The Ultimate Path to Absolute Digital Security

Operating System

An operating system can become a security role player without degrading performance, user convenience or reliability. The information in a SESR report exist as flags that an OS can expose through system calls. The SESR report provides information that may be checked by an OS and other programs to assess code operations. These code operations may involve the existence of device input simulations. A code operation may further involve omissions such as the absence of a SESR report check in an application that allows embedded code execution. The presence of a SESR report is crucial to making such validations for security. Therefore, a validation failure due to absence of a SESR report is an effective security feature. An operating system may add to status flags defined in the SESR report as deemed necessary. The corresponding set of system calls would be added or changed. This should cause relevant code translators to align operations that evaluate status flags.

A computing environment is managed by an operating system. Therefore, a resource should be properly managed at the instance of entry to such an environment. The efficient management of a resource requires an OS to define a specific point of entry. The transfer of a resource from an external network or device to a computing environment can best be managed at a single point of entry. This constraint facilitates the prevention of a malicious resource from causing damage. A Windows operating system has a Download folder that should be enforced as the sole storage location for inbound resources. The changes to a current OS implementation may involve diverting inbound transmissions to this storage point and checking a SESR report. A transfer to the intended destination would follow. This feature can lead to detection and control of a malicious resource in the following manner.

Operating System

An operating system should allow only launch and install operations on a resource stored in the sole point of entry. The following launch steps would be similar from any storage location. A launch operation first identifies the program that can read a resource. The resource could either be classified as data or code. The program would read a data resource as instructed in code. A code resource would be detected by the OS through a file that originated from a code translator. The program (through system calls) would check a SESR report associated with a code resource. A failed validation through the SESR report should block further launch actions. This implicit check of a SESR report applies to embedded or interpreted code. Any software that can execute embedded or interpreted code should always check the affiliated SESR report. An operating system would verify this behavior during the SESR report check that precedes installation of such software. The Code Translator section provides details.

An install operation is the crucial step that validates a code resource for permanent placement in an environment. An operating system should provide a system call that serves as a mandatory gateway for the placement of software. This system call would check for the existence of a file created by a code translator to mark a resource as code. This file should be placed at the root directory of a code resource (similar to a SESR report). The detection of this file would initiate a SESR report check before transfer of a program or code resource to a stable location. Any detected absence of this file should halt further action. This is an important security feature that prevents illegitimate software installation. A failed validation from checking the SESR report should block installation or transfer. The procedures that take place at such an intermediate storage point prevent surreptitious entry of resources into an environment. Any software that hosts inbound transmissions (e.g. a browser) would have been validated through SESR report checks or the Secure System Call protocol (to be discussed soon).

Operating System

An inbound transmission should be classified as originating from an external network or device. An interdevice transfer within the same network would be allowed. However, reliable encryption of a resource should occur before transfer to a portable storage device. A reliable encryption goes beyond the use of private or public keys since a breach that can undermine security is possible. An OS should decrypt resources from such a device before transfer to the single storage point. This step should always occur manually and never automatically. The secure transfer of resources from a computing environment to an external network will be discussed next.

A further proposed role of an operating system involves a Secure System Call. A Secure System Call (SSC) provides an entry point to any program (or operation) that is not part of the operating system. The prerequisite for a successful call would be to verify a caller has an available SESR report. The absence of a SESR report should cause a secure system call to fail. The target operations are manually validated through a protocol dictated by an OS vendor. Any operating system call made by such target operations would be justifiably considered safe. The target operations may reside in executable files or other forms of software. This validation provides a means for an OS to selectively authorize software for a specific purpose. Furthermore, an SSC allows different software to interoperate in a secure manner. The selective validation of software that perform specific operations in an environment is a vital security measure. A special identifier would be assigned to software that has been validated by an OS. This ID would be placed in code according to an OS vendor mandate. A code translator would check the ID during generation of a SESR report. A system call would be provided for the sole purpose of checking this ID. The reference ID may be stored on a server, encrypted by an OS or both.

The complete material

of this site

is available as an eBook

from these sellers.

Previous Next