Introduction to security

How system architecture relates to security

To be secure, a computing system must enforce a security policy. (See ``Elements of the security policy''.) The security policy for UnixWare demands that the operating system must restrict access to and flow of the information that it processes to prevent unauthorized disclosure or alteration of that information. A system relies on the enforcement of the security policy. Some of the components of the system actively enforce the security policy by, for example, restricting access to files or devices. Other components of the system, such as the seven service subsystems of the operating system, embody the security policy in their architecture.

A system relies upon the routines in the operating system to perform the tasks for which they were intended and only those tasks. The integrity of a system would be violated if routines affected each other in unknown or unwanted ways, because information could be distributed or altered in violation of the security policy. Well-designed system architecture ensures integrity by keeping the seven service subsystems separate from each other and by allowing the areas to interact only in known and intended ways.

Next topic: How modularity relates to security
Previous topic: DAC checking algorithm

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004