba Denning’s Lattice Model BLP Formalizes information flow models – Prevent Trojan horses from leaking information to lower security – FM = {N, P,SC,,} levels Shows that the information flow model instances form a lattice – Mandatory access control and implicit constraints – {SC, } is a partial ordered set, Biba – SC is finite, – Prevent low integrity information flows to higher integrity processes – SC has a lower bound, – E.g., code, configuration, user requests, buffer overflows – and is a lub operator Categories/Compartments for separation within levels Implicit and explicit information flows Safety is implicit in the model Semantics for verifying that a configuration is secure – No additional constraints are needed to express security Static and dynamic binding
Recommended publications
  • Ebook - Informations About Operating Systems Version: August 15, 2006 | Download
    eBook - Informations about Operating Systems Version: August 15, 2006 | Download: www.operating-system.org AIX Internet: AIX AmigaOS Internet: AmigaOS AtheOS Internet: AtheOS BeIA Internet: BeIA BeOS Internet: BeOS BSDi Internet: BSDi CP/M Internet: CP/M Darwin Internet: Darwin EPOC Internet: EPOC FreeBSD Internet: FreeBSD HP-UX Internet: HP-UX Hurd Internet: Hurd Inferno Internet: Inferno IRIX Internet: IRIX JavaOS Internet: JavaOS LFS Internet: LFS Linspire Internet: Linspire Linux Internet: Linux MacOS Internet: MacOS Minix Internet: Minix MorphOS Internet: MorphOS MS-DOS Internet: MS-DOS MVS Internet: MVS NetBSD Internet: NetBSD NetWare Internet: NetWare Newdeal Internet: Newdeal NEXTSTEP Internet: NEXTSTEP OpenBSD Internet: OpenBSD OS/2 Internet: OS/2 Further operating systems Internet: Further operating systems PalmOS Internet: PalmOS Plan9 Internet: Plan9 QNX Internet: QNX RiscOS Internet: RiscOS Solaris Internet: Solaris SuSE Linux Internet: SuSE Linux Unicos Internet: Unicos Unix Internet: Unix Unixware Internet: Unixware Windows 2000 Internet: Windows 2000 Windows 3.11 Internet: Windows 3.11 Windows 95 Internet: Windows 95 Windows 98 Internet: Windows 98 Windows CE Internet: Windows CE Windows Family Internet: Windows Family Windows ME Internet: Windows ME Seite 1 von 138 eBook - Informations about Operating Systems Version: August 15, 2006 | Download: www.operating-system.org Windows NT 3.1 Internet: Windows NT 3.1 Windows NT 4.0 Internet: Windows NT 4.0 Windows Server 2003 Internet: Windows Server 2003 Windows Vista Internet: Windows Vista Windows XP Internet: Windows XP Apple - Company Internet: Apple - Company AT&T - Company Internet: AT&T - Company Be Inc. - Company Internet: Be Inc. - Company BSD Family Internet: BSD Family Cray Inc.
    [Show full text]
  • Research Purpose Operating Systems – a Wide Survey
    GESJ: Computer Science and Telecommunications 2010|No.3(26) ISSN 1512-1232 RESEARCH PURPOSE OPERATING SYSTEMS – A WIDE SURVEY Pinaki Chakraborty School of Computer and Systems Sciences, Jawaharlal Nehru University, New Delhi – 110067, India. E-mail: [email protected] Abstract Operating systems constitute a class of vital software. A plethora of operating systems, of different types and developed by different manufacturers over the years, are available now. This paper concentrates on research purpose operating systems because many of them have high technological significance and they have been vividly documented in the research literature. Thirty-four academic and research purpose operating systems have been briefly reviewed in this paper. It was observed that the microkernel based architecture is being used widely to design research purpose operating systems. It was also noticed that object oriented operating systems are emerging as a promising option. Hence, the paper concludes by suggesting a study of the scope of microkernel based object oriented operating systems. Keywords: Operating system, research purpose operating system, object oriented operating system, microkernel 1. Introduction An operating system is a software that manages all the resources of a computer, both hardware and software, and provides an environment in which a user can execute programs in a convenient and efficient manner [1]. However, the principles and concepts used in the operating systems were not standardized in a day. In fact, operating systems have been evolving through the years [2]. There were no operating systems in the early computers. In those systems, every program required full hardware specification to execute correctly and perform each trivial task, and its own drivers for peripheral devices like card readers and line printers.
