David C. Toll
Elaine R. Palmer
Abstract
The Caernarvon operating system was developed to demonstrate that a high assurance system for smart cards was technically feasible and commercially viable. The entire system has been designed to be evaluated under the Common Criteria at EAL7, the highest defined level of assurance.
Historically, smart card processors have not supported the hardware protection features necessary to separate the OS from the applications, and one application from another. The Caernarvon OS has taken advantage of the first smart card processors with such features to be the first smart card OS to provide this kind of protection. Even when compared with conventional systems where the hardware protection is routine, the Caernarvon OS is noteworthy, because of the EAL7 assurance.
This approach facilitated implementation of a formally specified, mandatory security policy providing multi-level security (MLS) suitable for both government agencies and commercial users. The mandatory security policy requires effective authentication of its users that is independent of applications. For this reason, the Caernarvon OS also contains a privacy-preserving, two-way authentication protocol integrated with the Mandatory Security Policy.
The Caernarvon OS includes a strong cryptographic library that has been separately certified under the Common Criteria at EAL5+ for use with other systems. The Caernarvon OS implements a secure method for downloading trusted and untrusted application software and data in the field, with the assumption that all applications are potentially hostile. While the initial platform for the operating system was smart cards, the design could also be used in other embedded devices, such as USB tokens, PDAs, cell phones, etc.
- D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi. The EM side-channel(s). In Cryptographic Hardware and Embedded Systems -- CHES 2002, Lecture Notes in Computer Science, Vol. 2523, Springer Verlag, pages 29--45, Redwood Shores, CA, 13--15 August 2002. Google Scholar
Digital Library
- Application interface for smart cards used as secure signature creation devices -- part 1: Basic requirements. CWA 14890-1, Comité Européen de Normalisation, Brussels, Belgium, March 2004. URL: ftp://ftp.cenorm.be/PUBLIC/CWAs/e-Europe/eSign/cwa14890-01-2004-Mar.pdf.Google Scholar
- Application interface for smart cards used as secure signature creation devices -- part 1: Basic requirements. prEN 14890-1:2007, Comité Européen de Normalisation, Brussels, Belgium, March 2007.Google Scholar
- D. E. Bell and L. J. LaPadula. Computer Security Model: Unified Exposition and Multics Interpretation. ESD-TR-75-306, The MITRE Corporation, Bedford, MA, HQ Electronic Systems Division, Hanscom AFB, MA, June 1975.Google Scholar
- K. J. Biba. Integrity Considerations for Secure Computer Systems. ESD-TR-76-372, The MITRE Corporation, Bedford, MA, HQ Electronic Systems Division, Hanscom AFB, MA, Apr. 1977.Google Scholar
- F. C. Bormann, L. Manteau, A. Linke, J. C. Pailles, and J. van Dijk. Concept for trusted personal devices in a mobile and networked environment. In Fifteenth IST Mobile & Wireless Communication Summit, Myconos, Greece, June 2006.Google Scholar
- G. W. Bush. Policy for a common identification standard for federal employees and contractors. Homeland Security Presidential Directive HSPD-12, The White House, Washington, DC, 27 August 2004. URL: http://csrc.nist.gov/policies/Presidential-Directive-Hspd-12.html.Google Scholar
- R. Canetti and H. Krawczyk. Security Analysis of IKE's Signature-Based Key-Exchange Protocol. In Advances in Cryptology -- Crypto 2002, pages 143--161, Santa Barbara, CA, 2002. Lecture Notes in Computer Science, Vol. 2045, Springer Verlag. Google ScholarDigital Library
- M. G. Carter, S. B. Lipner, and P. A. Karger. Protecting data & information: A workshop in computer & data security. Order No. EY-AX00080-SM-001, Digital Equipment Corporation, Maynard, MA, 1982.Google Scholar
- S. N. Chari, V. V. Diluoffo, P. A. Karger, E. R. Palmer, T. Rabin, J. R. Rao, P. Rohatgi, H. Scherzer, M. Steiner, and D. C. Toll. Method, apparatus and system for resistence to side channel attacks on random number generators. United States Patent Application No. US 2006/0104443A1, Filed 12 November 2004.Google Scholar
- P.-C. Cheng, P. Rohatgi, C. Keser, P. A. Karger, G. M. Wagner, and A. S. Reninger. Fuzzy multi-level security: An experiment on quantified risk-adaptive access control: Extended abstract. In Proceedings of the IEEE Sympsium on Security and Privacy, pages 222--227, Oakland, CA, 20--23 May 2007. IEEE Computer Society. Google ScholarDigital Library
- Common Criteria for Information Technology Security Evaluation, Parts 1, 2, and 3. Version 2.3 CCMB2005-08-001, CCMB2005-08-002, and CCMB2005-08-003, August 2005. URL: http://www.commoncriteriaportal.org/public/expert/index.php?menu=2.Google Scholar
- Department of defense trusted computer system evaluation criteria. DOD 5200.28-STD, Washington, DC, Dec. 1985. URL: http://csrc.nist.gov/publications/history/dod85.pdf.Google Scholar
