Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP

HP.com home

Technical Reports


HP Labs

» Research
» News and events
» Technical reports
» About HP Labs
» Careers @ HP Labs
» Worldwide sites
» Downloads
Content starts here

Click here for full text: PDF

Towards understanding and providing assurance about separation

Drozdzewski, Daniel; Baldwin, Adrian; Goldsack, Patrick


Keyword(s): separation; containment; utility computing; HPUX; assurance

Abstract: One of the key aspects of securing a system is to ensure separation and containment between different concerns. This could be between processes and communications within a single machine; through to different applications and network segments in an enterprise to customers in a shared data centre. Containment is generally achieved through a variety of often complex mechanisms making it hard to configure and even harder to assure users that the desired containment relationships are maintained. In this paper we present an approach to assuring users about containment of systems by developing an abstract containment model suitable for many situations. This model then has detail added, through a series of refinements, to become closer to the implementing technologies. We present a refinement for compartments recently added to HPUX. We then show how we can provide assurance reports to users demonstrating that the containment properties in the model are being achieved.

10 Pages

Back to Index

»Technical Reports

» 2009
» 2008
» 2007
» 2006
» 2005
» 2004
» 2003
» 2002
» 2001
» 2000
» 1990 - 1999

Heritage Technical Reports

» Compaq & DEC Technical Reports
» Tandem Technical Reports
Printable version
Privacy statement Using this site means you accept its terms Feedback to HP Labs
© 2009 Hewlett-Packard Development Company, L.P.