    [Show full text]
  • A Complete Bibliography of Publications in Software—Practice and Experience
    A Complete Bibliography of Publications in Software|Practice and Experience Nelson H. F. Beebe University of Utah Department of Mathematics, 110 LCB 155 S 1400 E RM 233 Salt Lake City, UT 84112-0090 USA Tel: +1 801 581 5254 FAX: +1 801 581 4148 E-mail: [email protected], [email protected], [email protected] (Internet) WWW URL: http://www.math.utah.edu/~beebe/ 23 July 2021 Version 3.26 Title word cross-reference [Bar82a, Bar82c, Bar84b]. < [SMGMOFM07a, SMGMOFM07b]. > [SMGMOFM07a, SMGMOFM07b]. 2 [MST13, MDB19]. 3 [DS09]. 4 [MSR+07]. \ 0 [GW96]. 1 [GW96]. $1.50 [Bar78d]. $11 [PK04]. TM [MZB00, Win02]. 8 [DB21b]. k [Bar84a]. $12.00 [Rob72]. $13 [Bar84a]. [AW93, Mer93]. κ [MG94]. µ $13.00 [Rob72]. $18.50 [Jon74]. $185 [BS90c, BDS+92, SMNB21]. N [Bar79b]. $19.30 [Lan74a]. $19.50 [Dav78]. [MS98, Coh98, KST94, YAVHC21]. P 3 $25.00 [Pet77, And78]. 3 [BE02, FMA02]. [DC03]. PM [CLD+17]. q [GSR17]. τ $31-25 [Pet77]. $31.35 [Bri82]. 32 [VED06]. 2:5 [TSZ14, UDS+07]. $35.00 [Inc86]. $39.50 [Sim83]. 5 [CPMAH+20]. $58.50 [Wal81a]. $6.95 -ary [MS98]. -bit [AM10, SF85, VED06]. [Tho74]. 64 [AM10, VED06]. 68 -gram [Coh98, KST94, YAVHC21]. -grams [Ear76, Hol77]. $68.25 [Pit82]. $7.00 [GSR17]. -level [FM77]. -queens [Plu74]. [Bar72a]. $7.50 [Bar78d]. $7.95 -R [Ear76, Hol77]. -shortest-paths [MG94]. [Bar76a, Lav77]. $78.50 [Sim83]. 8 -System [BS90c]. [Plu74, SF85]. $8.95 [Bar82a, Bar82c, Bar84b]. $9.75 . [Bis81b]. .NET [Coo04, Han04]. [Bar77e, Mul76]. $9.80 [Atk79a]. $9.95 1 2 0 [Bar81, Edw98a, Edw98b, Gru83, Llo82, 2 [Bar74a, Bar74b, Bar80b, Bud85, Cor88b, Val77a, Val78, Wal83b].
    [Show full text]
  • The Symbian OS Architecture Sourcebook
    The Symbian OS Architecture Sourcebook The Symbian OS Architecture Sourcebook Design and Evolution of a Mobile Phone OS By Ben Morris Reviewed by Chris Davies, Warren Day, Martin de Jode, Roy Hayun, Simon Higginson, Mark Jacobs, Andrew Langstaff, David Mery, Matthew O’Donnell, Kal Patel, Dominic Pinkman, Alan Robinson, Matthew Reynolds, Mark Shackman, Jo Stichbury, Jan van Bergen Symbian Press Head of Symbian Press Freddie Gjertsen Managing Editor Satu McNabb Copyright 2007 Symbian Software, Ltd John Wiley & Sons, Ltd The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England Telephone (+44) 1243 779777 Email (for orders and customer service enquiries): [email protected] Visit our Home Page on www.wileyeurope.com or www.wiley.com All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London W1T 4LP, UK, without the permission in writing of the Publisher. Requests to the Publisher should be addressed to the Permissions Department, John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England, or emailed to [email protected], or faxed to (+44) 1243 770620. Designations used by companies to distinguish their products are often claimed as trademarks. All brand names and product names used in this book are trade names, service marks, trademarks or registered trademarks of their respective owners.
