GuidesMaking Solaris More Trustworthy

Making Solaris More Trustworthy




Sun’s Solaris 10 Unix operating system got its third major update, and it includes the long-anticipated Trusted
Extensions, which replaces the legacy Trusted Solaris operating system.

Update 3 of Solaris 10 is out, and with it are Trusted Extensions.

Trusted Solaris Extensions have been in development at Sun for more than a year as a new approach to creating a
Trusted Solaris OS.

In September 2005, Mark Thacker,
product line manager of Solaris security at Sun Microsystems, explained to
internetnews.com that Trusted Solaris has always been a separate operating system.

With Trusted Solaris Extensions, instead of an entirely separate operating
system, the extensions are overlays on top of Solaris 10 that do not
require a separate kernel. They provide additional high-security
labeling features to meet regulatory and compliance requirements.

Solaris 10
with Trusted Extensions is currently in evaluation for the Common Criteria
Certification Labeled Security Protection Profile (LSPP) at Evaluation
Assurance Level 4+ (EAL 4+).

The updated also includes the “secure by default” feature, which first
appeared in an OpenSolaris build earlier this year. With secure by
default, most external-facing services are turned off at the point of
initial installation. Only services required to login and boot the OS are
enabled by default.

“The whole thing is about making Solaris install in a mode that is secure
out of the box,” OpenSolaris developer Martin Englund wrote in a blog
posting earlier this year. “This should be a no brainer, but since Solaris
always strive to be backward compatible it is not easy doing a change like
this.”

Solaris 10 was originally released in 2004 and was last updated in June. Update 2 included the new ZettaByte File System (ZFS), as well as optimizations in
the network stack around SSL and UDP performance.

This article was originally published on internetnews.com.

Latest Posts

Related Stories