MLS is now available for AIX - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

MLS is now available for AIX

Description:

Using the Argus PitBull MLS desktop, Microsoft applications can now be run ... Example #4: MLS security ... Additional uses of the MLS desktop ... – PowerPoint PPT presentation

Number of Views:100
Avg rating:3.0/5.0
Slides: 19
Provided by: markd78
Category:
Tags: aix | mls | available | mls | now | pitbull

less

Transcript and Presenter's Notes

Title: MLS is now available for AIX


1
MLS is now available for AIX
Argus Systems Group Securing Microsoft
Applicationson a Multilevel Secure (MLS) Desktop
2
The problem
  • Organizations and employees want to use (or need
    to use) Microsoft applications
  • Microsoft applications are the primary target for
    hackers and automated tools
  • Compromised applications can attack other
    applications and damage the operating system
  • Microsoft's desktop environment cannot now
    support MLS security or MLS functionality

3
Good news about Microsoft applications
  • Using the Argus PitBull MLS desktop,Microsoft
    applications can now be run
  • Without endangering the underlying operating
    system
  • In a way that they cannot misuse networks
  • Completely isolated from other applications
  • On a multilevel secure (MLS) desktop

4
Operating system protection
  • No matter how many bugs or viruses affect an
    application, it can never
  • damage the system
  • access unauthorized files
  • modify unauthorized files

5
Example 1 Operating system protection
This Word program can never damage the system or
access unauthorized files.
6
Network protection
  • No matter how many bugs or viruses affect an
    application, it can never
  • access unauthorized networks
  • send or receive data on unauthorized ports
  • use unauthorized protocols
  • interfere with other programs using the network

7
Example 2 Network protection
This Powerpoint session can access only the
internal file server.
This Word session cannot access any network.
8
Application isolation
  • No matter how many bugs or viruses affect an
    application, it can never
  • access or modify another application's data or
    program files
  • intercept, spoof, or replay another application's
    communications
  • monitor or detect another application's activity
  • halt, pause, or restart another application

9
Example 3 Application isolation
These two applications are completely isolated
and can never exchange data without user
authorization.
10
MLS security
  • No matter how many bugs or viruses affect an
    application, it can never
  • remove or alter its security label
  • access any resource outside of the MLS policy
  • The MLS desktop and system provides
  • protected MLS cut-and-paste
  • upgrade and downgrade only with explicit
    authorization
  • labeled storage, networking, and printing

11
Example 4 MLS security
Multiple instances of programs can be run at
different, color-coded security levels.
This window and its data are labeled, and all
cut-and-paste, printing, storing, and network
transfers comply with strict MLS controls.
12
Additional uses of the MLS desktop
  • Simultaneous browser sessions securely open to
    internal and external web servers
  • External (including Internet) servers accessible
    for copying information into sensitive documents
    with no danger of system attack or data leakage
    to outside networks
  • Documents of different security levels or
    distributions simultaneously viewed and edited
    without danger of accidentally releasing
    restricted data

13
Advantages and disadvantages
  • When migrating to the Argus secure Microsoft
    application environment
  • You gain new functionality and better security
  • You keep most Microsoft advantages
  • You lose some features
  • What you keep and gain far outweighs the losses
  • What you gain is critical for using Microsoft
    applications in real-world environments

14
What do you keep?
  • Full support for most Microsoft applications
  • Users see no difference in application
    functionality or "look and feel"
  • Low cost (Intel x86) hardware
  • Existing hardware platforms can be used

15
What do you gain?
  • Complete system protection from compromised
    applications
  • Full isolation of applications to prevent
    crossover damage by compromised applications
  • Fine-grained network control over each individual
    Microsoft application
  • Multilevel security functionality between all
    applications
  • Solaris admin tools and functionality

16
What do you lose?
  • Microsoft desktop is replaced with a less
    familiar Solaris x86 X Window desktop
  • Underlying operating system is not Microsoft
  • System administration is done using Solaris
    utilities and tools
  • Some applications aren't supported
  • Work is ongoing to provide support for these
    applications

17
High-altitude View of the Solution
  • Intel x86 hardware
  • Sun Solaris 10 operating system
  • X Window desktop
  • Argus PitBull security enhancements for Solaris
    and X Window
  • Codeweaver/WINE to support Microsoft applications
  • Standard out-of-the-box Microsoft applications

18
For More Information
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "MLS is now available for AIX" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!