    [Show full text]
  • Sealing OS Processes to Improve Dependability and Security
    Sealing OS Processes to Improve Dependability and Safety Galen Hunt, Mark Aiken, Manuel Fähndrich, Chris Hawblitzel, Orion Hodson, James Larus, Steven Levi, Bjarne Steensgaard, David Tarditi, and Ted Wobber Microsoft Research One Microsoft Way Redmond, WA 98052 USA [email protected] ABSTRACT General Terms In most modern operating systems, a process is a Design, Reliability, Experimentation. hardware-protected abstraction for isolating code and data. This protection, however, is selective. Many common Keywords mechanisms—dynamic code loading, run-time code Open process architecture, sealed process architecture, sealed generation, shared memory, and intrusive system APIs— kernel, software isolated process (SIP). make the barrier between processes very permeable. This paper argues that this traditional open process architecture 1. INTRODUCTION exacerbates the dependability and security weaknesses of Processes debuted, circa 1965, as a recognized operating modern systems. system abstraction in Multics [48]. Multics pioneered As a remedy, this paper proposes a sealed process many attributes of modern processes: OS-supported architecture, which prohibits dynamic code loading, self- dynamic code loading, run-time code generation, cross- modifying code, shared memory, and limits the scope of process shared memory, and an intrusive kernel API that the process API. This paper describes the implementation permitted one process to modify directly the state of of the sealed process architecture in the Singularity another process. operating system,
    [Show full text]
  • Study on Operating Systems for Small Devices for Mobile Payments Application 17 Th July, 2009
    Study on Operating Systems for Small Devices for Mobile Payments Application 17 th July, 2009 Project Report On Study on Operating Systems for Small Devices for Mobile Payments Application Submitted by: V V Aishwarya B.E IV/IV (01-07-862) Department of Computer Science and Engineering (CSE) University College of Engineering (Autonomous) Osmania University , Hyderabad- 500004 To Summer Internship Project under the Guidance of Dr. V N Sastry Associate Professor Institute for Development and Research in Banking Technology (IDRBT) (Established by Reserve Bank of India) Road No. 1, Castle Hills, Masab Tank, Hyderabad – 500 057. July 2009 CSE,UCE,OU 1 IDRBT Study on Operating Systems for Small Devices for Mobile Payments Application 17 th July, 2009 CERTIFICATE This is to certify that this project on “ Study on Operating Systems for Small Devices for Mobile Payments Application ” submitted by Ms. V V Aishwarya , 01-07-862 of B.E. IV/IV, CSE, University College of Engineering, Osmania University, is a record of Bonafide work done by her under my guidance during the Summer Internship Programme from 21 st May, 2009 to 17 th July, 2009. Ms. V V Aishwarya has completed the work assigned to her within the limited period of learning and execution. She has successfully completed the project to my satisfaction and it has been observed that the goals set upon at the outset of this endeavor have been worked upon to the best of the student’s abilities and resources. During this period I have observed her to be very sincere, hardworking and coping up with new challenges.