- E. W. Dijkstra. The structure of the THE multiprogramming system. Communications of the ACM, 11(5):341--346, May 1968. Google ScholarDigital Library
- Functionality classes and evaluation methodology for physical random number generators. AIS 31, Version 1, Bundesamt für Sicherheit in der Informationstechnik (BSI), Bonn, Germany, 25 Sept. 2001. URL: http://www.bsi.bund.de/zertifiz/zert/interpr/ais31e.pdf.Google Scholar
- D. Harkins and D. Carrel. The Internet Key Exchange (IKE). RFC 2409, November 1998. URL: ftp://ftp.rfc-editor.org/in-notes/rfc2409.txt. Google ScholarDigital Library
- Information technology security evaluation criteria (ITSEC). Version 1.2, Commission of the European Communities, Brussels, Belgium, June 1991. URL: http://www.ssi.gouv.fr/site_documents/ITSEC/ITSEC-uk.pdf.Google Scholar
- Identification cards -- Integrated circuit(s) with contacts -- Part 3: Electronic signals and transmission protocols, Second edition. ISO Standard 7816-3, International Standards Organization, Dec. 1997.Google Scholar
- Identification cards -- Integrated circuit(s) with contacts -- Part 4: Interindustry commands for interchange, First edition. ISO Standard 7816-4, International Standards Organization, Sept. 1995.Google Scholar
- P. A. Karger. Multi-Organizational Mandatory Access Controls for Commercial Applications. RC 21673 (97655), IBM Thomas J. Watson Research Center, Yorktown Heights, NY, 22 February 2000. URL: http://domino.watson.ibm.com/library/CyberDig.nsf/home.Google Scholar
- P. A. Karger, V. R. Austel, and D. C. Toll. A New Mandatory Security Policy Combining Secrecy and Integrity. RC 21717 (97406), IBM Thomas J. Watson Research Center, Yorktown Heights, NY, 15 March 2000. URL: http://domino.watson.ibm.com/library/CyberDig.nsf/home.Google Scholar
- P. Kocher, J. Jaffe, and B. Jun. Differential Power Analysis: Leaking Secrets. In Proceedings of Crypto '99, Lecture Notes in Computer Science, Vol. 1666, Springer Verlag, pages 143--161, Santa Barbara, CA, August 1999. Google ScholarDigital Library
- H. Krawczyk. SIGMA: the 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols. In Advances in Cryptology -- CRYPTO 2003 Proceesings, pages 399--424, Santa Barbara, CA, 17--21 August 2003. Lecture Notes in Computer Science, Vol. 2729, Springer Verlag.Google Scholar
- D. Safford and M. Zohar. Trusted computing and open source. Information Security Technical Report, 10(2):74--82, 2005. Google ScholarDigital Library
- G. Schellhorn, W. Reif, A. Schairer, P. Karger, V. Austel, and D. Toll. Verification of a formal security model for multiapplicative smart cards. In 6th European Symposium on Research in Computer Security (ESORICS 2000), Lecture Notes in Computer Science, Vol. 1895, Springer Verlag, pages 17--36, Toulouse, France, 2000. Google ScholarDigital Library
- H. Scherzer, R. Canetti, P. A. Karger, H. Krawczyk, T. Rabin, and D. C. Toll. Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card. In 8th European Symposium on Research in Computer Security (ESORICS 2003), pages 181--200, Gjøvik, Norway, 13--15 October 2003. Lecture Notes in Computer Science, Vol. 2808, Springer Verlag.Google ScholarCross Ref
- W. L. Schiller. The design and specification of a security kernel for the PDP-11/45. ESD-TR-75-69, The MITRE Corporation, Bedford, MA, HQ Electronic Systems Division, Hanscom AFB, MA, May 1975. URL: http://csrc.nist.gov/publications/history/schi75.pdf.Google Scholar
- J. Whitmore, A. Bensoussan, P. Green, D. Hunt, A. Kobziar, and J. Stern. Design for Multics security enhancements. ESD-TR-74-176, Honeywell Information Systems, Inc., HQ Electronic Systems Division, Hanscom AFB, MA, Dec. 1973. URL: http://csrc.nist.gov/publications/history/whit74.pdf.Google Scholar
- K.-L. Wu, P. S. Yu, B. Gedik, K. Hildrum, C. C. Aggarwal, E. Bouillet, W. Fan, D. George, X. Gu, G. Luo, and H. Wang. Challenges and experience in prototyping a multi-modal stream analytic and monitoring application on System S. In Proceedings of the 33rd International Conference on Very Large Data Bases, pages 1185--1196, Vienna, Austria, 23--27 September 2007. URL: http://www.vldb.org/conf/2007/papers/industrial/p1185-wu.pdf. Google ScholarDigital Library
Index Terms
- The Caernarvon secure embedded operating system
Recommendations
Thoth, a portable real-time operating system
Thoth is a real-time operating system which is designed to be portable over a large set of machines. It is currently running on two minicomputers with quite different architectures. Both the system and application programs which use it are written in a ...
The OSCON Operating System Consultant
OSCON (Operating System CONsultant) is an operating system consultant which gives English answers to English queries about computer operating systems. The program currently answers queries for over 40 commands from the UNIX and MS-DOS operating systems. ...
Can We Make Operating Systems Reliable and Secure?
Microkernels--long discarded as unacceptable because of their lower performance compared with monolithic kernels--might be making a comeback in operating systems due to their potentially higher reliability, which many researchers now regard as more ...
Comments