Trusted Linux: An Operating System Approach to Securing E-Services
Communications of the ACM, Volume 44, Issue 2 (2001)
by ACM, Inc.
by Chris Dalton and Tse Huong Choo, researchers in HP Labs' Trusted
E-Services Laboratory, based in Bristol, UK
Offering a service over the Internet means exposing it to a large
population of attackers capable of probing the service for vulnerabilities.
It is not unlikely, and has shown to be the case in the past, that
some of these bugs can and will be exploited, leading to security
Read the full paper here. Requires
About the Authors:
Chris I Dalton is a research engineer with HP Labs. His
research interests lie in pragmatic approaches to getting strong
security properties into Internet systems and services. Prior to
joining HP Labs in 1996, he hacked a lot with Unix and did a little
research for the University of Wales, Bangor. Before that, he worked
for Lucas Aerospace Engine Systems after graduating from Imperial
He is obsessed with Mountaineering (snow and ice usually but with
occasional failed attempts at being an anorexic sport climber),
likes skiing and has been known to do a bit of scuba diving.
Tse Huong Choo is a researcher with HP Labs Bristol UK whose
recent work focuses on adding novel security properties based on
those present in trusted operating systems to the Linux kernel.
Prior to this, his research was on building compartmented virtual
private networks on HP's Virtual Vault Operating System.
Currently, he is working on extending the security properties of
a highly secure variant of Linux that operates on a compartmented
basis. This work includes providing true end-to-end security with
strong mutual authentication by enumerating and verifying the ownership
of each individual IP endpoint.