    [Show full text]
  • CS 162 Operating Systems and Systems Programming Lecture 3
    CS 162 Operating Systems and Systems Programming Answer: Decompose hard problem into simpler ones. Instead of dealing with Professor: Anthony Joseph everything going on at once, separate into logical abstractions that we can deal Spring 2004 with one at a time. Lecture 3: 3.2 Processes Concurrency: Processes, Threads, and Address Spaces The notion of a “process” is a central concept for Operating Systems. 3.0 Main point: What are processes? Process: Operating system abstraction to represent what is needed to run a single How are they related to threads and address spaces? program (this is the traditional UNIX definition) Formally, a process is a sequential stream of execution in its own address space. 3.1 Concurrency 3.1.1 Definitions: 3.2.1 Two parts to a (traditional Unix) process: Uniprogramming: one process at a time (e.g., MS/DOS, early Macintosh) 1. Sequential program execution: the code in the process is executed as a single, sequential stream of execution (no concurrency inside a process). This Easier for operating system builder: get rid of problem of concurrency by defining is known as a thread of control. it away. For personal computers, idea was: one user does only one thing at a 2. State Information: everything specific to a particular execution of a program: time. Encapsulates protection: address space • CPU registers Harder for user: can’t work while waiting for printer • Main memory (contents of address space) • I/O state (in UNIX this is represented by file descriptors) Multiprogramming: more than one process at a time (UNIX, OS/2, Windows NT).
    [Show full text]
  • The Niagara Framework
    The Niagara Framework Control System Interoperability with Seamless Intranet/Internet Enterprise Connectivity © Copyright 1998 Tridium, Inc., All Rights Reserved Tridium, Inc. 3951 Westerre Parkway Suite 350 Richmond, Virginia 23233 (804) 747-4771 http://www.tridium.com Ernie Allen, Technical Services Manager John Bishop, Regional Manager Copyright Notice: The software described herein is furnished under a license agreement and may be used only in accordance with the terms of the agreement. © Copyright 1998 Tridium, Inc. All rights reserved. This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-readable form without prior written consent from Tridium, Inc., 3951 Westerre Parkway, Suite 350, Richmond, Virginia 23233. The confidential information contained in this document is provided solely for use by Tridium employees, licensees, and system owners; and is not to be released to, or reproduced for, anyone else; neither is it to be used for reproduction of this Control System or any of its components. All rights to revise designs described herein are reserved. While every effort has been made to assure the accuracy of this document, Tridium shall not be held responsible for damages, including consequential damages, arising from the application of the information given herein. The information in this document is subject to change without notice. The release described in this document may be protected by one of more U.S. patents, foreign patents, or pending applications. Trademark Notices: Microsoft and Windows are registered trademarks, and Windows 95, Windows NT, and Internet Explorer are trademarks of Microsoft Corporation. Java and other Java-based names are trademarks of Sun Microsystems Inc.
    [Show full text]
  • Sealing OS Processes to Improve Dependability and Security
    MSR-TR-2006-51 This is a draft paper that is under submission. Please contact Galen Hunt for citation information. Sealing OS Processes to Improve Dependability and Security Galen Hunt, Mark Aiken, Paul Barham, Manuel Fähndrich, Chris Hawblitzel, Orion Hodson, James Larus, Steven Levi, Nick Murphy, Bjarne Steensgaard, David Tarditi, Ted Wobber, Brian Zill Microsoft Research Abstract On most modern operating systems, a process is a hardware-protected abstraction for executing potentially mutable code and data. Common features of processes include: dynamic code loading, dynamic code generation, access to cross-process shared memory, and a universal API. This paper argues that many of the dependability and security weaknesses of modern systems are exacerbated by this open process architecture. Moreover, this architecture impairs the ability of tools to analyze code statically, to improve its performance or dependability. By contrast, a sealed process architecture prohibits dynamic code loading, prohibits self-modifying code, prohibits shared memory, and replaces a universal API with a process-limited API. This paper describes an implementation of a sealed process architecture in the Singularity operating system, discusses its merits, and evaluates its impact. Among the benefits are: improved static program analysis, strong security guarantees, elimination of OS redundancies found in language runtimes such as the JVM and CLR, and better software engineering. 1. Introduction 1.1. Disadvantages of Open Processes The process, as a recognized operating system Although common, open processes are not “free.” abstraction, debuted in Multics [52] in the 1960s. This architecture has negative consequences for Multics processes included support for dynamic code dependability, correctness, security, and performance.
