Information Security

Arfan Shahzad
{ [email protected] }
Course Outline
 Security Kernels

• Security kernels, also known as secure kernels or trusted kernels, are

a fundamental component of secure operating systems.

• A security kernel is responsible for enforcing the security policies and

mechanisms of an operating system, providing a trusted execution
environment for critical operations and protecting the system from
unauthorized access and malicious activities.
Security Kernels cont...
 Security Kernels cont...

• Here are some key characteristics and functions of security kernels:

• 1- Isolation: A security kernel is designed to isolate critical system

functions and sensitive resources from less trusted components of the OS.

• It ensures that different processes and components run in separate and

protected domains, preventing unauthorized access or interference.
Security Kernels cont...
 Security Kernels cont...

• 2- Access Control: Security kernels enforce access control policies,

determining which processes or users have permissions to access
specific resources or perform certain operations.

• Access control mechanisms, such as mandatory access control (MAC)

or discretionary access control (DAC), are implemented and enforced
by the security kernel.
 Security Kernels cont...

• 3- Privilege Separation: Security kernels separate different levels of

privileges within the operating system.

• They define different privilege levels, such as user mode and kernel mode,
and restrict direct access to privileged operations and system resources.

• This separation helps prevent unauthorized access and privilege escalation.

 Security Kernels cont...

• 4- Trusted Computing Base (TCB): The security kernel forms the core
of the trusted computing base, which includes all the components
necessary to enforce security policies.

• The totality of protection mechanisms within a computer system —

including hardware, firmware, and software — the combination of
which is responsible for enforcing a security policy.
 Security Kernels cont...

• A TCB consists of one or more components that together enforce a

unified security policy over a product or system.

• The ability of a trusted computing base to correctly enforce a security

policy depends solely on the mechanisms within the TCB and on the
correct input by system administrative personnel of parameters (e.g.,
a user’s clearance) related to the security policy.
Security Kernels cont...
 Security Kernels cont...

• 5- Verification and Assurance: Security kernels undergo rigorous

testing, verification, and evaluation to ensure their correctness,
reliability, and resistance to attacks.

• They are subject to security certifications and evaluations to provide

assurance that they meet defined security requirements.
 Security Kernels cont...

• 6- Security Policy Enforcement: Security Kernels implement and

enforce security policies defined by the operating system or the
organization.

• These policies can include authentication mechanisms, access control

rules, audit logging, intrusion detection, and other security-related
configurations.
Security Kernels cont...
 Security Kernels cont...

• 7- Tamper Resistance: Security kernels employ various techniques to

resist tampering and unauthorized modifications.

• They employ cryptographic mechanisms, secure boot processes,

integrity checks, and other security measures to ensure the integrity
and authenticity of the kernel and critical system components.
Security Kernels cont...
 Security Kernels cont...

• Security kernels play a critical role in providing a trusted execution

environment and enforcing security policies within an operating
system.

• By isolating critical functions, enforcing access control, and separating

privileges, they contribute to the overall security and integrity of the
system.