HP Labs Technical Reports
Click here for full text:
Security Risk Control of COTS-based Applications
Zhong, Qun; Edwards, Nigel
Keyword(s): commercial-off-the-shelf software; security; CMW; mandatory access control; discretionary access control
Abstract: This paper introduces the CMW (Compartmented Mode Workstation) platform and its implementation on the HP-UX operating system HP-UX/CMW. It demonstrates a method of encapsulating untrusted COTS components without the need to check and verify the components' source code. By encapsulating COTS components on this secure operating system, we can control the system security while at the same time enhancing system reliability and take advantage of building the system with COTS components.
Back to Index