    [Show full text]
  • Lecture 24: Javaos Key Concepts Java Application on a Host OS Java
    Lecture 24: JavaOS Key concepts ■ Java - an object oriented language (a safer/simpler) modification of C++; ■ JavaOS adheres to the following design goals: ■ Java program is usually interpreted - translated and executed at the ◆ ease the development same time; ◆ portability of the OS ■ Java is usually translated into bytecode; a computer capable of ◆ ease of configuration executing bytecode is called Java-machine; there are no physical ■ JavaOS was designed to run software written in Java Java-machine. The Java machine is usually emulated (like programming language on a variety of platforms from Nachos emulates MIPS architecture) on some other platform. The embedded platforms to network computers program capable of executing Java bytecodes is called Java ◆ embedded system - a computer that facilitates the Virtual Machine (JVM). Thus to make a Java program execute on work of the machine whose purpose is not related to any platform - only JVM has to be designed to execute on this information processing. Example: household platform appliances - microwave, industrial robots ■ Java Development Toolkit (JDK) - a collection of Java classes to ◆ network computer (NC or thin clients) - a computer designed to run only several applications loaded over be used by Java programmers - they declare system functions the network - computers designed to run web- (threading, process creation I/O), windowing functions, graphics, browsers only networking, etc. 1 ■ JavaOS implements JVM and JDK in a portable way 2 Java Java application applicat on a host ion
    [Show full text]
  • Ericsson / Nokia / Psion Regulation
    EN Case No COMP/JV.6 - ERICSSON / NOKIA / PSION Only the English text is available and authentic. REGULATION (EEC) No 4064/89 MERGER PROCEDURE Article 6(1)(b) NON-OPPOSITION Date: 11/08/1998 Also available in the CELEX database Document No 398J0006 Office for Official Publications of the European Communities L-2985 Luxembourg COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 11.08.1998 In the published version of this decision, some information has been omitted pursuant to Article PUBLIC VERSION 17(2) of Council Regulation (EEC) No 4064/89 concerning non-disclosure of business secrets and other confidential information. The omissions are MERGER PROCEDURE shown thus […]. Where possible the information ARTICLE 6(1)(b) DECISION omitted has been replaced by ranges of figures or a general description. To the notifying parties, Dear Sirs, Subject: Case No IV/JV.6 - ERICSSON/NOKIA/PSION Notification of 7 July 1998 pursuant to Article 4 of Council Regulation No. 4064/89 1. On 7 July 1998, the Commission received a notification of a proposed concentration pursuant to Article 4 of Council Regulation (EEC) No 4064/891 by which Telefonaktiebolaget LM Ericsson (“Ericsson”), Nokia Corporation (“Nokia”) and Psion PLC (“Psion”) will establish a joint venture company, Symbian Limited (“Symbian”) for the development of an operating system for use in wireless information devices. I PARTIES 2. Ericsson is a Swedish corporation that designs, develops, manufactures and markets advanced systems and related terminals for wired and mobile telecommunications in public and private networks. It has worldwide operations in more than 130 countries. The company is divided into three business areas: Mobile Systems, Infocom Systems and Mobile Phones and Terminals sharing a common core technology and providing each other with products and services.
    [Show full text]
  • Javaos™ for Business™ Version 2.0 Application Development Guide
    JavaOS for Business Version 2.0 Application Development Guide JavaOS for Business Version 2.0 Application Development Guide Copyright 1998 Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, California 94303, U.S.A.; IBM Corporation, Old Orchard Road, Armonk, New York 10504. All rights reserved. This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. Sun, Sun Microsystems, the Sun Logo, Java, JavaOS and JavaOS for Business are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries, and are used under license by IBM.The JavaOS For Business technology is the result of a collaboration of Sun and IBM. IBM, the IBM Logo, OS/2 are trademarks or registered trademarks of IBM Corp. in the United States and other countries, and are used under license by Sun Microsystems. Microsoft, Windows, Windows NT, and the Windows logo are registered trademarks of Microsoft Corporation. Intel and EtherExpress are trademarks or registered trademarks of Intel Corporation in the U.S. and other countries. The OPEN LOOK and Sun(TM) Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering efforts of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, which license also covers Sun's licensees who implement OPEN LOOK GUIs and otherwise comply with Sun's written license agreements.
    [Show full text]